www.diariodocentrodomundo.com.br Open in urlscan Pro
2606:4700::6812:170e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Submission: On December 11 via api (December 11th 2021, 6:13:54 am UTC) from GB — Scanned from GB

Summary HTTP 844 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 99 IPs in 13 countries across 90 domains to perform 844 HTTP transactions. The main IP is 2606:4700::6812:170e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.diariodocentrodomundo.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 13th 2021. Valid for: a year.

This is the only time www.diariodocentrodomundo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700::68... 2606:4700::6812:170e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
14	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
4	151.139.244.12 151.139.244.12	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:3f4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 109	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
10	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	23.200.213.172 23.200.213.172	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
8	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
10	146.20.128.139 146.20.128.139	27357 (RACKSPACE) (RACKSPACE)
1 5	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
25	146.20.132.103 146.20.132.103	27357 (RACKSPACE) (RACKSPACE)
7 7	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
33	2600:9000:223... 2600:9000:223e:8000:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	23.200.213.98 23.200.213.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
8	52.58.61.12 52.58.61.12	16509 (AMAZON-02) (AMAZON-02)
7 13	18.196.195.54 18.196.195.54	16509 (AMAZON-02) (AMAZON-02)
17 49	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	75.2.29.42 75.2.29.42	16509 (AMAZON-02) (AMAZON-02)
31	146.20.128.205 146.20.128.205	27357 (RACKSPACE) (RACKSPACE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
5	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
2 12	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:191::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
45	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
26	23.195.248.208 23.195.248.208	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2.22.77.98 2.22.77.98	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.195.249.65 23.195.249.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
61	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
23	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	2600:1f18:612... 2600:1f18:612b:4200:8560:f9d7:993:6d2d	14618 (AMAZON-AES) (AMAZON-AES)
15	52.9.24.155 52.9.24.155	16509 (AMAZON-02) (AMAZON-02)
3	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:612... 2600:1f18:612b:4264:e8c6:2f28:702a:f217	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
6 6	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.194.39.62 54.194.39.62	16509 (AMAZON-02) (AMAZON-02)
1 4	52.19.214.88 52.19.214.88	16509 (AMAZON-02) (AMAZON-02)
9 17	23.195.249.2 23.195.249.2	16625 (AKAMAI-AS) (AKAMAI-AS)
7 11	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2600:9000:223... 2600:9000:223f:6e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4 12	104.96.5.77 104.96.5.77	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
17	52.41.240.77 52.41.240.77	16509 (AMAZON-02) (AMAZON-02)
12	23.195.249.162 23.195.249.162	16625 (AKAMAI-AS) (AKAMAI-AS)
8	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
1	51.75.146.199 51.75.146.199	16276 (OVH) (OVH)
1	34.120.155.137 34.120.155.137	15169 (GOOGLE) (GOOGLE)
1	52.73.153.177 52.73.153.177	14618 (AMAZON-AES) (AMAZON-AES)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2 2	23.23.88.115 23.23.88.115	14618 (AMAZON-AES) (AMAZON-AES)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.179.78.10 35.179.78.10	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6810:a30d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 8	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2620:112:f006... 2620:112:f006:bbbb::12	6336 (TURN-US-ASN) (TURN-US-ASN)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	198.8.71.128 198.8.71.128	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
3 3	2600:9000:223... 2600:9000:223f:b200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
3	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	2600:1f1c:a99... 2600:1f1c:a99:832c:727c:8f29:6f04:aca5	16509 (AMAZON-02) (AMAZON-02)
1 2	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 2	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	35.210.178.101 35.210.178.101	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
4	23.200.212.230 23.200.212.230	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.228.133.61 3.228.133.61	14618 (AMAZON-AES) (AMAZON-AES)
8	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	23.88.75.188 23.88.75.188	24940 (HETZNER-AS) (HETZNER-AS)
1 1	87.98.228.78 87.98.228.78	16276 (OVH) (OVH)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2606:4700:303... 2606:4700:3039::6815:c03b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2 2	35.227.208.19 35.227.208.19	15169 (GOOGLE) (GOOGLE)
1	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
1 1	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	50.19.62.27 50.19.62.27	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	18.196.197.61 18.196.197.61	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.158 38.27.122.158	174 (COGENT-174) (COGENT-174)
1 1	54.159.94.231 54.159.94.231	14618 (AMAZON-AES) (AMAZON-AES)
1	18.235.138.170 18.235.138.170	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:224... 2600:9000:2240:4c00:15:6f6c:b180:93a1	() ()
844	99

26 2606:4700::6812:170e (United States)

ASN13335 (CLOUDFLARENET, US)

www.diariodocentrodomundo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.244.12 (United States)

ASN33438 (HIGHWINDS2, US)

web.webformscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3f4f (United States)

ASN13335 (CLOUDFLARENET, US)

tags.juicebarads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

109 151.101.1.44 (United States) 1 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
impr.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
opps.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.200.213.172 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-213-172.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

diariodocentrodomundo.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.20.128.139 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 146.20.132.103 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:678:cb4:bbbb::11 (United Kingdom) 7 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:9000:223e:8000:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.200.213.98 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-213-98.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.58.61.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.196.195.54 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 172.217.16.130 (United States) 17 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.29.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae6a0aaac8071ff4b.awsglobalaccelerator.com

stg.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 146.20.128.205 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:191::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
640b8f6ac9713c4187d50d6eb844be94.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 23.195.248.208 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-248-208.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.22.77.98 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-77-98.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.195.249.65 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-249-65.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4200:8560:f9d7:993:6d2d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

4cywq-eqnre.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.9.24.155 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-24-155.us-west-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:612b:4264:e8c6:2f28:702a:f217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.218.90.66 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.39.62 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-39-62.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.214.88 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-214-88.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.195.249.2 (Prague, Czech Republic) 9 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-249-2.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.221.13 (Amsterdam, Netherlands) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223f:6e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.96.5.77 (Düsseldorf, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-5-77.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.41.240.77 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-240-77.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.195.249.162 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-249-162.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.199 (France)

ASN16276 (OVH, FR)
PTR: p12.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.153.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-153-177.compute-1.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.23.88.115 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-88-115.compute-1.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.179.78.10 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-78-10.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a30d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.8.71.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.50.137.184 (United States) 3 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:b200:1b:5138:8a40:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.9 (Amsterdam, Netherlands) 3 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f1c:a99:832c:727c:8f29:6f04:aca5 (San Jose, United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.200.212.230 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-212-230.deploy.static.akamaitechnologies.com

aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.133.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-133-61.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.188 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.228.78 (Spain) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c03b (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.208.19 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 19.208.227.35.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.11 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.62.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-62-27.compute-1.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.197.61 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.158 (United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.94.231 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-94-231.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.138.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-138-170.compute-1.amazonaws.com

vast.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:4c00:15:6f6c:b180:93a1 (None, )

ASN- ()

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
134	taboola.com 1 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com sync-t1.taboola.com sync.taboola.com c3.taboola.com impr.taboola.com pips.taboola.com cds.taboola.com opps.taboola.com match.taboola.com am-wf.taboola.com	7 MB
116	googlesyndication.com a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com tpc.googlesyndication.com 640b8f6ac9713c4187d50d6eb844be94.safeframe.googlesyndication.com pagead2.googlesyndication.com b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com	980 KB
94	doubleclick.net 17 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	719 KB
76	lkqd.net ad.lkqd.net v.lkqd.net cs.lkqd.net t.lkqd.net	296 KB
51	pubmatic.com 3 redirects ads.pubmatic.com vpaid.pubmatic.com vid.pubmatic.com image6.pubmatic.com aktrack.pubmatic.com Failed image2.pubmatic.com Failed simage2.pubmatic.com Failed	457 KB
34	disquscdn.com c.disquscdn.com a.disquscdn.com	1 MB
29	adsafeprotected.com 2 redirects fw.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	289 KB
26	diariodocentrodomundo.com.br www.diariodocentrodomundo.com.br	876 KB
21	disqus.com diariodocentrodomundo.disqus.com disqus.com tempest.services.disqus.com referrer.disqus.com links.services.disqus.com	136 KB
19	2mdn.net s0.2mdn.net	243 KB
17	casalemedia.com 9 redirects dsum-sec.casalemedia.com	15 KB
17	twitter.com platform.twitter.com syndication.twitter.com	441 KB
16	rubiconproject.com 4 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	44 KB
15	advertising.com ads.adaptv.advertising.com	8 KB
15	googletagservices.com www.googletagservices.com	444 KB
15	google.com 2 redirects www.google.com adservice.google.com	3 KB
13	moatads.com z.moatads.com geo.moatads.com px.moatads.com	116 KB
13	bidswitch.net 7 redirects x.bidswitch.net	5 KB
13	teads.tv a.teads.tv s8t.teads.tv sync.teads.tv t.teads.tv	136 KB
12	adnxs.com 8 redirects ib.adnxs.com secure.adnxs.com	11 KB
10	vidoomy.com ads.vidoomy.com a.vidoomy.com stg.vidoomy.com	6 KB
9	adsrvr.org match.adsrvr.org	3 KB
9	tremorhub.com 4cywq-eqnre.ads.tremorhub.com taboola-supply-partners.tremorhub.com	2 KB
9	turn.com 7 redirects ad.turn.com r.turn.com	4 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	154 KB
7	yahoo.com 7 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
6	googleapis.com fonts.googleapis.com	4 KB
5	spotxchange.com 2 redirects search.spotxchange.com sync.search.spotxchange.com	5 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	4 KB
5	onesignal.com cdn.onesignal.com onesignal.com	83 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com dis.criteo.com Failed	1 KB
4	google.co.uk www.google.co.uk adservice.google.co.uk	2 KB
4	webformscr.com web.webformscr.com	33 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr idsync.frontend.weborama.fr	722 B
3	twimg.com cdn.syndication.twimg.com pbs.twimg.com	27 KB
3	smartadserver.com ssbsync.smartadserver.com	225 B
3	lijit.com 3 redirects ap.lijit.com	2 KB
3	openx.net rtb.openx.net	478 B
3	smaato.net 3 redirects s.ad.smaato.net	1 KB
3	simpli.fi 3 redirects um.simpli.fi	2 KB
3	emxdgt.com 2 redirects cs.emxdgt.com vast.emxdgt.com	959 B
3	google-analytics.com www.google-analytics.com	20 KB
3	googletagmanager.com www.googletagmanager.com	107 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	3lift.com 2 redirects eb2.3lift.com	946 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1 KB
2	blismedia.com 1 redirects tr.blismedia.com	540 B
2	de17a.com 2 redirects d5p.de17a.com	720 B
2	adform.net 1 redirects c1.adform.net	597 B
2	rfihub.com 1 redirects p.rfihub.com a.rfihub.com	2 KB
2	viglink.com cdn.viglink.com	534 B
2	createjs.com code.createjs.com	125 KB
2	sitescout.com 1 redirects pixel-sync.sitescout.com	454 B
2	facebook.com www.facebook.com	313 B
2	facebook.net connect.facebook.net	113 KB
2	stickyadstv.com ads.stickyadstv.com	2 KB
1	springserve.com vpaid.springserve.com	87 KB
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	bnmla.com match.bnmla.com	114 B
1	deepintent.com match.deepintent.com	44 B
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	463 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	iprom.net core.iprom.net	281 B
1	ad4m.at ad4m.at	915 B
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	326 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	650 B
1	cloudflare.com cdnjs.cloudflare.com	14 KB
1	contextweb.com 1 redirects bh.contextweb.com	598 B
1	everesttech.net 1 redirects sync-tm.everesttech.net	282 B
1	travelaudience.com 1 redirects ads.travelaudience.com	515 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	582 B
1	1rx.io 1 redirects sync.1rx.io	697 B
1	quantserve.com cms.quantserve.com pixel.quantserve.com Failed	463 B
1	dotomi.com dclk-match.dotomi.com pubmatic-match.dotomi.com Failed	104 B
1	crwdcntrl.net id.crwdcntrl.net	348 B
1	rlcdn.com api.rlcdn.com	291 B
1	id5-sync.com id5-sync.com	550 B
1	juicebarads.com tags.juicebarads.com	13 KB
0	audrte.com Failed a.audrte.com Failed
0	zeotap.com Failed mwzeom.zeotap.com Failed
0	semasio.net Failed uipglob.semasio.net Failed
0	fiftyt.com Failed visitor.fiftyt.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	onaudience.com Failed pixel.onaudience.com Failed
0	mathtag.com Failed sync.mathtag.com Failed
844	90

	Domain	Requested by
61	tpc.googlesyndication.com	securepubads.g.doubleclick.net a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.diariodocentrodomundo.com.br b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com ad.doubleclick.net
49	cm.g.doubleclick.net	17 redirects googleads.g.doubleclick.net www.diariodocentrodomundo.com.br a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com ads.pubmatic.com
44	pagead2.googlesyndication.com	securepubads.g.doubleclick.net a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com googleads.g.doubleclick.net www.diariodocentrodomundo.com.br b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
34	images.taboola.com	www.diariodocentrodomundo.com.br
33	c.disquscdn.com	diariodocentrodomundo.disqus.com disqus.com c.disquscdn.com www.diariodocentrodomundo.com.br
31	t.lkqd.net	ad.lkqd.net
26	www.diariodocentrodomundo.com.br	www.diariodocentrodomundo.com.br
25	cs.lkqd.net	ad.lkqd.net
23	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com www.diariodocentrodomundo.com.br
23	cdn.taboola.com	www.diariodocentrodomundo.com.br cdn.taboola.com
23	securepubads.g.doubleclick.net	www.diariodocentrodomundo.com.br securepubads.g.doubleclick.net diariodocentrodomundo.disqus.com a.teads.tv www.googletagservices.com
19	s0.2mdn.net	www.diariodocentrodomundo.com.br s0.2mdn.net a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
17	dt.adsafeprotected.com	a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com www.diariodocentrodomundo.com.br
17	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net
15	ads.adaptv.advertising.com	ad.lkqd.net vpaid.springserve.com
15	www.googletagservices.com	securepubads.g.doubleclick.net a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com www.googletagservices.com b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com fw.adsafeprotected.com s0.2mdn.net
14	platform.twitter.com	www.diariodocentrodomundo.com.br platform.twitter.com
13	vpaid.pubmatic.com	ad.lkqd.net vpaid.springserve.com blank
13	ads.pubmatic.com	diariodocentrodomundo.disqus.com vpaid.pubmatic.com
13	x.bidswitch.net	7 redirects imprammp.taboola.com am-match.taboola.com ads.pubmatic.com
12	www.google.com	2 redirects www.diariodocentrodomundo.com.br securepubads.g.doubleclick.net a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com tpc.googlesyndication.com b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
11	px.moatads.com	www.diariodocentrodomundo.com.br
11	ib.adnxs.com	7 redirects googleads.g.doubleclick.net ads.pubmatic.com
11	googleads.g.doubleclick.net	a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com www.diariodocentrodomundo.com.br b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
10	v.lkqd.net	ad.lkqd.net
10	ad.lkqd.net	www.diariodocentrodomundo.com.br ad.lkqd.net
9	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com ads.pubmatic.com a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
8	image6.pubmatic.com	3 redirects ads.pubmatic.com
8	googleads4.g.doubleclick.net	www.diariodocentrodomundo.com.br ad.doubleclick.net
8	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com imprammp.taboola.com
8	am-vid-events.taboola.com	www.diariodocentrodomundo.com.br vidstat.taboola.com
8	t.teads.tv	www.diariodocentrodomundo.com.br
8	a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	a.vidoomy.com	www.diariodocentrodomundo.com.br ad.lkqd.net
8	disqus.com	diariodocentrodomundo.disqus.com c.disquscdn.com
7	simage2.pubmatic.com	ads.pubmatic.com
7	trc.taboola.com	1 redirects cdn.taboola.com www.diariodocentrodomundo.com.br
7	ad.turn.com	7 redirects ads.pubmatic.com
7	fonts.gstatic.com	fonts.googleapis.com
6	static.adsafeprotected.com	a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com pixel.adsafeprotected.com
6	sync.taboola.com	imprammp.taboola.com am-match.taboola.com
6	ups.analytics.yahoo.com	6 redirects ads.pubmatic.com
6	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
6	fonts.googleapis.com	www.diariodocentrodomundo.com.br a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com tpc.googlesyndication.com
5	vid.pubmatic.com	vpaid.pubmatic.com
5	referrer.disqus.com	www.diariodocentrodomundo.com.br
5	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.diariodocentrodomundo.com.br
4	opps.taboola.com	vidstat.taboola.com
4	aktrack.pubmatic.com	www.diariodocentrodomundo.com.br
4	token.rubiconproject.com	eus.rubiconproject.com
4	secure-assets.rubiconproject.com	4 redirects
4	pixel.adsafeprotected.com	1 redirects a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
4	wf.taboola.com	vidstat.taboola.com
4	am-match.taboola.com	vidstat.taboola.com
4	imprammp.taboola.com	www.diariodocentrodomundo.com.br vidstat.taboola.com
4	15.taboola.com	cdn.taboola.com
4	web.webformscr.com	www.diariodocentrodomundo.com.br web.webformscr.com
3	am-wf.taboola.com	vidstat.taboola.com
3	links.services.disqus.com	c.disquscdn.com www.diariodocentrodomundo.com.br
3	ssbsync.smartadserver.com	a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
3	ap.lijit.com	3 redirects
3	rtb.openx.net	a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
3	s.ad.smaato.net	3 redirects
3	um.simpli.fi	3 redirects ads.pubmatic.com
3	search.spotxchange.com	ad.lkqd.net
3	4cywq-eqnre.ads.tremorhub.com	ad.lkqd.net
3	syndication.twitter.com	platform.twitter.com www.diariodocentrodomundo.com.br
3	onesignal.com	cdn.onesignal.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.co.uk	securepubads.g.doubleclick.net
3	a.teads.tv	tags.juicebarads.com s8t.teads.tv
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	diariodocentrodomundo.disqus.com	www.diariodocentrodomundo.com.br diariodocentrodomundo.disqus.com
3	www.googletagmanager.com	www.diariodocentrodomundo.com.br tags.juicebarads.com www.googletagmanager.com
2	pm.w55c.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	pbs.twimg.com	www.diariodocentrodomundo.com.br
2	a.volvelle.tech	2 redirects
2	eb2.3lift.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects ads.pubmatic.com
2	tr.blismedia.com	1 redirects b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
2	d5p.de17a.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	r.turn.com	www.diariodocentrodomundo.com.br a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
2	cdn.viglink.com	www.diariodocentrodomundo.com.br
2	code.createjs.com	s0.2mdn.net
2	cs.emxdgt.com	2 redirects
2	ad.doubleclick.net	www.googletagservices.com
2	cds.taboola.com	cdn.taboola.com
2	pips.taboola.com	cdn.taboola.com
2	www.gstatic.com	a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
2	c3.taboola.com	www.diariodocentrodomundo.com.br
2	fw.adsafeprotected.com	1 redirects a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
2	b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
2	sync.search.spotxchange.com	2 redirects
2	mug.criteo.com	www.diariodocentrodomundo.com.br
2	gum.criteo.com	1 redirects
2	tempest.services.disqus.com	diariodocentrodomundo.disqus.com
2	pixel-sync.sitescout.com	1 redirects a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com ads.pubmatic.com
2	www.facebook.com	www.diariodocentrodomundo.com.br
2	connect.facebook.net	www.diariodocentrodomundo.com.br connect.facebook.net
2	ads.stickyadstv.com	www.diariodocentrodomundo.com.br ad.lkqd.net
2	cdn.onesignal.com	www.diariodocentrodomundo.com.br cdn.onesignal.com
1	vpaid.springserve.com	ad.lkqd.net
1	vast.emxdgt.com	ad.lkqd.net
1	sync.ipredictive.com	1 redirects
1	match.bnmla.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	rtb.gumgum.com	ads.pubmatic.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	green.erne.co	1 redirects
1	csync.loopme.me	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	cdnjs.cloudflare.com	web.webformscr.com
1	bh.contextweb.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	image2.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
1	ads.travelaudience.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects ads.pubmatic.com
1	cms.quantserve.com	b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	a.rfihub.com	www.diariodocentrodomundo.com.br
1	p.rfihub.com	1 redirects
1	dclk-match.dotomi.com	a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
1	geo.moatads.com	z.moatads.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	a.disquscdn.com	www.diariodocentrodomundo.com.br
1	z.moatads.com	vidstat.taboola.com
1	impr.taboola.com	vidstat.taboola.com
1	640b8f6ac9713c4187d50d6eb844be94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	sync.teads.tv	s8t.teads.tv
1	s8t.teads.tv	a.teads.tv
1	www.google.co.uk	www.diariodocentrodomundo.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	stg.vidoomy.com	www.diariodocentrodomundo.com.br
1	tags.juicebarads.com	www.diariodocentrodomundo.com.br
1	ads.vidoomy.com	www.diariodocentrodomundo.com.br
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	pixel.quantserve.com Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	mwzeom.zeotap.com Failed	ads.pubmatic.com
0	uipglob.semasio.net Failed	ads.pubmatic.com
0	visitor.fiftyt.com Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	pixel.onaudience.com Failed	ads.pubmatic.com
0	sync.mathtag.com Failed	ads.pubmatic.com
0	dis.criteo.com Failed	ads.pubmatic.com
844	161

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
twitter.com
www.facebook.com
homolog.diariodocentrodomundo.com.br
www.youtube.com
www.linkedin.com
www.saude.gov.br
chat.whatsapp.com
t.me
popup.taboola.com
www.dailymail.co.uk
trc.taboola.com
za.investing.com
rfvtgb.richouses.com
equityrelease.royallondon.com
trendscatchers.co.uk
www.lektowoodfuels.co.uk
tracking.dating2cloud.org
partners.etoro.com
telehealthdave.com
secureoyster.com
redir.wargaming.net
www.healthygem.com
www.sleepbo.com
www.ig.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-13` - `2022-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
web.webformscr.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-30` - `2022-01-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
ad.lkqd.net R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-19` - `2021-12-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.iprom.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.gumgum.com Amazon	`2021-10-15` - `2022-11-12`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.springserve.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh

This page contains 115 frames:

Primary Page: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Frame ID: C9A9613F5168DCBE45885C31869FFA79
Requests: 235 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 1D5DF3317FDF1E823161752F8BCD9083
Requests: 4 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: F8ACDD44FA03CECDD676CDB71E18A18A
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: AA418600EE7999EC1841AC305CDA7699
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 5FD6CBD7B88665A91E10D054746068A8
Requests: 6 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: B863679013E8731A4B08DBFFA5544014
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br
Frame ID: DC0F123522E29CF98778870FA7E8E7A1
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 598C4893A457719A06C4DEAE3B5EB30F
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 0CBB8AA8607580A43AD3CD5BAE857991
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 09D3926FD067588ABB009088CEF23158
Requests: 3 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
Frame ID: E624DBCC59B70BD1AA1A0B7F627FA3C2
Requests: 16 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8F88FA48D6BD49BDF606F0320DCD0B3D
Requests: 6 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Frame ID: AF28C89A469F7D8D758D9B4B01D98CF0
Requests: 48 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D
Frame ID: FFD39B59885B5F3F8AAEB6FE0F0C8219
Requests: 17 HTTP requests in this frame

Frame: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 62F1BAF7BDE4B3A24D68EF599BEED5F0
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: FCB1B66058D1A6AA09D9E58692840DD2
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8C8356181A6AA6B810F11F5359D3E78C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Frame ID: D051B36F1C3EDAC8AC055F6B9E009FF7
Requests: 15 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 964A1BA3FB84F76D7F1847E721E2B482
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 699326DB8DA5C29411198DE2410EC163
Requests: 8 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=10DCF2B5E2413085101241524191&cicmp=1337627&cijs=1&dast=V78igCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzEYcWiUCWtFGS02g-FqsFxMJqPdaDFYLCFhFovFaDJbDadgsIXP6e5uQwqaTofPda_X_X53kdNhefpNfo_Lbrr8TX63627y2zV-t11i-csBAAAA4AGAqCUaYse3oT0CAAAAQIJn5FqBIqDi30LgAgAAAAADgEAsXANAnAMBHaab02U2-QMA4EEBBABAACMEwCHrTQQAAABgBAAAAIAEQCCxsATA4W7RBAAgoA8VpGXqBAAA4KBO5mmb5f___z8GIO-9SQaAIm3jxqAH4MEH4EEIAADgYujS4uz52lkmnajAtIgRAAAAgDCJW-nRpE6oLKr-____rQCuAAAC-lBBWsaybk6KWcMAAAAAxhboYfH7zQ67xu922f________-_2f8ZAJrQEwBAmm-d8KMaz8i1wtovIAAA27sBALwJwMUcgB0AAADA3f___38eAAAA1h4l22s1nj3Kep_BFj6nu7t-E7YYrSaTzXI4Wy4mg-FoOBrtTyBnA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnoEMvRXDObKxaDuWK2WiUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
Frame ID: CE9691B8D1B95AEFCAD15AFF695DCB5F
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=84228EC252374251862050303999&cicmp=1337627&cijs=1&dast=V72v0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDiaTIYrDmU12exGk9ViuFosB4PZaLNaLZaQMIvFYjSZrYZTMNjC53R3tyEFTafD57rX636_u8jpsDz9Jr_HZTdd_ia_23U3-e0av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BIM6BgA7Tzekym_wBAPCgAAIAIIARAuCQBScCAAAAMAIAAABAAiCQWFgC4HC3aAIAENCHCtJydQIAAHBQJ_O0zfL___8fA5D33iQDQJG2cWPQA_DgA_AgBAAAcDFEB9z05tQ_PUFUsFrECAAAAECYxK30aFInVBZV_____1YAVwAAAX2oIC1sWTcnxaxhAAAAAGML9LD4_WaHXeN3u-z_________3-z_DABN6AkAIM23TvhRjWfkWmHtFxAAgO3dAADeBOBiDsAOAAAA4O7___8_DwAAAGWPku21Gs8eZb3PYAuf091dvwlbjFaTyWY5nC0Xk8FwNByN9ieQswFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIR5UnUvn8-p8dIjlaK6ZzRWLwVwxW60SAAAAAAAAAMASpsybAAAAAJwGMZtNdrsVN97smSDWarWsAQAAALh1Iwc!&excid=22&tst=1&docw=0&cs=false
Frame ID: 5AA75349D141BEDE642A92B44C9B65BA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDZ-0J4f47LbRcNPzj7X0UYW2kOCJT6SqVB-Ot5coh2smkxAX8YWGFGXNRjD--1iOAAL4rbanyw71GN9BYT2yfi4otKurlQhKxvRvZr3bzJ1nI7rAzbTIUomPKiTnBtTLsK0YI8FG9yw_93A1dTqN1WRlEq5zqj9Iq0uE5AXuq_hB_VKBTRUZwznezHFenP3reePjiW8iGuFgyAwV8lq25_dEj9bR6O2X18YeJ7oIPZqBgf6hHSsuYR-Q6jd-DhJ6eEuQnGDPoUUArlBxBWPwbUmj08Cr1wZug8-II_ueGDh83M9AACUYw4uXETP4nVG8S-Lt_CRbDNjShvxq-oSxF1Vd9_dwpfDlPiH82s6HIyEoG&sig=Cg0ArKJSzCa1vWZOlS_yEAE&uach_m=[UACH]&adurl=
Frame ID: B64C965857FA60C11B7A2928FAE55892
Requests: 8 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=undefined&cb=1639203221987&uv=3076&tms=1639203221987&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=4D2360E97239833529848531671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 5E0F81477DC39277264970ACFC67E742
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 6B37F6D91D200C1A80C5070DCD24C255
Requests: 6 HTTP requests in this frame

Frame: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9628E1087AE946E4005696DA96D8204E
Requests: 32 HTTP requests in this frame

Frame: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E5686262E8879B4F9146E707ED80CE36
Requests: 31 HTTP requests in this frame

Frame: https://640b8f6ac9713c4187d50d6eb844be94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 33521783C8DC799439175ED382EDB1A7
Requests: 1 HTTP requests in this frame

Frame: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8E048AE5A52DF066365E4137796F16F7
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: 9A4EEEDCA5C6EDDB8A3734AFAB5636E0
Requests: 16 HTTP requests in this frame

Frame: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8ABF3AC736C8E3B2514D721313524E27
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjHnd61ATAB&v=APEucNWW0ZzTAp2ZPyeC6B4LDvKtDG4MGQL9N2FdUFO99G4A54ZVPQLDL6heJfrpqPWAxP4Ajp3COoHmonCVgRiEWRy36-iqCQI48I47pnvOJ5yf-Mn5biP23MoFd0AJstvWwIeBpFbXU12edV-xA5sIZk72hpfH225jzMOe2VGdooPop9ddy0M
Frame ID: 2106E1AAA1001DA5B8580B67A9EC9107
Requests: 5 HTTP requests in this frame

Frame: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E6D0139EADC43D966BD994828CCD622C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhje_5K7ATAB&v=APEucNWtGRKKsrTUDlCIP2DPjcfiDwTwqMvA4FvffdLtpK23G8Wzn7nTCwEAAilZJC4HXWVz2WBG41l_wOgeq_ty6oZMN1ulisofBbDrCexjHNIUDbLvYBAn2jDBdjU5dz-zgiPzGeSIoK0BiDrxIGGC0aW_lgSDuCIKIOstAPCR8C1AH3A5-JQ
Frame ID: FA6168F2DA324C8C590FD79D427F637F
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 12860DE178BD6C7D92A29F8EC87BBF89
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjWExDk_jAYwqqkvQEwAQ&v=APEucNWJIpPffGBtKurPIsKPaJCiL0GS-wP5h4P2-TJlQC-qJMjZ-TtN4gP68DgyOjSvRuhsXLWZgusqg9lk2xvljUtRhu1n5UG2T7lBkMPKOCHtkuaZGwEjbqL2jkhGdoV2YKTP0QkB2JUm-qdhIjlXoF79MT18WyEOIfO50FUpAgqr_sUqjuY
Frame ID: F0F4116B33255F12712B014B3DC914E4
Requests: 5 HTTP requests in this frame

Frame: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8C704B00709DCCE1A1A4524F13F8CA1D
Requests: 13 HTTP requests in this frame

Frame: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 65984C4B05AA226E1C217B8A431C7E69
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B15B09A0158D2451C3C5172F368AA35A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: A30842E11D9EA085ACE7AA8F4AAA26CA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E72D6352B2BA7DAC6B481F56E6C0B43C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6199EB6076766CF167551F9A847EFEB7
Requests: 2 HTTP requests in this frame

Frame: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B0604DB3460C3295A73E2FE02FDAAFDB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E0C093A710B9FFF778B001793F534760
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=undefined&cb=1639203223421&uv=3076&tms=1639203223421&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2B618152492382799231451752896&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: B06977366E9F83EFFA8C4405A3CA0898
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D23A5471CB5F2C7681C5AA38C73079B9
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C5278957349807421836187207783%2C%2C
Frame ID: 7EF81C60BA1337B346AC2309F8325907
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhj-iK-9ATAB&v=APEucNUiOi3NdYNslRDxcnxa7BKcKCCIuWkXGgCiQtcrVE44Ek3zc8ykormlwtZfltz__dYdGCiu9YeiWbqT8LZioxQxq2FsSBb-3wRXt4Kr8K4mhm1VHCuyTrO7T3pB3zz8LNO9R6F1Q8SEV-eMqwDh2tnOV7YnNSMCf3Xcbq1ROzZ-rOeXwRc
Frame ID: 347209F043629189DF6D2E27F9AF3F0F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7B10DBA3265BF5DA2151D323882E57E
Requests: 3 HTTP requests in this frame

Frame: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3E03084317EFA38317CB044169B843B7
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 446831082DAC6891B2393B37021F2C1E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D1DAC0D2241DE5584C875876AB43179
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2691227766234564666/728x90/728x90-B.html
Frame ID: 7FFA76EC0E58235E492E3CF270D6E99B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html
Frame ID: 78B2ECC73D60348A32C848376B64202F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1EC335F3A8002CB7BE576284487671EC
Requests: 2 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: EFBC19801C0443CE795622FD5161421F
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: F9FE93D025C57C8E7FC72B50876A1745
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0A74DC8BD8C07ED9DBDE980DB8D1F978
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: FAF4B5BA3A60E6169B7BED89A77E7CB8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 5904BE002536D8E37183B87B19DF25CC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EED2B6B7606FE3349C20072E5D46C7C3
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1C57BAA61653C5281C175657CA4A83D1
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4098D481326F87938EA6ECCCA9CDB4E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html
Frame ID: D8E5C4E4D3BF53B031BA3C57CD47262B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D4C3C494CBC32A1E757FE315F631D198
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C3FAC9B5FA62B32EB253140C065800D5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 072528F8BBA1D11321532DB31C96D46D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D4486598A0E615D67E6C5E52EB310CA4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3714F19AA46B961CB66954CF6046CC41
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA121A8751734A012808086735AB3A50
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
Frame ID: F86DA2AB9A76DCC2579961A1BFAE6908
Requests: 11 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C20272506155278957349807421836%2C%2C
Frame ID: EF05CD44C7E571E574C5F68978809740
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D6677F897C2F9576B1426933DF18C1FF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BC45E5CC2AF5254D1E72E61908821B12
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: C59A2530FE913C21C943203724671F19
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B03C8FA7760C289F2114ABFA43AC5357
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E
Frame ID: 642201BAE24386A115D07CBD23E1C836
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7415519081315808593
Frame ID: 46CED019B4F3CC285A28A1078F82594B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 02A05685C5AD8048103EFA69C856E5A1
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9
Frame ID: 2DABC666B2C6902AAE77B4E6060BF5DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9F6C532AA86B69D1379AFFC59D9B045D
Requests: 13 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: FA153813E0B29B821A6638E28C2517E4
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 5236F3E6A0DAADFE7E1AF4676408701A
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbRBmAALCgAGPAAz&gdpr=0&gdpr_consent=
Frame ID: 3A9E252167D8E51B0B4888C09E502829
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
Frame ID: CA098B2B1E4D8D5D3910CA9B205C9F62
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
Frame ID: D0C6A521E4AFCE85429A7BD8B048B3EC
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 90E82D857800E9FA68AF8EEF4D350467
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7491377CDC96A7B54DC7E1C50778847F
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1A67558930DDA90331B4B7A830812923
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5C468C48EAA33D30A05254575722D57
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13F6B8A8D35AC6B67EAAD1DDC0689F7C
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C731731496375373817416410295%2C%2C
Frame ID: AA2B7A4F75CE158F4158F874A41AC790
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1FE1E8F0AEDF3DAC9B4EAFA721FFDC36
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CR2QDSQDSipCyTGN5xqJZ8IkbqU
Frame ID: 662F8177AD8B2B1BF0A382A4985BB8F5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 754681E087EF08A92B462BD2E5C6AF60
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rxa6YwO0qO4vAM2IMgzaX9m1
Frame ID: 8584B72919D947FE335C92EE7D8A3BBC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: AB76CE267738C6626E21659EDE16F1C3
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 00CA3D8014F3F7F7BC6E145640D0A806
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=718034e3-8936-4546-881a-c434330eb603-tuct8adc716&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 24E77BC6A03FD3713D073915CB2E7810
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 9DF8AC2D7B58AF4997C6C8A8A1E2A457
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1986138870731731496375373817%2C%2C
Frame ID: D67FFB531CF12748A794D3E65431B549
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 555C44FA484CC213D77A8D828CBFD10E
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 29DA05FD6F35D0269CC4722742440171
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: FFF61EDD6D19DD754A22C3A2159CDE7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:PAmdXcfL1MVVDL5&gdpr=0&gdpr_consent=
Frame ID: 338629F5A0B9FE5B35E9D37FFD8E5C6B
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: E21FC538828E15212D5F71C338A5C310
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:140DAD53AA5B465DAF41E2F6DE600022
Frame ID: 4C69BD9DCC3848046F4F896D3B9BDA77
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7598F087378B9DA74F2D4DFE577C2AEB
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 2575BBA6C754088316240794EA8EDB55
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: ADA9AB309B2069F657DB72A521DCAA94
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C33886369503435624201954518190%2C%2C
Frame ID: 1856A5549A1E9D2C0693D06B8A61295D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 09FEB5D1DAE494A2989F4E43D686CCD8
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 6793DA22C6F4BD863C1BAF10885B9E37
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0,1!vidoomy.com,52453,1,1639203230416,,
Frame ID: 06C5ED6ECED39C00E7FC07108F99A576
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 718A8881CBD001BB34C017F15095DEBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Átila diz que invasão hacker foi para "atacar a certidão de vacinação"

Page Statistics

844
Requests

88 %
HTTPS

33 %
IPv6

90
Domains

161
Subdomains

99
IPs

13
Countries

14742 kB
Transfer

33152 kB
Size

99
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/diariodocentrodomundo/

Search URL Search Domain Scan URL

URL: https://twitter.com/dcm_online

Search URL Search Domain Scan URL

URL: https://www.facebook.com/diariodocentrodomundo/

Search URL Search Domain Scan URL

URL: https://homolog.diariodocentrodomundo.com.br/entretenimento/
Title: Entretenimento

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCutrj9cR0cNi2PfiTMGAWrA
Title: Especiais DCM

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Search URL Search Domain Scan URL

URL: https://twitter.com/oatila/status/1469260104990138368?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1469260104990138368%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.brasil247.com%2Fmidia%2Fvandalizaram-o-conectsus-para-atacar-a-certidao-de-vacinacao-diz-atila-iamarino
Title: seu Twitter

Search URL Search Domain Scan URL

URL: https://www.saude.gov.br/
Title: https://www.saude.gov.br/

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/IaQvrb9A4HkHhn7cx4lrnx
Title: clicando neste link

Search URL Search Domain Scan URL

URL: https://t.me/dcm_noticias
Title: clique neste link

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.dailymail.co.uk/femail/article-10246599/Give-woman-life-gift-shell-LOVE-year.html?utm_source=TA_CPC&utm_medium=diariodocentrodomundo&utm_campaign=Gifts+for+Her+-+Gift+Guide&utm_content=3058516556
Title: MailOnline

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariodocentrodomundo&utm_medium=referral&utm_content=thumbs-feed-01-b:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/diariodocentrodomundo/log/3/click?pi=%2Fessencial%2Fatila-hacker-certidao-de-vacinacao&ri=db662c6099d8e9ff3b1be1942652b0ba&sd=v2_2d8a8b382169f7c16345c0aa985536f3_556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714_1639203220_1639203220_CIi3jgYQ1qZDGLjZgMHaLyABKAEwTTin8g1A8YwQSJWL2ANQvLUyWABgAGiApKeijMutlDNwAA&ui=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714&it=text&ii=~~V1~~-313670352714116174~~L28bPHWcxUvlMWFqYfoYVOAHScD9qChBhLwvZvUE0C4ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayi2Ykok9KQ-SW6PEd4PquP3omT6JAb5bXVVrgR29rk3mjTE6vyMvGFWH3lQtoqXBzlqNthT3hrYSGBWq4g7bw9Ew7tOzCPlYfhzKVSNAsUsd&pt=text&li=rbox-t2v&sig=b67949111824b232f385b9c601d5b0e3b4e2c8a546b1&redir=https%3A%2F%2Fwww.dailymail.co.uk%2Ffemail%2Farticle-10246599%2FGive-woman-life-gift-shell-LOVE-year.html%3Futm_source%3DTA_CPC%26utm_medium%3Ddiariodocentrodomundo%26utm_campaign%3DGifts%2Bfor%2BHer%2B-%2BGift%2BGuide%26utm_content%3D3058516556&vi=1639203220664&p=mailonline-sc&r=57&lti=deflated&ppb=CKcD&cpb=EhIyMDIxMTIwOS01LVJFTEVBU0UYtpEeIJz__________wEqGWFtLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCndhdGVyNDAxMDI4gNyRkQxAp_INSPGMEFCVi9gDWLy1MmMI7f__________ARDt__________8BGBNkYwjd__________8BEN3__________wEYI2RjCNwKEKAQGBZkYwjSAxDgBhgIZGMIlhQQmRwYGGRjCMgcEMInGBlkYwj3__________8BEPf__________wEYCWRjCPQUEJ4dGB9keAGAAQKIAYWcxcQB&cta=true
Title: Read More

Search URL Search Domain Scan URL

URL: https://za.investing.com/magazine/celebrities-who-work-a-9-5/?utm_source=taboola&utm_medium=cpm&utm_campaign=14814935&utm_term=diariodocentrodomundo&origin=taboola&tp[click_id]=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCjqVQou-WOg5jFwdzOAQ&tp[site_id]=1102678&tp[site]=diariodocentrodomundo&tp[ts]=2021-12-11+06%3A13%3A40&tp[campaign_id]=14814935&tp[ad_id]=3057820920&tp[cpc]=0.0873&im_dars=1x100_3x101_5x505_7x208#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCjqVQou-WOg5jFwdzOAQ
Title: investing.com

Search URL Search Domain Scan URL

URL: https://rfvtgb.richouses.com/worldwide/lifesa-ta?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-rh-lifesa-nc0-des-uk-ag-22111d&utm_term=diariodocentrodomundo&utm_bid=Vs4WwjpWQiwkNxeZ90SdcBqk3e2dRQDPHtYzhybt-LU=
Title: Rich Houses

Search URL Search Domain Scan URL

URL: https://equityrelease.royallondon.com/er1/?utm_source=TB&utm_medium=royal-1&utm_term=rll-rldn-native-tb-2021-desktop-wrong-2&tblci=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCk3lEoo6-H9-zAztFz#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCk3lEoo6-H9-zAztFz
Title: Royal London

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariodocentrodomundo&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Patrocinado

Search URL Search Domain Scan URL

URL: http://trendscatchers.co.uk/index.php/en/2020/07/09/prince-harry-claims-that-meghan-markle-might-not-be-the-one-2/?utm_source=tab-7498448&utm_medium=1102678
Title: Trendscatchers

Search URL Search Domain Scan URL

URL: https://www.lektowoodfuels.co.uk/blogs/news/the-benefits-of-using-lekto-night-briquettes?utm_source=taboola&utm_medium=referral&tblci=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yDg7VYoi-u3y7W05rqYAQ#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yDg7VYoi-u3y7W05rqYAQ
Title: Lekto Woodfuels

Search URL Search Domain Scan URL

URL: https://tracking.dating2cloud.org/42bab645-a991-4ee8-8708-1ffec05df559?site=diariodocentrodomundo&site_id=1102678&title=Take+a+Look+at+These+Handsome+Single+Guys+from+Hatfield&platform=Desktop&campaign_id=6768222&campaign_item_id=2952149714&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F98bea1c4b686b6bc9976377761c50ffd.png&afid=1724131020&lp=LP&click_id=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yD-oUQo5IHtjoXmuuko&tblci=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yD-oUQo5IHtjoXmuuko#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yD-oUQo5IHtjoXmuuko
Title: Dating.com

Search URL Search Domain Scan URL

URL: https://partners.etoro.com/aw.aspx?A=45729&Task=Click&SubAffiliateID=UK_HF_Desk_LP_Crypto_Ethereum_05-05-21_Taboola_AFFID_45729&TargetURL=https://go.etoro.com/en/dynamic?symbol=eth&utm_source=taboola&utm_medium=referral&tblci=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCY_Ego57nl8IqwoZlO#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCY_Ego57nl8IqwoZlO
Title: eToroAdvertisement

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/diariodocentrodomundo/log/3/click?pi=%2Fessencial%2Fatila-hacker-certidao-de-vacinacao&ri=acd7f41e604419146a06818471732f91&sd=v2_2d8a8b382169f7c16345c0aa985536f3_556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714_1639203220_1639203220_CIi3jgYQ1qZDGLjZgMHaLyABKAEwTTin8g1A8YwQSJWL2ANQvLUyWABgAGiApKeijMutlDNwAA&ui=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714&it=text&ii=~~V1~~3535355010717655575~~7krYuRSwTDSwVqVXL0y9nVsaWRTK8qetUapPLRVCeGXTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1l4BhVWu1Dsh65N_xRLXJJdCVePkSDvpXJ2CTyivM3XECBUvKq_n-d7w24kEDDMrNuDI--HnrwqMFTIH2yw1dh3jcvd5z9FdLxED4x8ijqOrP3Dv_ToPt2vF-j-ZdrtfzFHIOegssoOiDith4ai9BHrB4CIEIhqYcWT_UQEW27uemX0nUjQ5pQd1whpNs8Kbo8&pt=text&li=rbox-t2v&sig=1c06e3975ff63e209dd67689142bd4d1414c8c817a45&redir=https%3A%2F%2Fpartners.etoro.com%2Faw.aspx%3FA%3D45729%26Task%3DClick%26SubAffiliateID%3DUK_HF_Desk_LP_Crypto_Ethereum_05-05-21_Taboola_AFFID_45729%26TargetURL%3Dhttps%3A%2F%2Fgo.etoro.com%2Fen%2Fdynamic%3Fsymbol%3Deth%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCY_Ego57nl8IqwoZlO%23tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCY_Ego57nl8IqwoZlO&vi=1639203220664&p=etoronew-sc&r=74&lti=deflated&ppb=CIMC&cpb=EhIyMDIxMTIwOS01LVJFTEVBU0UYtpEeIJz__________wEqGWFtLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCndhdGVyNDAxMDI4gNyRkQxAp_INSPGMEFCVi9gDWLy1MmMI7f__________ARDt__________8BGBNkYwjd__________8BEN3__________wEYI2RjCNwKEKAQGBZkYwjSAxDgBhgIZGMIlhQQmRwYGGRjCMgcEMInGBlkYwj3__________8BEPf__________wEYCWRjCPQUEJ4dGB9keAGAAQKIAYWcxcQB&cta=true
Title: Click Here

Search URL Search Domain Scan URL

URL: https://telehealthdave.com/motivation/these-famous-couples-prove-that-true-love-lasts-naga-tab?utm_source=taboola&utm_medium=diariodocentrodomundo&utm_campaign=13967148&utm_term=Take+A+Deep+Breath+Before+You+See+Who+Naga+Munchetty+Is+Married+To&utm_content=https%3A%2F%2Fwww.hellomagazine.com%2Fimagenes%2Fcuisine%2F20210804118968%2Fbbc-breakfast-naga-munchetty-hints-unexpected-eating-habits%2F0-575-612%2Fnaga-munchetty-t.jpg&ts=2021-12-11+06%3A13%3A40&tbv=sBQO83kS0Q9UHSXjrOBO0O0tbRjQ6dlq5R7CML-S5DQ=&pcl=1&br=1
Title: Tele Health Dave

Search URL Search Domain Scan URL

URL: https://secureoyster.com/?a=19&c=58&s2=diariodocentrodomundo&s3=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCQ-Uwo5P255JuTl5jAAQ&s5=3049470656&s1=TB_AMK_DESK_0621&tblci=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCQ-Uwo5P255JuTl5jAAQ#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCQ-Uwo5P255JuTl5jAAQ
Title: AMK Legal

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/diariodocentrodomundo/log/3/click?pi=%2Fessencial%2Fatila-hacker-certidao-de-vacinacao&ri=7244d502e8b58515f853fd2f7b5adf2d&sd=v2_2d8a8b382169f7c16345c0aa985536f3_556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714_1639203220_1639203220_CIi3jgYQ1qZDGLjZgMHaLyABKAEwTTin8g1A8YwQSJWL2ANQvLUyWABgAGiApKeijMutlDNwAA&ui=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714&it=text&ii=~~V1~~-2207676950572950539~~ozAeTjIDUd7EGUD-2z1AUvJi5a0STAT_Sf1dLRR2zdkndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5v3KZnUas0Sb2xPlF_5OFwYj42l3EreuG6tqnY4wJzPv0C0O4dfyOSsXxhcObuEd5WYws5DOcOwvw8hEkxwMPrKuuCjRtXZPeoeLtLg6rdlFCMcP4P__QHMCdixc5i0ARRMiMsWt_J59zH-ihmwYd_g&pt=text&li=rbox-t2v&sig=74da450ce91c6ad009ee77852ba40fa527e685a2e9e3&redir=https%3A%2F%2Fsecureoyster.com%2F%3Fa%3D19%26c%3D58%26s2%3Ddiariodocentrodomundo%26s3%3DGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCQ-Uwo5P255JuTl5jAAQ%26s5%3D3049470656%26s1%3DTB_AMK_DESK_0621%26tblci%3DGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCQ-Uwo5P255JuTl5jAAQ%23tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCQ-Uwo5P255JuTl5jAAQ&vi=1639203220664&p=digitaloyster-goodwinbarrett-sc&r=52&lti=deflated&ppb=CKYC&cpb=EhIyMDIxMTIwOS01LVJFTEVBU0UYtpEeIJz__________wEqGWFtLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCndhdGVyNDAxMDI4gNyRkQxAp_INSPGMEFCVi9gDWLy1MmMI7f__________ARDt__________8BGBNkYwjd__________8BEN3__________wEYI2RjCNwKEKAQGBZkYwjSAxDgBhgIZGMIlhQQmRwYGGRjCMgcEMInGBlkYwj3__________8BEPf__________wEYCWRjCPQUEJ4dGB9keAGAAQKIAYWcxcQB&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://redir.wargaming.net/ptfd2m9l/?pub_id=FOSPOR-38730+-+WOT+UK+EVEG+21+-+New+Gameplay+Assets+DSK+-+SC&xid=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yDBt1Eokq3lhurfsaLHAQ&tblci=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yDBt1Eokq3lhurfsaLHAQ#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yDBt1Eokq3lhurfsaLHAQ
Title: World of TankAdvertisement

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/diariodocentrodomundo/log/3/click?pi=%2Fessencial%2Fatila-hacker-certidao-de-vacinacao&ri=cd6dc59d81a676470eb53e2d609023b2&sd=v2_2d8a8b382169f7c16345c0aa985536f3_556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714_1639203220_1639203220_CIi3jgYQ1qZDGLjZgMHaLyABKAEwTTin8g1A8YwQSJWL2ANQvLUyWABgAGiApKeijMutlDNwAA&ui=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714&it=text&ii=~~V1~~-1509706726260852245~~z6llRDCzgURcKPkuJwdd7xVpm7fCdEbsXzICIo7kxUnTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKWZbCvTp9oh4OCQlbjcnArfD_YRAxa4qYW85e3onLr9Rt6uDNwAcSz3e6ODYC4UoE2sd4FFygHHBq_QzWJx_DUwGkbwRvyhsN72QhVcSCCbpfSdSNDmlB3XCGk2zwpujw&pt=text&li=rbox-t2v&sig=3173b9eb7f54cfd0ce8d76fa2b7b5ea4604bfe62367e&redir=https%3A%2F%2Fredir.wargaming.net%2Fptfd2m9l%2F%3Fpub_id%3DFOSPOR-38730%2B-%2BWOT%2BUK%2BEVEG%2B21%2B-%2BNew%2BGameplay%2BAssets%2BDSK%2B-%2BSC%26xid%3DGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yDBt1Eokq3lhurfsaLHAQ%26tblci%3DGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yDBt1Eokq3lhurfsaLHAQ%23tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yDBt1Eokq3lhurfsaLHAQ&vi=1639203220664&p=wargamingfr-wotuk-sc&r=59&lti=deflated&ppb=CM0D&cpb=EhIyMDIxMTIwOS01LVJFTEVBU0UYtpEeIJz__________wEqGWFtLnRhYm9vbGFzeW5kaWNhdGlvbi5jb20yCndhdGVyNDAxMDI4gNyRkQxAp_INSPGMEFCVi9gDWLy1MmMI7f__________ARDt__________8BGBNkYwjd__________8BEN3__________wEYI2RjCNwKEKAQGBZkYwjSAxDgBhgIZGMIlhQQmRwYGGRjCMgcEMInGBlkYwj3__________8BEPf__________wEYCWRjCPQUEJ4dGB9keAGAAQKIAYWcxcQB&cta=true
Title: Install Now

Search URL Search Domain Scan URL

URL: https://www.healthygem.com/nutrition/heart-healthy-superfoods/?utm_source=tb&utm_medium=diariodocentrodomundo-tb&utm_content=2999036761&utm_campaign=10440937-tb&utm_cpc=Hb3dBj-fVOQllhLS0UW2zhBoqTCATAGCfTHDfmdpK1k=&tblci=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yD7vUYo6d2jzfWM7_fDAQ
Title: HealthyGem

Search URL Search Domain Scan URL

URL: https://www.sleepbo.com/lp/millions-are-finding-relief-from-cold-feet-with-this-new-technology-tb?uid=525&oid=18&affid=2&utm_source=taboola&utm_medium=cpc&utm_campaign=SC_KOMFIES_LP1_DSK&utm_content=3056958994&utm_term=diariodocentrodomundo&click-id=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCWyEso46PB-LCphrdS&sub1=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCWyEso46PB-LCphrdS&tblci=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCWyEso46PB-LCphrdS#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCWyEso46PB-LCphrdS
Title: Kuddly

Search URL Search Domain Scan URL

URL: https://www.ig.com.br/
Title: IG ÚLTIMO SEGUNDO

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=diariodocentrodomundo&utm_medium=referral&utm_content=blend-next-up-a:Next%20Up:
Title: Sponsorisé

Search URL Search Domain Scan URL

URL: https://za.investing.com/magazine/celebrities-who-work-a-9-5/?utm_source=taboola&utm_medium=cpm&utm_campaign=14814935&utm_term=diariodocentrodomundo&origin=taboola&tp[click_id]=GiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCjqVQoqY_jrojZgaFY&tp[site_id]=1102678&tp[site]=diariodocentrodomundo&tp[ts]=2021-12-11+06%3A13%3A40&tp[campaign_id]=14814935&tp[ad_id]=3057820920&tp[cpc]=0.0873&im_dars=1x100_3x101_5x505_7x208#tblciGiDIs_PMNVhD5jgMeuRupi2NoFpiBdNxGJDKj3-wfhZo-yCjqVQoqY_jrojZgaFY
Title: investing.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2884445466486619730

Request Chain 58

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538

Request Chain 64

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1639203220561&ns_c=UTF-8&cv=3.5&c8=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&c7=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639203220561&ns_c=UTF-8&cv=3.5&c8=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&c7=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&c9=

Request Chain 71

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 72

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=367887421.580868961673092238.3775233 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=367887421.580868961673092238.3775233 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=f79c069f-7553-4c5a-aac1-fc1df8bda7c6&google_hm=Zjc5YzA2OWYtNzU1My00YzVhLWFhYzEtZmMxZGY4YmRhN2M2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=f79c069f-7553-4c5a-aac1-fc1df8bda7c6&google_hm=Zjc5YzA2OWYtNzU1My00YzVhLWFhYzEtZmMxZGY4YmRhN2M2&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEF7MWBdkCM3fl_fxGWsJvrE&google_cver=1&ssp=vidoomy&bsw_param=f79c069f-7553-4c5a-aac1-fc1df8bda7c6 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f79c069f-7553-4c5a-aac1-fc1df8bda7c6

Request Chain 74

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2bdfb6348d15a8807c3330ed9eff31&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=h803a_7040324225692894405 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MmJkZmI2MzQ4ZDE1YTg4MDdjMzMzMGVkOWVmZjMx&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEL_s9sbWPFG43aEqPu9hpNc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=527b78df-fa9f-47e4-9d24-91f4d3763c41 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/2bdfb6348d15a8807c3330ed9eff31?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-qCjsm71E2oMA4QCg19Rzhx1UJyj6hL0DacSqXWZj~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3404206974503617722 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=e0ae61b4-4196-4700-a0e4-b2c93d47c88e&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4835395960989745577 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YbRBmAALCgAGPAAz HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YbRBmAALCgAGPAAz&_test=YbRBmAALCgAGPAAz

Request Chain 166

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538

Request Chain 176

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&domain=www.diariodocentrodomundo.com.br&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=G49KhXx1MGJOYm9hZVNRVHhYVElKL1ZINHlSa0FMa3FqdlFEMWdITjUzMU1uSldCc2tVL3VLRnBnMkh3ejI0MkxaVTllMW5Yc3dQZkRVN1RjVUsrb0tEL3FzSFNkalBQY1MrejZWMkNhaHArUVJwUXdDZHNpQmhYZ1NhRkdFamN4WXk5RVZaWkxhSFVST1Rac2FBOVlLOHRkbUdleG5aMlExVzRzb1dSZm81Q0srZTlBWXlHQjY5dWFIenBwZk9ySFZNdzNXRERhNEpDL0Zab1ZEcXFFN0d6eEpPYW9mTHRORThKbnluNUNsZUYxRi9CMmF0RHVNS1pOeHdTT0tST2pva1ZLfA&cppv=2

Request Chain 249

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7d2865bc-5a49-11ec-aef5-1d66682b0006&orig=video&us_privacy=1---gdpr=1&

Request Chain 251

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A

Request Chain 254

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7d2865bc-5a49-11ec-aef5-1d66682b0006&orig=video&us_privacy=1---gdpr=1&

Request Chain 256

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A

Request Chain 318

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1&C=1

Request Chain 319

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbRBlpqpoyN6UDzphB.I9QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEKSfjTEdmXtkvBk2SHyJks&google_cver=1

Request Chain 321

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

Request Chain 322

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1&C=1

Request Chain 323

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbRBlpqpoyN6UDzphB.I9QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEKSfjTEdmXtkvBk2SHyJks&google_cver=1

Request Chain 325

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

Request Chain 329

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A

Request Chain 339

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/829650/57301878/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:819cbadb-fd53-9bd0-35dd-37e3ec439e08,c:wsWTbb,sl:outOfView,em:true,fr:false,thd:1,mn:app22ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o*.829650-57301878%7C1o1%7C1p1%7C1q%7C1r%7C1s%7C1t%7C1u,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:7d5dbbfb-5a49-11ec-9a5a-06da572054ee,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

Request Chain 341

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 342

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1

Request Chain 343

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbRBlpqpoyN6UDzphB.I9QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2

Request Chain 344

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK_WdWOht4M-ejFxKNhvcbI&google_cver=1

Request Chain 345

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

Request Chain 426

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2VteGRpZ2l0YWxydGItbmV0d29yay8xL3J0Yi1oLz90YWJvb2xhX2htPSRFTVhVSUQ= HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=3404206974503617722&redirect=https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2VteGRpZ2l0YWxydGItbmV0d29yay8xL3J0Yi1oLz90YWJvb2xhX2htPSRFTVhVSUQ= HTTP 302
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3404206974503617722brt66781639203223984226ba

Request Chain 430

https://ups.analytics.yahoo.com/ups/58533/occ HTTP 302
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A

Request Chain 446

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 447

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 451

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1

Request Chain 452

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbRBlq0t.NalDpfGx2tW2wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2

Request Chain 453

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK_WdWOht4M-ejFxKNhvcbI&google_cver=1

Request Chain 454

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

Request Chain 529

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN6-dB2LE7v_cguRwdPSpMs&google_cver=1&google_push=AYg5qPLh1lis2TmSO7b8oLFq5WCyJUHqwtO3d-t4fNh3SQ4bN85_6-ZA4pHWlY4aOUl72C_uQVhHlgb18B4RNbopQtSdMxnqAYfepg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEwMDYxODI0ODYwMDQwMzUzOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDgrB6Qgwp4I-9aYv_6q5MM&google_cver=1

Request Chain 531

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESELygIyZyAM5yNzz8SjPdCgo&google_cver=1&google_push=AYg5qPLxquGJYH-YWwZRDv2yJWDaGc-ao0xKMiBVkK4UT93ikPkToBUmtDwlzbC8k2fvB6fHKXOcWkGl4M8I0wCQNZw5yZ5-15jn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLxquGJYH-YWwZRDv2yJWDaGc-ao0xKMiBVkK4UT93ikPkToBUmtDwlzbC8k2fvB6fHKXOcWkGl4M8I0wCQNZw5yZ5-15jn&google_hm=NTY3NzQ5ODU1MTYxMzMxMzkyNw== HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 532

https://um.simpli.fi/gp_match?google_gid=CAESELPW4pF3v525GNI1sh7P70k&google_cver=1&google_push=AYg5qPIg0KsohBGwdGY08DiF1I1xhKftFmTz6DzIyLU0LlTZoDu4D9WyRkRigG28DUtutCUqFWPm8LNqpbEbwj1WeK5YI0-hZCW-UA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=140DAD53AA5B465DAF41E2F6DE600022&google_push=AYg5qPIg0KsohBGwdGY08DiF1I1xhKftFmTz6DzIyLU0LlTZoDu4D9WyRkRigG28DUtutCUqFWPm8LNqpbEbwj1WeK5YI0-hZCW-UA

Request Chain 533

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA8DB71sliVegBRYIus7iwE&google_cver=1&google_push=AYg5qPIKxvxDWuoLTATOQEZM8P_esI2cBt-2c3RHKnGbaF3SsBNcjCG3AuzVozgJl--YblogbehROmWYy4OqfOBPZuleFOYDAcxrqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIKxvxDWuoLTATOQEZM8P_esI2cBt-2c3RHKnGbaF3SsBNcjCG3AuzVozgJl--YblogbehROmWYy4OqfOBPZuleFOYDAcxrqA&google_hm=95wGn3VTTFqqwfwd-L2nxg==

Request Chain 534

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENZssFncgn0sDOMPe29FZhU&google_cver=1&google_push=AYg5qPKUGFQmWQ0PSnMjDX70vBlK1ONAwSKKpDkAEZp8NFhdKkil9Oeg7B--6omk8FFysywmjj8olEv22I5qfUg-lUS6QPQPJwEnGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgzNTM5NTk2MDk4OTc0NTU3Nw&google_push=AYg5qPKUGFQmWQ0PSnMjDX70vBlK1ONAwSKKpDkAEZp8NFhdKkil9Oeg7B--6omk8FFysywmjj8olEv22I5qfUg-lUS6QPQPJwEnGQ

Request Chain 535

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBUm7v5zhVubpfUkEbBqNRg&google_cver=1&google_push=AYg5qPIufhIxNEBCFECBhmfGQZYH8MX52pgXbJw-zSqbgR4K5klseoWxq8-SnP35LjnNU_n3xuZ0UgWg6vEQ_353eyzv_MIDRtwYmw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIufhIxNEBCFECBhmfGQZYH8MX52pgXbJw-zSqbgR4K5klseoWxq8-SnP35LjnNU_n3xuZ0UgWg6vEQ_353eyzv_MIDRtwYmw

Request Chain 540

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 542

https://d5p.de17a.com/cookies/google?google_gid=CAESEBuGmWgC_2UGassfWAmo5eU&google_cver=1&google_push=AYg5qPImQ7TEoRpf_IOgiKFwqvI8aM0gnA7V8yXzq4MhjufwPGXmvz0i2eCAmfdsPeolUByrsJdgNWNMN_vYI8PBRwbEVFxqGWQ HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBuGmWgC_2UGassfWAmo5eU&google_cver=1&google_push=AYg5qPImQ7TEoRpf_IOgiKFwqvI8aM0gnA7V8yXzq4MhjufwPGXmvz0i2eCAmfdsPeolUByrsJdgNWNMN_vYI8PBRwbEVFxqGWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPImQ7TEoRpf_IOgiKFwqvI8aM0gnA7V8yXzq4MhjufwPGXmvz0i2eCAmfdsPeolUByrsJdgNWNMN_vYI8PBRwbEVFxqGWQ

Request Chain 544

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIMwpgc1K0Fb5xEog3lH1HI&google_cver=1&google_push=AYg5qPLT1hsySUbj5WrkYE979DfHzjD7v_th_YFzafg1BRO73wLdn07ZONKPrdVn5_43BM_6Qh694TxVp_5gJf1r8fyARaxVIyyX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLT1hsySUbj5WrkYE979DfHzjD7v_th_YFzafg1BRO73wLdn07ZONKPrdVn5_43BM_6Qh694TxVp_5gJf1r8fyARaxVIyyX

Request Chain 545

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMlhQnNDw1SR61fbooOs1Wo&google_cver=1&google_push=AYg5qPLgWMN9BLEWvpgGB6EoVfUTv622w_1LrljJDd_xEUJ8TjoWmatYXtKQiinebZDcFgYsS5PLMC10zTGHiKP2TZcoHYtpHJ31 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMlhQnNDw1SR61fbooOs1Wo&google_cver=1&google_push=AYg5qPLgWMN9BLEWvpgGB6EoVfUTv622w_1LrljJDd_xEUJ8TjoWmatYXtKQiinebZDcFgYsS5PLMC10zTGHiKP2TZcoHYtpHJ31&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLgWMN9BLEWvpgGB6EoVfUTv622w_1LrljJDd_xEUJ8TjoWmatYXtKQiinebZDcFgYsS5PLMC10zTGHiKP2TZcoHYtpHJ31&google_hm=ef1e6f44f3bfd60d999717d5

Request Chain 546

https://onetag-sys.com/sync/i,19/?google_gid=CAESEITJ6muP5_dktf6-YbzwnRQ&google_cver=1&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL

Request Chain 561

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s&google_cver=1&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s

Request Chain 562

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBUm7v5zhVubpfUkEbBqNRg&google_cver=1&google_push=AYg5qPI8QYQiwQBTC7pyt04QNhFDSeuJfw388uga4W4QOl4GSZeyZWWQDGWgl5d_XUAzUD2T7YImT0scE4adJsf-kFgnxoE5iG-yNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI8QYQiwQBTC7pyt04QNhFDSeuJfw388uga4W4QOl4GSZeyZWWQDGWgl5d_XUAzUD2T7YImT0scE4adJsf-kFgnxoE5iG-yNg

Request Chain 563

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE3suxgJOgC6aZFuTwC4QWU&google_cver=1&google_push=AYg5qPL2E6NAv0WbOiPV_C1gF2FeHAno2pqx-pQKd-z6JvK0RIH7tlvo3FzPjb6A-X17NU1b5z3skvjIo-g0SFt4JYAX7TzIKQYN HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-431d7272-a3bd-4ace-a388-665ef4e9a503-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPL2E6NAv0WbOiPV_C1gF2FeHAno2pqx-pQKd-z6JvK0RIH7tlvo3FzPjb6A-X17NU1b5z3skvjIo-g0SFt4JYAX7TzIKQYN%26google_hm%3DA0MdcnKjvUrOo4hmXvTppQM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL2E6NAv0WbOiPV_C1gF2FeHAno2pqx-pQKd-z6JvK0RIH7tlvo3FzPjb6A-X17NU1b5z3skvjIo-g0SFt4JYAX7TzIKQYN&google_hm=A0MdcnKjvUrOo4hmXvTppQM

Request Chain 568

https://pixel.adsafeprotected.com/rfw/st/878020/58502531/skeleton.js?adsafe_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8000db06-ed7f-f805-dee5-99893651b3cf,c:wsWTJa,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-74998c487d-5767g,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:736,fm:sRglG5w+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n*.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:775,oid:7d5e3085-5a49-11ec-b32d-1a6ea142226b,v:19.8.273,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 572

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKXw8NowUblSvU_30vSvSeU&google_cver=1&google_push=AYg5qPKyocLE2HuxQPl_hJ0agBBntW6SIe8Db07jkqEMVNsmHI9jDlUrxXCNqIpHAtWS4gFpx58WFBZ6zIiCyNQi9gI1M02IUzk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEwMDYxODI0ODYwMDQwMzUzOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDgrB6Qgwp4I-9aYv_6q5MM&google_cver=1

Request Chain 574

https://ads.travelaudience.com/google_pixel?google_gid=CAESELEuM8yCxnYj2Xwbqs3fVyc&google_cver=1&google_push=AYg5qPK_BNaqIvsla1hsagndEnepBOeG9OCtgobemRi5cwvH6s9ifBs0DVHBIovOB_H7MkAooQhpbkAmbxt3IkCX9me0W6iI-Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cz4UC5p1QsuDAVTVFLJ1Hg2&google_push=AYg5qPK_BNaqIvsla1hsagndEnepBOeG9OCtgobemRi5cwvH6s9ifBs0DVHBIovOB_H7MkAooQhpbkAmbxt3IkCX9me0W6iI-Q

Request Chain 575

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHwuGp5SE9FjXGCkSk-5aWg&google_cver=1&google_push=AYg5qPI-vh_5tO4qUVnXpCsgZdoIOiWRPjUwg1fE6RxcYY3AKzB-kQf6r5Ugqt8If7WNywX2tSKIaxvM0oez4yp5fdhGeaqOums HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI-vh_5tO4qUVnXpCsgZdoIOiWRPjUwg1fE6RxcYY3AKzB-kQf6r5Ugqt8If7WNywX2tSKIaxvM0oez4yp5fdhGeaqOums&google_hm=NTUyNjUzNzAyMjQ0Njc3MjQ3MQ%3D%3D

Request Chain 577

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELs9EQQ5jEgAm7hUVq10Yik&google_cver=1&google_push=AYg5qPIfEF2Dj8d0T6jgO0vUR9Tuy0tkMdO3yp9fWIXwT6g-sHSxveLy2G6EdwNARwQxoQBpMouhSG-l_9IcB3vThj_OF60uoYg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIfEF2Dj8d0T6jgO0vUR9Tuy0tkMdO3yp9fWIXwT6g-sHSxveLy2G6EdwNARwQxoQBpMouhSG-l_9IcB3vThj_OF60uoYg&google_hm=ef1e6f44f3bfd60d999717d5

Request Chain 578

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMp9oudwUNWFgVU48BxfbEI&google_cver=1&google_push=AYg5qPILJEMLJyhSvjxL-YiEs7byufBuyoH8RVxASDpVuO9O3MfOwViSpWsXrVMEeE-ZYs1K3D1usmSdpzSpM4wR2ISmNjLSRqI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPILJEMLJyhSvjxL-YiEs7byufBuyoH8RVxASDpVuO9O3MfOwViSpWsXrVMEeE-ZYs1K3D1usmSdpzSpM4wR2ISmNjLSRqI

Request Chain 580

https://um.simpli.fi/gp_match?google_gid=CAESEBsL0wjt9aGnFmE7vETTFgI&google_cver=1&google_push=AYg5qPJVT5I4Qu6rntcuT0oF6OJ54YsO-FZDMmHDri2Mi1hj5N-bfYFluZJkloiFEnJP78nXPQLlij25l-2MJr_NMCUdC8rA6xBTGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=140DAD53AA5B465DAF41E2F6DE600022&google_push=AYg5qPJVT5I4Qu6rntcuT0oF6OJ54YsO-FZDMmHDri2Mi1hj5N-bfYFluZJkloiFEnJP78nXPQLlij25l-2MJr_NMCUdC8rA6xBTGg

Request Chain 581

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP_-Cpiu69jtcHvjwbevFwE&google_cver=1&google_push=AYg5qPKAnyEnIs87Kjt6mbHFs9YjBr04HenSzeMnzs1Ov5YmdryVP6Zu9ninn1QbhbT2NZd6wiyyiGWjVHBkCZZQfKI6vHxrlzZgwQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPKAnyEnIs87Kjt6mbHFs9YjBr04HenSzeMnzs1Ov5YmdryVP6Zu9ninn1QbhbT2NZd6wiyyiGWjVHBkCZZQfKI6vHxrlzZgwQ&google_hm=hmG0QZj9DoJRPuWitQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61B44198FD0E82513EE5A2B5BLIS

Request Chain 582

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMa0aObi3j-AgNZyJTDS5fg&google_cver=1&google_push=AYg5qPIIiiKqM9ivdJ7MOyZuTzii2X5zyYYZt1nXdd3i2YfslDpVpTzI_ddu6uXLglpJcUHGTBCA51W2HpSgrnugZWKNSkDpitgs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDMyNDI0Mjg3NDQ5NzE3MQ%3D%3D&google_push=AYg5qPIIiiKqM9ivdJ7MOyZuTzii2X5zyYYZt1nXdd3i2YfslDpVpTzI_ddu6uXLglpJcUHGTBCA51W2HpSgrnugZWKNSkDpitgs

Request Chain 583

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJmpjq8XtkCWgYXDzOt_Lcw&google_cver=1&google_push=AYg5qPJkaynyQCSqAl8PHconhK3t-PXi1EAVxe4ah-21_sNolEcJASbLl3GND184v9OQEHLSkZc3FLO9Tf-JK4nS1r0muF3LVnlzOg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJkaynyQCSqAl8PHconhK3t-PXi1EAVxe4ah-21_sNolEcJASbLl3GND184v9OQEHLSkZc3FLO9Tf-JK4nS1r0muF3LVnlzOg&google_hm=95wGn3VTTFqqwfwd-L2nxg==

Request Chain 585

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED9AOOtzVMXv2fi5Hf732BE&google_cver=1&google_push=AYg5qPKwwG_KdoXEJGdDm9zYfxqvIC1gcnnfv9q4E9Kk-RMhAlq6-I-bpga8bTgpIU8C489t0li32bgII1FPtyry_TMUChFnGTUklg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKwwG_KdoXEJGdDm9zYfxqvIC1gcnnfv9q4E9Kk-RMhAlq6-I-bpga8bTgpIU8C489t0li32bgII1FPtyry_TMUChFnGTUklg&google_gid=CAESED9AOOtzVMXv2fi5Hf732BE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1ODc0NzgwMzQ1MzYyMTUzNjA%3D&google_push=AYg5qPKwwG_KdoXEJGdDm9zYfxqvIC1gcnnfv9q4E9Kk-RMhAlq6-I-bpga8bTgpIU8C489t0li32bgII1FPtyry_TMUChFnGTUklg

Request Chain 589

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7415519081315808593

Request Chain 611

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 614

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHEAdda0bjWvswEwNrLKE2Y&google_cver=1&google_push=AYg5qPLSS_KTyoq8FyVPylqy90wB0YPKAIW5M9HHao-YoiR_hbjp_1FWnwr_X__eJKO9H0YjcHurfj0YGGerwHQELplX8obC-lFmsg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWJSQm1BQUxDZ0FHUEFBeg==&google_gid=CAESEHEAdda0bjWvswEwNrLKE2Y&google_cver=1&google_push=AYg5qPLSS_KTyoq8FyVPylqy90wB0YPKAIW5M9HHao-YoiR_hbjp_1FWnwr_X__eJKO9H0YjcHurfj0YGGerwHQELplX8obC-lFmsg

Request Chain 616

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC_HQX80JX3cGaV5sHV8M3A&google_cver=1&google_push=AYg5qPJWmHrPnOqT6Q0PXzCwGXscrtFdns0UnntijDQ5i9j5WJzuS1CDp3bds3B-0vDdrazryvA9cM9tnQ5aagLSOGjpWi35G9ht HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDMyNDI0Mjg3NDQ5NzE3MQ%3D%3D&google_push=AYg5qPJWmHrPnOqT6Q0PXzCwGXscrtFdns0UnntijDQ5i9j5WJzuS1CDp3bds3B-0vDdrazryvA9cM9tnQ5aagLSOGjpWi35G9ht

Request Chain 617

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ--5DP7KTkszjYTDdx1DIs&google_cver=1&google_push=AYg5qPKHtFBzULRGlReCDdjpgbexFsGaOBwmjrWEVQmOgUQmNE0Igw1X_uG3BoOcC-lWwD_CbGQxMAmrSLThX6WlKhof1tuoEKQV HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=f79c069f-7553-4c5a-aac1-fc1df8bda7c6 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=f79c069f-7553-4c5a-aac1-fc1df8bda7c6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=a63c3cff-d9d7-4510-850f-793312cdb77a&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKHtFBzULRGlReCDdjpgbexFsGaOBwmjrWEVQmOgUQmNE0Igw1X_uG3BoOcC-lWwD_CbGQxMAmrSLThX6WlKhof1tuoEKQV&google_hm=95wGn3VTTFqqwfwd-L2nxg==

Request Chain 618

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM9_BtxuGkeMWaRs4Lo2cxs&google_cver=1&google_push=AYg5qPIm6LwWn64iZ9c7CthJkIvok3-OxidH3YtolEBQCn6W12_cXYPNZQdK4Fkx_XEvPADGPthEqaYDPrc5dQNNkmlp3GjFDgst9Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIm6LwWn64iZ9c7CthJkIvok3-OxidH3YtolEBQCn6W12_cXYPNZQdK4Fkx_XEvPADGPthEqaYDPrc5dQNNkmlp3GjFDgst9Q

Request Chain 671

https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=9wMIZ9c27Rco&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1

Request Chain 680

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 691

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbRBmAALCgAGPAAz&gdpr=0&gdpr_consent=

Request Chain 735

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538

Request Chain 774

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CR2QDSQDSipCyTGN5xqJZ8IkbqU

Request Chain 775

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 776

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rxa6YwO0qO4vAM2IMgzaX9m1

Request Chain 779

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=718034e3-8936-4546-881a-c434330eb603-tuct8adc716&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 781

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3824068872 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E

Request Chain 782

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6ca12f74-645a-4368-b125-b49f6d5619ee&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 783

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3404206974503617722

Request Chain 795

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 797

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:PAmdXcfL1MVVDL5&gdpr=0&gdpr_consent=

Request Chain 799

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:140DAD53AA5B465DAF41E2F6DE600022

Request Chain 800

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=81821182-5a49-11ec-8bc6-55815776808c&gdpr=0&gdpr_consent=

Request Chain 817

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538

844 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/ 75 KB
17 KB 1212ms
1079ms Document
text/html 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a51f139721f4304c9753a51b667ee4779f68f8f1e841e926c9a12c1d298ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6bbc916d88c483ac-MXP
cache-control: public, max-age=3600
expires: Sat, 11 Dec 2021 07:13:38 GMT
last-modified: Sat, 11 Dec 2021 06:13:38 GMT
link: <https://www.diariodocentrodomundo.com.br/wp-json/>; rel="https://api.w.org/", <https://www.diariodocentrodomundo.com.br/?p=779049>; rel=shortlink
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
cf-apo-via: origin,miss
cf-edge-cache: cache,platform=wordpress
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/ 551 KB
72 KB 103ms
102ms Stylesheet
text/css 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/style.css?ver=3.5c

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e712cd0ab0eb3faf1a5a03e4533af305fd8e3e48d733b4f368590d8c491c87b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252397
cf-polished: origSize=760760
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 15:13:23 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153600
content-type: text/css; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=31536000
cf-ray: 6bbc91749a8283ac-MXP
expires: Sun, 11 Dec 2022 06:13:38 GMT

GET
H2 200 style.min.css
www.diariodocentrodomundo.com.br/wp-includes/css/dist/block-library/ 79 KB
11 KB 62ms
61ms Stylesheet
text/css 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252397
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 18:39:52 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=31536000
cf-ray: 6bbc91749a8583ac-MXP
expires: Sun, 11 Dec 2022 06:13:38 GMT

GET
H2 200 style.css
www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/ 551 KB
72 KB 67ms
66ms Stylesheet
text/css 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/style.css?ver=3.4c

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e712cd0ab0eb3faf1a5a03e4533af305fd8e3e48d733b4f368590d8c491c87b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252397
cf-polished: origSize=760760
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 15:13:23 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153600
content-type: text/css; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=31536000
cf-ray: 6bbc91749a8683ac-MXP
expires: Sun, 11 Dec 2022 06:13:38 GMT

GET
H2 200 main.css
www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/public/css/ 201 KB
29 KB 103ms
103ms Stylesheet
text/css 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/public/css/main.css?ver=3.4c

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d964f9876dbb52b2663d53dea929f745579bcf7a3931741fa9b1911439f39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 247943
cf-polished: origSize=1087688
cf-cached-on: Wed, 08 Dec 2021 08:19:02 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 11 Dec 2022 06:13:38 GMT
last-modified: Wed, 08 Dec 2021 09:21:15 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=31536000
cf-ray: 6bbc91749a8883ac-MXP
cf-bgj: minify

GET
H2 200 front.min.css
www.diariodocentrodomundo.com.br/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 461ms
460ms Stylesheet
text/css 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.8.1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Oct 2021 22:09:57 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=31536000
cf-ray: 6bbc9174aa9583ac-MXP
expires: Sun, 11 Dec 2022 06:13:39 GMT

GET
H2 200 js_composer.min.css
www.diariodocentrodomundo.com.br/wp-content/plugins/js_composer/assets/css/ 449 KB
45 KB 700ms
699ms Stylesheet
text/css 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

014bdcd85899b1e128d977bbb8f899d6c9623e68cfb63b3a637d39f61ff01ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Oct 2021 22:10:01 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"70240-5cf8516af72c7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=3600
cf-ray: 6bbc9174aa9783ac-MXP
expires: Sat, 11 Dec 2021 07:13:39 GMT

GET
H2 200 style.css
www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/ 0
88 B 97ms
95ms Stylesheet
text/css 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/style.css?ver=3.4

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252397
cf-polished: origSize=373
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Oct 2021 21:59:31 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bbc9174aa9883ac-MXP
expires: Sun, 11 Dec 2022 06:13:38 GMT

GET
H2 200 jquery.min.js Show response
www.diariodocentrodomundo.com.br/wp-includes/js/jquery/ 87 KB
31 KB 97ms
96ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252397
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 18:39:52 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc9174aa9b83ac-MXP
expires: Mon, 10 Jan 2022 06:13:38 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.diariodocentrodomundo.com.br/wp-includes/js/jquery/ 11 KB
4 KB 95ms
94ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252397
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 18:39:52 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc9174aa9e83ac-MXP
expires: Mon, 10 Jan 2022 06:13:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 131ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1067 / 115 of 1000 / last-modified: 1639177483"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Dec 2021 06:13:38 GMT

GET
H/1.1 200
OK diariodocentrodomundo_7413.js Show response
ads.vidoomy.com/ 4 KB
5 KB 385ms
124ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/diariodocentrodomundo_7413.js
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: a5d35d9ef274a979b27a5ea543942b1e4d7826a242bf4a3474578446ed4b96c1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:38 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 4536

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 121ms
47ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33507983-1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

492a6f12ee73ea4e9855654d796f5ac25c62b62603848f783f2806879e5506ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36225
x-xss-protection: 0
expires: Sat, 11 Dec 2021 06:13:39 GMT

GET
H3 200 logo.png
www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/assets/images/ 3 KB
4 KB 109ms
105ms Image
image/webp 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/assets/images/logo.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87495a7a77a04d779d2dbf1510e80786186c6d33840a7a5f669bbc4865fd982a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252398
cf-polished: origFmt=png, origSize=5432
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3500
x-xss-protection: 1; mode=block
expires: Sun, 10 Apr 2022 06:13:39 GMT
last-modified: Wed, 20 Oct 2021 21:59:31 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
vary: Accept
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 6bbc917bdeb259a7-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 lupa.png
www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/assets/images/ 212 B
617 B 109ms
105ms Image
image/webp 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/assets/images/lupa.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

652f42bc2c68823343233b0c24a6a8062e3fe3718258ef715951beae1c9e5598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252398
cf-polished: origFmt=png, origSize=407
content-disposition: inline; filename="lupa.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 212
x-xss-protection: 1; mode=block
expires: Sun, 10 Apr 2022 06:13:39 GMT
last-modified: Wed, 20 Oct 2021 21:59:31 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
vary: Accept
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 6bbc917bdeb559a7-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 dcm2-300x71.png
www.diariodocentrodomundo.com.br/wp-content/uploads/2017/04/ 6 KB
7 KB 489ms
485ms Image
image/webp 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/uploads/2017/04/dcm2-300x71.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d992ec5207e67306f72d5337209b23d447a17be84fba157680ddedbbb298848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=10252
content-disposition: inline; filename="dcm2-300x71.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6346
x-xss-protection: 1; mode=block
expires: Sun, 10 Apr 2022 06:13:40 GMT
last-modified: Thu, 13 Apr 2017 19:28:36 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
vary: Accept
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 6bbc917bdeb659a7-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 IMGESSENCIAL2.png
www.diariodocentrodomundo.com.br/wp-content/uploads/2017/03/ 5 KB
5 KB 477ms
473ms Image
image/webp 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/uploads/2017/03/IMGESSENCIAL2.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad20a16e21bffbef8a2a6827a865e2c8c419e2ccfd0c49d0c3d2b3cd10e4b21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=9081
content-disposition: inline; filename="IMGESSENCIAL2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5014
x-xss-protection: 1; mode=block
expires: Sun, 10 Apr 2022 06:13:40 GMT
last-modified: Mon, 27 Mar 2017 17:54:36 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153600
content-type: image/webp
vary: Accept
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 6bbc917bdeb759a7-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 272ms
51ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CDF) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CDF)
Age: 53
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 loader.js Show response
web.webformscr.com/apps/fc3/build/ 1 KB
874 B 91ms
18ms Script
application/javascript 151.139.244.12
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://web.webformscr.com/apps/fc3/build/loader.js
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.12 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 02cd1afe25bd6950ef39a98a7be2348b7445cba2c979e3b161c01b0b6f14d922

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 08:08:52 GMT
server: nginx
etag: W/"61921594-449"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr9
cache-control: max-age=86400
accept-ranges: bytes
content-length: 600
expires: Sun, 12 Dec 2021 06:13:10 GMT

GET
H3 200 comment_count.js Show response
www.diariodocentrodomundo.com.br/wp-content/plugins/disqus-comment-system/public/js/ 889 B
742 B 460ms
459ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Oct 2021 22:09:57 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc91778a6a59a7-MXP
expires: Mon, 10 Jan 2022 06:13:39 GMT

GET
H3 200 comment_embed.js Show response
www.diariodocentrodomundo.com.br/wp-content/plugins/disqus-comment-system/public/js/ 878 B
819 B 59ms
58ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 313650
cf-polished: origSize=1232
cf-cached-on: Tue, 07 Dec 2021 14:09:27 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Mon, 10 Jan 2022 06:13:39 GMT
last-modified: Tue, 07 Dec 2021 15:06:09 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153600
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc91791bda59a7-MXP
cf-bgj: minify

GET
H3 200 main.js Show response
www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/public/js/ 1 MB
433 KB 73ms
72ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/public/js/main.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829fbd93b6a305f09be3a48659e33a960bbdaf8c4ee80ecf68893e1feb234cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252398
cf-polished: origSize=3222755
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Nov 2021 20:29:16 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153600
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc917a6d1559a7-MXP
expires: Mon, 10 Jan 2022 06:13:39 GMT

GET
H3 200 tagdiv_theme.js Show response
www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/js/ 234 KB
52 KB 471ms
471ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/js/tagdiv_theme.js?ver=3.4

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28c52b7fcda3451fc47a45ec9ebe995f2dacfce3bc0ed13594b7f31801cd183d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=515836
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 15:14:01 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc917b8e7859a7-MXP
expires: Mon, 10 Jan 2022 06:13:40 GMT

GET
H3 200 comment-reply.min.js Show response
www.diariodocentrodomundo.com.br/wp-includes/js/ 3 KB
2 KB 108ms
107ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-includes/js/comment-reply.min.js?ver=5.8.1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252398
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 18:39:52 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc917bdeac59a7-MXP
expires: Mon, 10 Jan 2022 06:13:39 GMT

GET
H3 200 front.min.js Show response
www.diariodocentrodomundo.com.br/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 495ms
491ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.1.5

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Oct 2021 22:10:26 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"20b3-5cf85182c3ee2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=3600
cf-ray: 6bbc917bdeb859a7-MXP
expires: Sat, 11 Dec 2021 07:13:40 GMT

GET
H3 200 wp-embed.min.js Show response
www.diariodocentrodomundo.com.br/wp-includes/js/ 1 KB
1 KB 109ms
106ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-includes/js/wp-embed.min.js?ver=5.8.1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 252397
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 18:39:52 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc917bdeb059a7-MXP
expires: Mon, 10 Jan 2022 06:13:39 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 177ms
62ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 980
etag: W/"2d763adca2b6a93c45e5b76bff1f8c5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6bbc917c9e950e16-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 06:13:39 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.diariodocentrodomundo.com.br/wp-includes/js/ 18 KB
5 KB 454ms
451ms Script
application/x-javascript 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 18:39:52 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc917bdeb959a7-MXP
expires: Mon, 10 Jan 2022 06:13:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
924 B 112ms
40ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/public/css/main.css?ver=3.4c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91bb9babf9b922d9670efbad516ad7b026cc8bf763e1b5aaccb2e58c451e060a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 05:03:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 11 Dec 2021 06:13:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Dec 2021 06:13:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
607 B 114ms
42ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/themes/dcm-theme/public/css/main.css?ver=3.4c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8b814cefc8fe9d1ea891eba850f93f66a1332b8f754b30334dff1018a5fcefb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 04:44:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 11 Dec 2021 06:13:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Dec 2021 06:13:38 GMT

GET
H2 200 diariodocentrodomundo.js Show response
tags.juicebarads.com/js/ 37 KB
13 KB 350ms
225ms Script
application/javascript 2606:4700:3032::6815:3f4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js?v=98
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3f4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ee9414c40aa4506e8048730385e2d1161c1c847ceb5f9edf885ab0c94a08c0

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 17:48:15 GMT
server: cloudflare
etag: W/"61a7b55f-953d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSwkVem5f6uLKmYw7Lv9H70jHW2J0aY0fhdl8vnhyILcXPY5zOzXFie%2BCTp5u2KsQiuLMgMynR0z05gFepLAipEB6a4TJaTfCw82iVNSnyB9A29Ej%2FB6uakl1Xw1pCla2WCAwIlBcwj1XRC%2F0KJu%2BzlKbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bbc917a18615a07-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/diariodocentrodomundo/ 474 KB
36 KB 163ms
115ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f81cefe63d575068ae5a0dc5d862746f02c9b2eca253eeacd47e35ac46a43272

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: D.rWM4N2vl4tAulROsa8qVMTRdveg00m
content-encoding: gzip
etag: "1480cbd0d0eb6e333ab7d73563d7d354"
age: 0
x-cache: HIT
content-length: 36641
x-amz-id-2: 2aWHYgwrWa2zyLztauDWBbB5NfcsN4we//YLsSoZRMdx8wudj8vRnbooZn5l/aWd77s8iqgZQ+8=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:08:24 GMT
server: AmazonS3
x-timer: S1639203220.851610,VS0,VE96
date: Sat, 11 Dec 2021 06:13:39 GMT
vary: Accept-Encoding
x-amz-request-id: Q1EDHEHG2W6RCAEX
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 76
x-cache-hits: 1

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 1D5D 118 KB
35 KB 79ms
23ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1639203219.cds065.lo4.hn,1639203219.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame F8AC 118 KB
35 KB 97ms
48ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1639203219.cds065.lo4.hn,1639203219.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
599 B 189ms
37ms Image
image/gif 23.200.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.213.172 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-213-172.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:39 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1639203219762047-361
Expires: Sat, 11 Dec 2021 06:13:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 96ms
31ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: WymghNLLAd3c7woClun6TV9hNYeBr1yBBnn/3Wao4jwR+hstD5wJvd+gjNhLHASMvnaeGzC6chiSRjwLElUtxg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 11 Dec 2021 06:13:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 16 KB
16 KB 103ms
31ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.diariodocentrodomundo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:04:41 GMT
x-content-type-options: nosniff
age: 216538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 18:04:41 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
www.diariodocentrodomundo.com.br/fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 104ms
104ms Font
font/woff2 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diariodocentrodomundo.com.br/fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Request headers

Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Origin: https://www.diariodocentrodomundo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=14400
cf-apo-via: proxy
accept-ranges: bytes
cf-ray: 6bbc917beec259a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44656
expires: Sat, 11 Dec 2021 10:13:39 GMT

GET
H3 200 newsmag.woff
www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/images/icons/ 14 KB
10 KB 489ms
489ms Font
application/font-woff 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/images/icons/newsmag.woff?12

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/style.css?ver=3.5c

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a63e53abfd30cc5be7558678f3137aaa45dfe79e3577299ad027f259b81d50f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.diariodocentrodomundo.com.br/wp-content/themes/Newsmag/style.css?ver=3.5c
Origin: https://www.diariodocentrodomundo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 15:14:47 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153600
content-type: application/font-woff
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
cf-ray: 6bbc917bfed459a7-MXP
expires: Mon, 10 Jan 2022 06:13:40 GMT

GET
H3 200 atila-2-600x412.jpg
www.diariodocentrodomundo.com.br/wp-content/uploads/2020/03/ 19 KB
19 KB 585ms
585ms Image
image/jpeg 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/uploads/2020/03/atila-2-600x412.jpg

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ef231f46c660f56c02937a4817d6ec1721a85322722416749f7723c57e66a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19330
x-xss-protection: 1; mode=block
last-modified: Tue, 31 Mar 2020 11:57:12 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "4b82-5a22544a604c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/jpeg
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6bbc917c3f1c59a7-MXP
expires: Sat, 11 Dec 2021 07:13:40 GMT

GET
H/1.1 200
OK count.js Show response
diariodocentrodomundo.disqus.com/ 1 KB
2 KB 75ms
18ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodocentrodomundo.disqus.com/count.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 339
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 08 Dec 2021 21:53:49 GMT
Server: nginx
ETag: "61b1296d-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: kfPg-cxl_SGCczqSVo6kA468lcSTPvatv-CIu08Rv94zaEqZqQ1npQ==

GET
H/1.1 200
OK embed.js Show response
diariodocentrodomundo.disqus.com/ 75 KB
25 KB 191ms
151ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodocentrodomundo.disqus.com/embed.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

7f231390e8c4841ee4f90181ffb22327c18a2f5e87b4e76244ba99851b8d95ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:40 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24661
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame AA41 5 KB
2 KB 26ms
22ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639203219.cds065.lo4.hn,1639203219.cds074.lo4.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 1D5D 2 KB
2 KB 356ms
116ms XHR
application/xml 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=15766975&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 42ba8b487196edceafd99e96c31f43b35d8880a1ca3f0caf7ca34d0b00504424

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1399

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 5FD6 5 KB
2 KB 22ms
22ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Sat, 11 Dec 2021 06:13:39 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639203219.cds065.lo4.hn,1639203219.cds074.lo4.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame F8AC 180 B
367 B 270ms
111ms XHR
application/xml 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091477&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=42671010&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H3 200 301448060382165 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 108ms
76ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301448060382165?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9ae1ff6b8447f4b9b72cd9d7ba7314cbe92d581519187472d49e5538e359559

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 15TmQRxrgxPG5EKNG+VnMjlPeTNQLitXxpMYWxWLzxIfFVzm8hzC/RbeMToD/17ZNsuBMFtvXYMKzLQ7IcmjHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 11 Dec 2021 06:13:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 impl.20211209-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 610 KB
126 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 26bb50500bfdfa32376bca2911e642ee1c3f01a917646ab6cb3bc6df4d25d097

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: SOLKO8WJgmT0SiilF5V3OadNbgwvgy1C
content-encoding: br
etag: "8bc47a0f6c2e1ea57114b0cb6f8f0944"
age: 15480
x-cache: HIT
content-length: 128479
x-amz-id-2: 8imBtykLzzCv09A15SEjIUejp0D5WHfudfQO7xuK98VlCBldOvMKHbra+M4bEKbzbAnYNYLSmvM=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 09:55:31 GMT
server: AmazonS3-br
x-timer: S1639203220.059417,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: P9CJ2SMA5RJ9GHWH
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 44
x-cache-hits: 11459

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 112ms
35ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 07:25:07 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 82114
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: HSw0Y-b_BwuzQTt64ZHeqmceyT5jxRjCw1HTlTw2GQpQccZa--aX-w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 102ms
30ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33507983-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4353
date: Sat, 11 Dec 2021 05:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 11 Dec 2021 07:01:07 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame AA41 43 B
309 B 338ms
106ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame AA41 43 B
308 B 339ms
108ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame AA41 43 B
308 B 7474ms
7243ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame AA41 43 B
308 B 339ms
108ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame AA41
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2884445466486619730

43 B
308 B

172ms
111ms

Image
image/gif

146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2884445466486619730
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2884445466486619730
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 cs
cs.lkqd.net/ Frame 5FD6 43 B
308 B 357ms
128ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5FD6 43 B
308 B 338ms
109ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5FD6 43 B
308 B 337ms
109ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5FD6 43 B
308 B 336ms
109ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 5FD6
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538

43 B
308 B

188ms
127ms

Image
image/gif

146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 153ms
45ms Other
text/css 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283593
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: yJmTHHDeZoSqIep79kXF2Zm2cyUOxlb3FAs9s05xhPafk77poHpq8g==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 0
93 KB 167ms
58ms Other
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4030090
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: 78KgloOyghHteRg32dNTe_B6Uyhi-O5jSUHnLj9IBcN5p5Ir6Ixq8w==
x-cache-hits: 0

GET
H2 200 lounge.bundle.920cdf639b386b42eddc25a8b2755561.js
c.disquscdn.com/next/embed/ 0
121 KB 194ms
86ms Other
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283593
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 122873
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1dff9"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: AJmyiMZAUHioqTnhOmTIOKR-S5r3XnEHZd5VG-zWNeYpldqQ-roKew==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 68ms
19ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:40 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 39
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
diariodocentrodomundo.disqus.com/ 63 KB
21 KB 116ms
116ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://diariodocentrodomundo.disqus.com/recommendations.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

7fa8e50198a194eee55bc24fe0d3b6f256f2db774048a33267badda9454f6dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:40 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router_gunicorn
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20951
Cross-Origin-Resource-Policy: cross-origin

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1639203220561&ns_c=UTF-8&cv=3.5&c8=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639203220561&ns_c=UTF-8&cv=3.5&c8=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%2...

0
224 B

34ms
33ms

Image
text/plain

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639203220561&ns_c=UTF-8&cv=3.5&c8=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&c7=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&c9=
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 22GnppmbGLY4LxPR3--7JMbZWDQVK8Ruok9eRBl697Q4M20PaCQJBQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1639203220561&ns_c=UTF-8&cv=3.5&c8=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&c7=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&c9=
content-length: 348
x-amz-cf-id: WNNqr8CBe_yYsrGnyllL9BIJ_LONOtCBKyCmDKYXElnYaUi2QZ8dZA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 94ms
30ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301448060382165&ev=PageView&dl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&rl=&if=false&ts=1639203220578&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1639203220576.1608615402&it=1639203220389&coo=false&rqm=GET

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 11 Dec 2021 06:13:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 76ms
38ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=543701649&t=pageview&_s=1&dl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&ul=en-us&de=UTF-8&dt=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1708108130&gjid=1666754893&cid=409617009.1639203221&tid=UA-33507983-1&_gid=1886940742.1639203221&_r=1&gtm=2ouc10&z=1163440702

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 78ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175164381-48

Requested by

Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js?v=98

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4874ca76a7cd1c5b8f5832fd19004e78a2e5d84bbeb04dac99a5c6a04ed8a1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36223
x-xss-protection: 0
expires: Sat, 11 Dec 2021 06:13:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 84ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175164381-48&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33507983-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a791b91c688a37d8be245817757717b7217b1df53123b9d9d90f804775d9948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36243
x-xss-protection: 0
expires: Sat, 11 Dec 2021 06:13:40 GMT

GET
H2 200 tag Show response
a.teads.tv/page/67790/ 4 KB
2 KB 167ms
67ms Script
application/javascript 23.200.213.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/67790/tag
Requested by: Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/diariodocentrodomundo.js?v=98
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.213.98 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-213-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0991cc07e6c1beef865b3f0fa3c16c370a929c575aded5fd42e2b5433fd6b090

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 1354
expires: Sat, 11 Dec 2021 07:13:40 GMT

GET
H2 200 json Show response
trc.taboola.com/diariodocentrodomundo/trc/3/ 49 KB
16 KB 229ms
223ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/diariodocentrodomundo/trc/3/json?tim=06%3A13%3A40.667&lti=deflated&data=%7B%22id%22%3A116%2C%22ii%22%3A%22%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1639044473069%2C%22vi%22%3A1639203220664%2C%22cv%22%3A%2220211209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2058%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-c%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1908%2C%22mw%22%3A1021%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2CBelow%20Article%20Thumbnails%3Dthumbnails-c%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ba8af402252121053142c8336bd580caacf674770b9e5af7e4ab4ae7eb44f83

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 204
date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
server: nginx
x-timer: S1639203220.288789,VS0,VE204
x-served-by: cache-lcy19223-LCY
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame B863
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
289 B

121ms
35ms

Document
image/gif

52.58.61.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-type: image/gif
content-length: 43
content-encoding: none
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Sat, 11 Dec 2021 06:13:39 GMT
server: AC1.1

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=367887421.580868961673092238.3775233
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=367887421.580868961673092238.3775233
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=f79c069f-7553-4c5a-aac1-fc1df8bda7c6&google_hm=Zjc5YzA2OWYtNzU1My00YzVhLWFhYzEtZmMxZGY4YmRhN2M2
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=f79c069f-7553-4c5a-aac1-fc1df8bda7c6&google_hm=Zjc5YzA2OWYtNzU1My00YzVhLWFhYzEtZmMxZGY4YmRhN2...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEF7MWBdkCM3fl_fxGWsJvrE&google_cver=1&ssp=vidoomy&bsw_param=f79c069f-7553-4c5a-aac1-fc1df8bda7c6
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f79c069f-7553-4c5a-aac1-fc1df8bda7c6

43 B
368 B

33ms
33ms

Image
image/gif

52.58.61.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f79c069f-7553-4c5a-aac1-fc1df8bda7c6
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Server: 52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f79c069f-7553-4c5a-aac1-fc1df8bda7c6
Date: Sat, 11 Dec 2021 06:13:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 ve
stg.vidoomy.com/api/rtbserver/ 9 B
90 B 148ms
35ms Image
application/json 75.2.29.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stg.vidoomy.com/api/rtbserver/ve?ad_type=Video&adomain=&c=&category=&crid=7413&deal=&domain=vidoomy.com&dsp=&dsp_ssp=&dt=1&gdpr=&gdprcs=&os=&p=&p_id=1&s=a&seat=1&size=&sspid=0&sync=0&zid=0&uimp=1
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.29.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6a0aaac8071ff4b.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-length: 9
vary: Origin
content-type: application/json

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2bdfb6348d15a8807c3330ed9eff31&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=h803a_7040324225692894405
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MmJkZmI2MzQ4ZDE1YTg4MDdjMzMzMGVkOWVmZjMx&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEL_s9sbWPFG43aEqPu9hpNc&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=527b78df-fa9f-47e4-9d24-91f4d3763c41
https://pr-bh.ybp.yahoo.com/sync/stickyads/2bdfb6348d15a8807c3330ed9eff31?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-qCjsm71E2oMA4QCg19Rzhx1UJyj6hL0DacSqXWZj~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3404206974503617722
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=e0ae61b4-4196-4700-a0e4-b2c93d47c88e&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=4835395960989745577
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YbRBm...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YbRBmAALCgAGPAAz&_test=YbRBmAALCgAGPAAz

0
0

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame DC0F 319 KB
103 KB 51ms
50ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 121638
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 11 Dec 2021 06:13:40 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 118ms
63ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1145
etag: W/"bac537a7eba0b66473f70a7a4bf837c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6bbc917f6bad3754-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 06:13:40 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 87ms
46ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Dec 2021 06:13:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 307 B
185 B 82ms
41ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.diariodocentrodomundo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

41feba12c9f235b4123d7e276203047126b02af299062fa03bf7a56943f2b775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Sat, 11 Dec 2021 06:13:40 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 337ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST t
t.lkqd.net/ Frame 598C 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 330ms
108ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 0CBB 0
176 B 330ms
110ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 09D3 230 KB
61 KB 24ms
24ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639203220.cds065.lo4.hn,1639203220.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
457 B 83ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-33507983-1&cid=409617009.1639203221&jid=1708108130&gjid=1666754893&_gid=1886940742.1639203221&_u=YEBAAUAAAAAAAC~&z=2060742904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 11 Dec 2021 06:13:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame E624 7 KB
4 KB 134ms
133ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5751b2f0f25d096f046ebde12533cb99798c5622bd1d101e315254f4705d5bbc

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

Connection: keep-alive
Content-Length: 2884
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Fri, 10 Dec 2021 12:22:52 GMT
ETag: W/"lounge:view:8919859333.fbcddd4f6f5644951bedff6b5ac2dc84.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 11 Dec 2021 06:13:40 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 28 KB
9 KB 177ms
119ms XHR
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=diariodocentrodomundo&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23ff0000&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&disqus_version=current
Requested by: Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 753d4b88e18f157d5c87361d030d34b2a3a8b1674204ae0749024e4976e83527

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:40 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router_gunicorn
Connection: keep-alive
Content-Length: 9312
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 147ms
96ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8gsud7f27augk6&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=diariodocentrodomundo&zone=thread&version=9068118211410bc5f67f5bb8d6806cba&page_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2233022

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 30ms
30ms Other
text/css 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4611015
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: j966ev_fN8uCW9faOiNEIv6bBsvIVrUYaqjeIQa6y03RR4dDM66Qbw==
x-cache-hits: 0

GET
H2 200 common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
c.disquscdn.com/next/recommendations/ 0
87 KB 31ms
30ms Other
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4611015
x-cache: Hit from cloudfront
content-length: 88862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-15b1e"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: iTIhdGziqRCOE6DGhzfo2_gNpivo3W34_LnLsafFfYQiD0EPt7iRug==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 50ms
50ms Other
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5219277
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: L_gN49MANpHrs9c69Rg1gXKV1iy_fznddwbX_gWTUd96vytX_65P1Q==
x-cache-hits: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 114ms
42ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33507983-1&cid=409617009.1639203221&jid=1708108130&_u=YEBAAUAAAAAAAC~&z=1828686826

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 137ms
64ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-33507983-1&cid=409617009.1639203221&jid=1708108130&_u=YEBAAUAAAAAAAC~&z=1828686826

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 8F88 5 KB
2 KB 24ms
24ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639203220.cds065.lo4.hn,1639203220.cds074.lo4.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 331ms
107ms Preflight 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=15766975&m=&rtv=1&thost=www.diariodocentrodomundo.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:40 GMT
content-length: 0
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame 09D3 80 KB
6 KB 538ms
537ms XHR
application/json 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=15766975&m=&rtv=1&thost=www.diariodocentrodomundo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 55acdc956076cc955a9b8319896fc84534f0d6e169561a1f8ef47fbcca7952d9

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5479

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 37ms
37ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=543701649&t=pageview&_s=1&dl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&ul=en-us&de=UTF-8&dt=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1883524635&gjid=1453742212&cid=409617009.1639203221&tid=UA-175164381-48&_gid=1886940742.1639203221&_r=1&gtm=2ouc10&z=152830711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 600 KB
132 KB 225ms
54ms Script
text/javascript 2a02:26f0:6c00:191::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/67790/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:191::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f7473a96bc1be6e95e90ef09ea6b40ce3870fd2f161ae995a3a321bcc8d91c25

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: ZKHZ7H6D2AP2WAV7
content-length: 134158
x-amz-id-2: pb63hXLv2NA3aAWEEeqC3K8dp7dqN0GjNCXeRSIfT3GOaLVqIvYIpudfPP7MMdaPXXc9g4/isiI=
last-modified: Tue, 07 Dec 2021 15:00:33 GMT
etag: "7b6112093da0a5aec2609ebb9befd6e4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 0
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 11 Dec 2021 06:43:40 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding: gzip
etag: "103abcd7af0ff73c2bca84d874ada0e2"
age: 25208
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6020
x-amz-id-2: KiQ4YWBbZGThNXrAb1IG86QGyrmcUIG3OFu+/p87BdEOUf30OSGo7/xws9XBOn7QZQeFj+HDPlc=
x-served-by: cache-lcy19223-LCY
last-modified: Tue, 30 Nov 2021 12:15:08 GMT
server: AmazonS3
x-timer: S1639203221.556046,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: C4YV1VF92GTM9FJG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 44
x-cache-hits: 45842

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
968 B 19ms
19ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding: gzip
etag: "44e0fb48ae5c8af459ee8102bcc39ee7"
age: 25208
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 702
x-amz-id-2: vI2M7c/0QUKSoTM2aQTfSkt2vLrPC5kL05J4NiUHffGuyqLP6gXAAuDMTZKnY1ohLePXO/4kbak=
x-served-by: cache-lcy19223-LCY
last-modified: Tue, 30 Nov 2021 12:15:07 GMT
server: AmazonS3
x-timer: S1639203221.556243,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: DM4J0EY8NB1HZHEW
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 44
x-cache-hits: 44536

GET
H2 200 tfa-eid.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a9094ce5f18a9e36476ef2be0c657a0d969cf42e5cdf39b6938607182f9e2ab

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9fmuZ4rqC8Z5LeeLztqlC3_nThG7nPzS
content-encoding: gzip
etag: "fe1800cdf5eae6d9755cd49fa5f163d1"
age: 31
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5061
x-amz-id-2: IoXgrSZsziqfbmyOLZ29MiNpbDb6O7EYrVpPElEzBSRBtVCBvx6HdnCUo45DN0XOsLHQTuPKUJ0=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:15:54 GMT
server: AmazonS3
x-timer: S1639203221.558411,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: 95W38FZWZBFM4JRH
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 56

GET
H2 200 sha256.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df2df7ab27ecdbd3544c33a84ca2581c534ffc23048e8edd1dc9006e83507523

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wBEWtZC4PEyfK6Irf.yA22bSAXD1a3tL
content-encoding: gzip
etag: "0a32a3cbbea38e3c51221e97e065afce"
age: 18
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2590
x-amz-id-2: PUVWFXb3j5QnWVgAuX6Lth2N1m8WP5f3T9aWapUfTzvoSJwy0pXZzxClQLTFKibxskr7tbiv/MQ=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:16:45 GMT
server: AmazonS3
x-timer: S1639203221.558551,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: P5P5KN4KBPT5AH92
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 29

GET
H2 200 floating-unit.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 7 KB
3 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f3b2ee82464d00cb6cd9585b6c8f13b95e0488bb865675e6b88968badef01bd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: x2fBjMRNEa5ZCDBt.F2xVvYCMjkApA7R
content-encoding: gzip
etag: "88c47ba22bf4cc318ca734360d4ec811"
age: 71
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2359
x-amz-id-2: 3nffILLQ8iNCU5hW20CU8Nbd8oU3OO3AGdwx1rfLh7GjlfAsbfwh8OaCt0jnDtYNXe/kul0YOf8=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:17:18 GMT
server: AmazonS3
x-timer: S1639203221.561603,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: P3F5SFWN1084TTMD
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 12

GET
H2 200 tb Show response
15.taboola.com/ 37 KB
10 KB 38ms
37ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=diariodocentrodomundo&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&encoded=1&uid=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714&variant=-100|493750&callback=TRC.videoTagCallbacks.videoCallback1&cb=1639203220950&tagid=&cntry=GB&platform=1&sesid=2d8a8b382169f7c16345c0aa985536f3&itemid=/essencial/atila-hacker-certidao-de-vacinacao&viewid=1639203220664&geolat=&geoing=&deviceifa=&appid=&sd=v2_2d8a8b382169f7c16345c0aa985536f3_556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714_1639203220_1639203220_CIi3jgYQ1qZDGLjZgMHaLyABKAEwTTin8g1A8YwQSJWL2ANQvLUyWABgAGiApKeijMutlDNwAA&ri=db662c6099d8e9ff3b1be1942652b0ba&appname=&cdb=&gdprApplies=true&rid=&sii=2843444474516049242&oee=true&tpubid=1102678&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=HRT&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1188573&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8374acce1808e3c1002bcd02782240471ca154d79227c8dedfd32c02074d38dc

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
machineid: 1448
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-lcy19223-LCY
pragma: no-cache
server: nginx
x-timer: S1639203221.565046,VS0,VE19
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dab0c8a7c7cc6d355c62f78ac1265c825df7cf511dfd5ce524982b2c57d0a8a7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 4MOagu2OMPj_TPMEGXOCQa5qS_tNIk14
content-encoding: gzip
etag: "1c80b2eda1134fd0a5aefed6067b8845"
age: 27
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1263
x-amz-id-2: zDeeFwbBzBQc5w6/0T8nKAo2OvbJcw0URotcNzgk/h2sPfMqjNYHvOmdzu+T6lVVs1JH3LGq+JA=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:17:51 GMT
server: AmazonS3
x-timer: S1639203221.579053,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: P3FDWDBM9M8EXCWF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 44

GET
H2 200 userx.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 108b212a0f6a3d2d4efd35f1f9ea615ca76baa406b806064e4dcb42ce5b15f1d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gnvPGW_ylDxX5RkfJvFRoqUOE9m1hBRC
content-encoding: gzip
etag: "a078577fcaa0862a2cc3cabff4d37f24"
age: 51
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5339
x-amz-id-2: 29IjmD22iXLdHZEHu783ogu9ICc3+NyhqduqOVEp6vQSIqcYuJvLVVio4kwGonVbfNTwJsimMjU=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:15:37 GMT
server: AmazonS3
x-timer: S1639203221.593925,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: 95WDHN68VK8GJT6M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 9

GET
H2 204 supply-feature
trc.taboola.com/diariodocentrodomundo/log/3/ 0
282 B 26ms
26ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/diariodocentrodomundo/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=c7ffe0a81fa17fef4dbd3c675826a317&sd=v2_2d8a8b382169f7c16345c0aa985536f3_556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714_1639203220_1639203220_CIi3jgYQ1qZDGLjZgMHaLyABKAEwTTin8g1A8YwQSJWL2ANQvLUyWABgAGiApKeijMutlDNwAA&ui=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714&pi=/essencial/atila-hacker-certidao-de-vacinacao&wi=2843444474516049242&pt=text&vi=1639203220664&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=06%3A13%3A40.947&id=2904&llvl=2&cv=20211209-5-RELEASE&
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203221.617511,VS0,VE8
x-served-by: cache-lcy19223-LCY
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 19ms
19ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 64
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: hoPNPh1QJkWNZqGDvp+NDnzLucUemuuIQ8XNqi8fkc/VU12pGtDI/Oa3j8f5SyOcthMAWBV+ls8=
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1639203221.621315,VS0,VE0
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: C4YPVPXYZMYNP8NW
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 44
x-cache-hits: 66

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 124ms
40ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.diariodocentrodomundo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 112ms
40ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.diariodocentrodomundo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-network/ Frame AF28 644 KB
144 KB 21ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 299b5acb9faf9948c3454c9742f39365caee104519702ff86ec8bf852ba340b8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: c6aBVURUuEPC6KWhgQsBIEWQ156qKI8R
content-encoding: gzip
etag: "3a8bfbe4d2b4c2eba1b9c0e9ecfb1449"
age: 29
x-cache: HIT
content-length: 147425
x-amz-id-2: 4sjVOyjpQFxB9Icst7LAOXMJmUSXrJUkJaTdBOkmudXdMSCJyaabPuv+Iu/InOnWhOb4u7BzPuM=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:32:12 GMT
server: AmazonS3
x-timer: S1639203221.705302,VS0,VE1
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: MD53JB70KYM7BFC3
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 76
x-cache-hits: 1

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame FFD3 5 KB
3 KB 115ms
114ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

332e83c786065b0bccef2bc3176bda606ade377da143d6c5c41ff81f30429db5

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

Connection: keep-alive
Content-Length: 2351
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 27 Sep 2021 07:24:14 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 11 Dec 2021 06:13:40 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/google/ 26 KB
9 KB 138ms
137ms XHR
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/google/?position=recommendations&shortname=diariodocentrodomundo&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23ff0000&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&disqus_version=current
Requested by: Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/recommendations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: a6d5721de079d2edfa07da28e19a19f5710dc0ecd3ad982f870fe706733bddcf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:40 GMT
Content-Encoding: gzip
Server: openresty
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
transfer-encoding: chunked
X-Service: router
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 95ms
95ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8gsudhf5sbntn&experiment=network_default&variant=fallthrough&service=dynamic&area=recommendations&product=recommendations&forum=diariodocentrodomundo&zone=thread&version=42dfcc5041eed24b84f85a10a88fa215&page_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2233022

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 490049668__kt0feeI4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 22 KB
22 KB 45ms
37ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/490049668__kt0feeI4.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 56c30800cfcb0714e035d195b222c7de83744c1d465c0e50a02a971e6e97b6fd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 318883
edge-cache-tag: 574468697795230361036764397071511284397,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-tag: 574468697795230361036764397071511284397,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 569
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/490049668__kt0feeI4.jpg
content-length: 22306
x-request-id: c15a47bebb401b196143decb36580f35
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Tue, 07 Dec 2021 12:18:34 GMT
server: nginx
x-timer: S1639203221.759116,VS0,VE1
etag: "7f19c3f38546861afc368b367d2e3363"
x-served-by: cache-wdc5539-WDC, cache-dca17773-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 uc%3Fid%3D1IgOcv5CPOrDajIib10k3o-M7Md2mfQta
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/ 12 KB
12 KB 28ms
22ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/uc%3Fid%3D1IgOcv5CPOrDajIib10k3o-M7Md2mfQta
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e0a898937be1b856713227ff94add695d672d04b8ea2aafb8864beb240b255b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 1460173
edge-cache-tag: 492131585343278586158680241511682486192,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 386
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/uc%3Fid%3D1IgOcv5CPOrDajIib10k3o-M7Md2mfQta
content-length: 11776
x-request-id: c1634de6cdc6d4e00b3e62c8752bde89
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Wed, 24 Nov 2021 05:52:06 GMT
server: nginx
x-timer: S1639203221.758983,VS0,VE0
etag: "771616a2c87ea11d33c0130e124f8161"
x-served-by: cache-wdc5541-WDC, cache-dca17725-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

GET
H2 200 94d46af3c04ce81136e598d0ec794ab7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
27 KB 26ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94d46af3c04ce81136e598d0ec794ab7.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 48dfd3ffcd284d5d6c48be7d7edac4c8d67f778180746ccfb17b5c964cf7fac8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 2278768
edge-cache-tag: 331972698464505008723261319863681396859,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 233
expiration: expiry-date="Sun, 05 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94d46af3c04ce81136e598d0ec794ab7.jpg
content-length: 27144
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Thu, 04 Nov 2021 04:44:34 GMT
server: nginx
x-timer: S1639203221.758875,VS0,VE0
etag: "34c9a17cb398c8de250a286accb48ae7"
x-served-by: cache-dca17761-DCA, cache-dca17736-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 5

GET
H2 200 55e273663bac989f975a7afbde78283e.jpg
images.taboola.com/taboola/image/fetch/h_334,w_600,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 28ms
22ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_334,w_600,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55e273663bac989f975a7afbde78283e.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7ff9a3f6c2e9567b5e0304318ebb79c3ab5608dc39a8dfec3a42b2ca024bfa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 845904
edge-cache-tag: 627974360177279672713032784401382741785,295383823289756176040689211279487392370,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 138
expiration: expiry-date="Fri, 31 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/h_334,w_600,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/55e273663bac989f975a7afbde78283e.jpg
content-length: 13670
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 30 Nov 2021 12:19:58 GMT
server: nginx
x-timer: S1639203221.758816,VS0,VE1
etag: "ce7bd2a66e0eca00840e4d03f844d19e"
x-served-by: cache-bwi5066-BWI, cache-dca17754-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 single-meghan-9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d1drizi4fft318.cloudfront.net/wp-content/uploads/2019/08/01105125/ 16 KB
17 KB 42ms
36ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d1drizi4fft318.cloudfront.net/wp-content/uploads/2019/08/01105125/single-meghan-9.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c2fac3c3d6d6d5dff814dec41443db2b8bbff672b68e1442a39b83142c007d5c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 2392820
edge-cache-tag: 588031146430086160081402138812301618043,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 139
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//d1drizi4fft318.cloudfront.net/wp-content/uploads/2019/08/01105125/single-meghan-9.jpg
content-length: 16270
x-request-id: f93a9cfc3fde1e7b0e46621f583966af
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Mon, 08 Nov 2021 09:09:41 GMT
server: nginx
x-timer: S1639203221.759056,VS0,VE1
etag: "d2fed5a8e2b341402a7cde0e037f5bdb"
x-served-by: cache-wdc5542-WDC, cache-dca17767-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 87225a3f31a3adfe2e8303681f50c414.png
images.taboola.com/taboola/image/fetch/h_223,w_400,c_fill,g_xy_center,x_374,y_432/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
10 KB 28ms
23ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_223,w_400,c_fill,g_xy_center,x_374,y_432/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87225a3f31a3adfe2e8303681f50c414.png
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 31d1364a7f81d75264d336e2f91a35c13e04ac46cb11f75c6d2de3f814edc1d3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 576626
edge-cache-tag: 574074116501152839956711683023477174362,364659173938664750735382499860375924083,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 839
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_223,w_400,c_fill,g_xy_center,x_374,y_432/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87225a3f31a3adfe2e8303681f50c414.png
content-length: 9794
x-request-id: 5e5694fe69ebfd9ff04ba06904ae3da8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Sat, 04 Dec 2021 09:22:36 GMT
server: nginx
x-timer: S1639203221.758717,VS0,VE1
etag: "bd6adf16226c601600db59c5d7a5dc2c"
x-served-by: cache-wdc5532-WDC, cache-dca17750-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
18 KB 289ms
289ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1251004319598717&correlator=1110506337871502&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmp-v-cont4&cookie_enabled=1&bc=31&abxe=1&lmt=1639203218&dt=1639203221148&dlt=1639203218985&idt=2058&frm=20&biw=1600&bih=1200&oid=2&adxs=437&adys=1902&adks=2936037285&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1021x1687&msz=972x0&ga_vid=409617009.1639203221&ga_sid=1639203221&ga_hid=543701649&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3bfd43fe65c30b9107e12e0973e030eac779beb7640ccfe2a9c6cebd73f16df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18396
x-xss-protection: 0
google-lineitem-id: 5844805895
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373386799
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 62F1 6 KB
4 KB 140ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:40 GMT
expires: Sun, 11 Dec 2022 06:13:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 535ms
534ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1251004319598717&correlator=1110506337871502&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmp-v-cont1&cookie_enabled=1&bc=31&abxe=1&lmt=1639203218&dt=1639203221177&dlt=1639203218985&idt=2058&frm=20&biw=1600&bih=1200&oid=2&adxs=437&adys=1242&adks=681583754&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1021x1687&msz=972x0&ga_vid=409617009.1639203221&ga_sid=1639203221&ga_hid=543701649&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

770e67122c5eb3870de2ed06adbb455a043fe69b7906dcbc197aca6ffa0fbf13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10547
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 765ms
765ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1251004319598717&correlator=1110506337871502&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C300x100&prev_scp=refresh%3Dtrue%26site%3Ddiariodocentrodomundo%26place%3Ddm-sticky&cookie_enabled=1&bc=31&abxe=1&lmt=1639203218&dt=1639203221182&dlt=1639203218985&idt=2058&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=3380540317&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=409617009.1639203221&ga_sid=1639203221&ga_hid=543701649&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

161b6f6ab06a0b8fe1d5071f7e4a96807c13f77488be9722a420246766bcbc73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10469
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 960ms
960ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1251004319598717&correlator=1110506337871502&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmp-v-cont3&cookie_enabled=1&bc=31&abxe=1&lmt=1639203218&dt=1639203221187&dlt=1639203218985&idt=2058&frm=20&biw=1600&bih=1200&oid=2&adxs=437&adys=1642&adks=1740340927&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1021x1687&msz=972x0&ga_vid=409617009.1639203221&ga_sid=1639203221&ga_hid=543701649&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

86e07b354a82b7597058f2f470c03c12ea700b4654a49f29a550b41f4525c43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9732
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 97 KB
26 KB 1225ms
1225ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1251004319598717&correlator=1110506337871502&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmp-v-cont2&cookie_enabled=1&bc=31&abxe=1&lmt=1639203218&dt=1639203221191&dlt=1639203218985&idt=2058&frm=20&biw=1600&bih=1200&oid=2&adxs=437&adys=1450&adks=2893389678&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1021x1687&msz=972x0&ga_vid=409617009.1639203221&ga_sid=1639203221&ga_hid=543701649&ga_fc=true&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c7bfaed9109d332d38ecf90b9717072a23d78ea48905cf903469fdcc1a0e9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26108
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 79 KB
27 KB 1825ms
1824ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1251004319598717&correlator=1110506337871502&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmp-h-destaque1&cookie_enabled=1&bc=31&abxe=1&lmt=1639203218&dt=1639203221195&dlt=1639203218985&idt=2058&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=174&adks=2610948703&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1570x174&msz=1570x0&ga_vid=409617009.1639203221&ga_sid=1639203221&ga_hid=543701649&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

12ac101818b7d196f584bb2d54b79e99fec0957b4073eb21912a2453c47b99d1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMXjme6L2_QCFdYZ4Aodn-AAzw&gqi=&layout=/sadbundle/%24csp%253Der3%24/17368370350617788416/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMXjme6L2_QCFdYZ4Aodn-AAzw&gqi=&layout=/sadbundle/%24csp%253Der3%24/17368370350617788416/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27227
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 11 Dec 2021 06:13:42 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 98 KB
26 KB 1490ms
1489ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1251004319598717&correlator=1110506337871502&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60%7C320x100%7C320x50&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmp-h-dimagem&cookie_enabled=1&bc=31&abxe=1&lmt=1639203218&dt=1639203221199&dlt=1639203218985&idt=2058&frm=20&biw=1600&bih=1200&oid=2&adxs=567&adys=1074&adks=3225945500&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1021x1687&msz=972x0&ga_vid=409617009.1639203221&ga_sid=1639203221&ga_hid=543701649&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2743a9a9945a81f0a8e21752b96d97da93249b51c4385d1c4781a2260b927eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26281
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
26 KB 2008ms
2008ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1251004319598717&correlator=1110506337871502&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%3A54925924%2Cdiariodocentrodomundo_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&prev_scp=site%3Ddiariodocentrodomundo%26place%3Ddmp-v-cont5&cookie_enabled=1&bc=31&abxe=1&lmt=1639203218&dt=1639203221202&dlt=1639203218985&idt=2058&frm=20&biw=1600&bih=1200&oid=2&adxs=437&adys=2070&adks=2500092422&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1021x1687&msz=972x0&ga_vid=409617009.1639203221&ga_sid=1639203221&ga_hid=543701649&ga_fc=true&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e5a65fbe0e10c6a10d22c0cb3f8aae1d7532d7c70c1aa0a4a845f1e1e7b0748b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7tsO6L2_QCFS7YEQgdBYEEsw&gqi=&layout=/sadbundle/%24csp%253Der3%24/17368370350617788416/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7tsO6L2_QCFS7YEQgdBYEEsw&gqi=&layout=/sadbundle/%24csp%253Der3%24/17368370350617788416/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27035
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 11 Dec 2021 06:13:42 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 98bea1c4b686b6bc9976377761c50ffd.png
images.taboola.com/taboola/image/fetch/h_223,w_400,c_fill,g_xy_center,x_434,y_169/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_223,w_400,c_fill,g_xy_center,x_434,y_169/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98bea1c4b686b6bc9976377761c50ffd.png
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e50dda78673211ebdeaaa5a17ca9744138b67f9d1c5e265daa0df6db8bf2ad82

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 2617798
edge-cache-tag: 393266586496992847423739678300800455124,536928954494205719728069653650786012929,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 192
expiration: expiry-date="Tue, 23 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_223,w_400,c_fill,g_xy_center,x_434,y_169/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98bea1c4b686b6bc9976377761c50ffd.png
content-length: 8480
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Sat, 23 Oct 2021 06:36:08 GMT
server: nginx
x-timer: S1639203221.819271,VS0,VE1
etag: "bd013494c6b3ca892cc0331ef08d9131"
x-served-by: cache-bwi5021-BWI, cache-dca17725-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
3 KB 40ms
40ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a813db0ebfaa78ea76648ec27b7ae3a2e26b6a88740b89d598d1985ca3a4c1b0

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
machineid: 1446
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy19223-LCY
pragma: no-cache
server: nginx
x-timer: S1639203221.819723,VS0,VE21
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 28b156bab555033082163cf7b4cde551.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 26ms
26ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/28b156bab555033082163cf7b4cde551.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 718bbdabb39de503d2bd89ad6af1a942877c9373c3d4268251a32a9d22f53f14

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 865541
edge-cache-tag: 603530666801434461102329912107512467870,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 173
expiration: expiry-date="Thu, 30 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/28b156bab555033082163cf7b4cde551.jpg
content-length: 24582
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 29 Nov 2021 12:18:21 GMT
server: nginx
x-timer: S1639203221.819815,VS0,VE1
etag: "bde493c6bdf5390d294edbbeead0f228"
x-served-by: cache-bwi5027-BWI, cache-dca17726-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 naga-munchetty-t.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.hellomagazine.com/imagenes/cuisine/20210804118968/bbc-breakfast-naga-munchett... 19 KB
20 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.hellomagazine.com/imagenes/cuisine/20210804118968/bbc-breakfast-naga-munchetty-hints-unexpected-eating-habits/0-575-612/naga-munchetty-t.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bb08b87c3d0fb1a970cd16168c430a8b5bff33e80fbc96126c0b4d13c4763dc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 1482446
edge-cache-tag: 382232112764423528018930376634802445629,408830795468236920077589974014039342143,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 131
expiration: expiry-date="Sun, 28 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.hellomagazine.com/imagenes/cuisine/20210804118968/bbc-breakfast-naga-munchetty-hints-unexpected-eating-habits/0-575-612/naga-munchetty-t.jpg
content-length: 19550
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Thu, 28 Oct 2021 09:08:49 GMT
server: nginx
x-timer: S1639203221.820155,VS0,VE0
etag: "1e8c2f8420bf645a29abfb18202a2cd9"
x-served-by: cache-wdc5529-WDC, cache-dca17768-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

GET
H2 200 6f0bbfa94a8afb40816a59fed1eb22a9.jpg
images.taboola.com/taboola/image/fetch/h_334,w_600,c_fill,g_xy_center,x_510,y_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
13 KB 27ms
27ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_334,w_600,c_fill,g_xy_center,x_510,y_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f0bbfa94a8afb40816a59fed1eb22a9.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a9d5646624e1a4ac467fe0e1a664007bd8b0b48035445211052b55e0beb865ea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 864806
edge-cache-tag: 414186546921205154198751781036997700172,386872957824947641071263518698603840163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 135
expiration: expiry-date="Mon, 13 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/h_334,w_600,c_fill,g_xy_center,x_510,y_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f0bbfa94a8afb40816a59fed1eb22a9.jpg
content-length: 13280
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 12 Nov 2021 13:34:11 GMT
server: nginx
x-timer: S1639203221.821418,VS0,VE1
etag: "a8060fcf6533cdc5a78d9368d9fd5dc4"
x-served-by: cache-bwi5022-BWI, cache-dca17732-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 tbp Show response
15.taboola.com/ 6 KB
2 KB 39ms
39ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 619fc5f463c4d57f09fcda55bacd247603c486871c5da40ee61d96dad64fc508

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
machineid: 1451
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy19223-LCY
pragma: no-cache
server: nginx
x-timer: S1639203221.828288,VS0,VE20
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 f7064ebb0f72d7d58ac69a6f667b67f0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
16 KB 21ms
21ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f7064ebb0f72d7d58ac69a6f667b67f0.png
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f9735815c0c8cd868a901ea7750ba8ee2186a646cf206bc3ece5dbb6da2267bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 1156144
edge-cache-tag: 421570914239233198147584343014232438087,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 64
expiration: expiry-date="Sun, 28 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f7064ebb0f72d7d58ac69a6f667b67f0.png
content-length: 15968
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 28 Oct 2021 09:11:45 GMT
server: nginx
x-timer: S1639203221.828411,VS0,VE1
etag: "557963b199aadc726230d06e09257ec3"
x-served-by: cache-wdc5573-WDC, cache-dca17724-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 Peanut-butter-with-olives-80281-35347-1-13429-1-57915.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wfmulti.wpengine.com/wp-content/uploads/2021/05/ 8 KB
9 KB 20ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wfmulti.wpengine.com/wp-content/uploads/2021/05/Peanut-butter-with-olives-80281-35347-1-13429-1-57915.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 29a5d7315757963c3803bc358f2bf5a83bdd2fa6dc3b364fac3361f1cdc5e8e0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 1542881
edge-cache-tag: 385832095662746213656354146733334721572,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 360
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wfmulti.wpengine.com/wp-content/uploads/2021/05/Peanut-butter-with-olives-80281-35347-1-13429-1-57915.jpg
content-length: 8234
x-request-id: 5b0ec52a975d7828bb3857cabb11866e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 23 Nov 2021 09:07:21 GMT
server: nginx
x-timer: S1639203221.828535,VS0,VE1
etag: "409a6e59695de834c8fffe842d34957b"
x-served-by: cache-wdc5520-WDC, cache-dca17736-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 fe0e63b07ce9fecebf9fed65ebd5be9f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe0e63b07ce9fecebf9fed65ebd5be9f.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ed84c162fa21cc210412b7f8ed6382f7a34dc0d930961067e4e897fc1e21f279

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 753953
edge-cache-tag: 601029612776006161332650120214693926243,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 385
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe0e63b07ce9fecebf9fed65ebd5be9f.jpg
content-length: 14514
x-request-id: f270df4e47c60a3b76121b740d3dcc8f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Thu, 02 Dec 2021 08:59:53 GMT
server: nginx
x-timer: S1639203221.839565,VS0,VE1
etag: "ab8d66c890d7d98ac81c5facedde966d"
x-served-by: cache-dca17780-DCA, cache-dca17757-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 web Show response
onesignal.com/api/v1/sync/0150d19a-6edc-47ef-8a9e-748418205bcb/ 3 KB
2 KB 363ms
352ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/0150d19a-6edc-47ef-8a9e-748418205bcb/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23bdd105b4c1234a15fa1a7621040ce0cfea24f8379360381e500ca436a4504f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200 OK
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 728130a8-ec1f-4d77-9b64-0238fd665c5a
x-runtime: 0.022804
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"23bdd105b4c1234a15fa1a7621040ce0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6bbc91828ad40e16-MXP
access-control-allow-headers: SDK-Version
expires: Sat, 11 Dec 2021 07:13:41 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame FCB1 0
176 B 108ms
107ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 112ms
112ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.5.4/ 98 KB
28 KB 20ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af826959e3b915ae25f936e25e0384e389fbaa98574273c18e54abf57883c723

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 9d050fbf11362165fc47c03a14392c36.cloudfront.net (CloudFront), 1.1 varnish
age: 1800622
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 28757
x-served-by: cache-lcy19223-LCY
last-modified: Sat, 20 Nov 2021 10:02:27 GMT
server: AmazonS3
x-timer: S1639203221.881684,VS0,VE0
etag: "818ebe9395490135acd5fbeb0c9df2e9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: tAxnr0tJNe3vtZthMV7SsS7KfqRZ-I6S0c4Ec8Q9pBVqyq71z7ph2A==
x-cache-hits: 41696

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8C83 0
18 B 63ms
30ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.diariodocentrodomundo.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Sat, 11 Dec 2021 06:13:40 GMT

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 19ms
18ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
via: 1.1 94bbde231de97266ba4561ecfe3eb74d.cloudfront.net (CloudFront), 1.1 varnish
age: 2004499
x-amz-meta-mtime: 1580720676
x-cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-lcy19223-LCY
last-modified: Mon, 03 Feb 2020 09:09:18 GMT
server: AmazonS3
x-timer: S1639203221.897312,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR62-C5
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: s5omYpeD2IVKtQk3hwhD2UFx-j5KElPCq6gs8v_OFF8ffnIRb7hsOg==
x-cache-hits: 160150

GET
H2 200 lounge.load.9068118211410bc5f67f5bb8d6806cba.js Show response
c.disquscdn.com/next/embed/ Frame E624 958 B
1 KB 92ms
30ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.9068118211410bc5f67f5bb8d6806cba.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0376879a45be95f1d718c2a90d0b35986973e87d6f4c790b4c7046343464b72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
Origin: https://disqus.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283593
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 494
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1ee"
content-type: application/javascript; charset=utf-8
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: _XaqVZICm5hlTDeiS4WV2HIVGt03WfxbqBzsMwQYadx4zEE8-0py6w==
x-cache-hits: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158685/2513/ Frame D051 169 KB
55 KB 145ms
43ms Script
text/javascript 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Requested by: Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/recommendations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1f840b419e0b8cec7b58cffdb09369247ee64513cb4c0cb94bb7ce2a03e78267

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 03:01:28 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a14d7-2a266-5d2351f900075"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=91913
accept-ranges: bytes
content-type: text/javascript
content-length: 55335
expires: Sun, 12 Dec 2021 07:45:34 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D051 78 KB
26 KB 47ms
46ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/recommendations.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1067 / 818 of 1000 / last-modified: 1639177483"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Dec 2021 06:13:40 GMT

GET
H2 200 prebid.6.2.0.js Show response
c.disquscdn.com/js/dist/ Frame D051 369 KB
109 KB 32ms
30ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/js/dist/prebid.6.2.0.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

02244c0ba63616b451424382305ca5b9f9ca354be5608d40747ad53a67b95da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 16:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 825237
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 110581
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Wed, 01 Dec 2021 14:02:15 GMT
server: nginx
etag: "61a78067-1aff5"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Fri, 31 Dec 2021 16:59:43 GMT
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 3YKsTpe6mli1be5RQKRrZ4a5wr_OIVay8UOc4NR-EJpzvR2o3dIj4Q==
x-cache-hits: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame DC0F 232 B
447 B 171ms
124ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=05915c5192f965987dd6cc85acd98cc2eb855877

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 105
date: Sat, 11 Dec 2021 06:13:40 GMT
content-encoding: gzip
last-modified: Sat, 11 Dec 2021 06:13:41 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c71d33279fd48633f17e9935c2e6c4cb3ebd7e2c5140667bae08e7157819a302
content-length: 166

GET
H2 200 next-up-widget.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 12 KB
4 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodocentrodomundo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c215277d06755175fc5022df97d0282917263f811745c969a0954890b30fc344

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: QGB70lFoTuzrSCSpX4V3EIrq57ElY7R7
content-encoding: gzip
etag: "73a1fe8a7bbe6123e7043bec22b8214e"
age: 8
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3359
x-amz-id-2: izTaYFYAGus8/6rJNtjFJqdEc2j2/O0OWMKH/uLAG0qOJiJqt64nhhQnErZ5Qi8o8iRmuiisWNo=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:17:10 GMT
server: AmazonS3
x-timer: S1639203221.950943,VS0,VE1
date: Sat, 11 Dec 2021 06:13:40 GMT
vary: Accept-Encoding
x-amz-request-id: HVZ5HE2439S04HEJ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 1

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame 964A 325 B
486 B 176ms
56ms Document
text/html 2.22.77.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.77.98 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-77-98.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.2.6
content-length: 325
expires: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:41 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 214ms
84ms Image
image/gif 23.195.249.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=e1cacc00-33db-4817-b267-bcaf319bc2a8&pageId=67790&pid=72694&debug_metadata=CZwV4cM0v0&fv=927&ts=1639203221402&f=1&referer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.65 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 214ms
84ms Image
image/gif 23.195.249.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=e1cacc00-33db-4817-b267-bcaf319bc2a8&pageId=67790&pid=72694&slot=native&fv=927&ts=1639203221424&f=1&referer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.65 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 215ms
87ms Image
image/gif 23.195.249.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=1bb0f629-40a8-4572-975c-a6761159aed0&pageId=67790&pid=72695&debug_metadata=KobbHK6X5l&fv=927&ts=1639203221430&f=1&referer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.65 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 220ms
92ms Image
image/gif 23.195.249.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=1bb0f629-40a8-4572-975c-a6761159aed0&pageId=67790&pid=72695&slot=multislot&fv=927&ts=1639203221435&f=1&referer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.65 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 219ms
91ms Image
image/gif 23.195.249.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=c91a350c-a4c3-4e43-9f0a-477931b700a9&pageId=67790&pid=139414&debug_metadata=evzh3YXnLB&fv=927&ts=1639203221438&f=1&referer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.65 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 222ms
95ms Image
image/gif 23.195.249.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=c91a350c-a4c3-4e43-9f0a-477931b700a9&pageId=67790&pid=139414&fv=927&ts=1639203221441&f=1&referer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.65 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/67790/ 537 B
580 B 65ms
64ms XHR
application/json 23.200.213.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/67790/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&page=%7B%22id%22%3A67790%2C%22placements%22%3A%5B%7B%22id%22%3A72694%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1021%2C%22height%22%3A574%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=e1cacc00-33db-4817-b267-bcaf319bc2a8&formatVersion=927&env=js-web&netBw=9.7&ttfb=1079
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.213.98 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-213-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb5eb269f7e3a3c7feae054946e627ae1ac878d54e33a624aedceb4f36033665

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 361
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
H2 200 ad Show response
a.teads.tv/page/67790/ 538 B
589 B 62ms
62ms XHR
application/json 23.200.213.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/67790/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&page=%7B%22id%22%3A67790%2C%22placements%22%3A%5B%7B%22id%22%3A72695%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1021%2C%22height%22%3A574%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=1bb0f629-40a8-4572-975c-a6761159aed0&formatVersion=927&env=js-web&netBw=9.7&ttfb=1079
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.213.98 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-213-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ccdf5c04f38cba61a77325c5f3b93dc83a448ee616014c7d000dfc7154b725f7

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 370
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
H2 200 impl.20211209-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame AF28 610 KB
126 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 26bb50500bfdfa32376bca2911e642ee1c3f01a917646ab6cb3bc6df4d25d097

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: SOLKO8WJgmT0SiilF5V3OadNbgwvgy1C
content-encoding: br
etag: "8bc47a0f6c2e1ea57114b0cb6f8f0944"
age: 15481
x-cache: HIT
content-length: 128479
x-amz-id-2: 8imBtykLzzCv09A15SEjIUejp0D5WHfudfQO7xuK98VlCBldOvMKHbra+M4bEKbzbAnYNYLSmvM=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 09:55:31 GMT
server: AmazonS3-br
x-timer: S1639203221.096810,VS0,VE0
date: Sat, 11 Dec 2021 06:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: P9CJ2SMA5RJ9GHWH
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 44
x-cache-hits: 11460

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame AF28 1 KB
1 KB 33ms
33ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 07:25:07 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 82115
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: ysfwy0Fdu4axtlyH28el6p1eXE3TbXzElciqUuPTPGu-7uvHLwcwUg==

GET
H2 200 cs
cs.lkqd.net/ Frame 8F88 43 B
308 B 109ms
108ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8F88 43 B
308 B 109ms
108ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8F88 43 B
308 B 110ms
109ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8F88 43 B
308 B 110ms
110ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 8F88
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538

43 B
308 B

109ms
108ms

Image
image/gif

146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js Show response
c.disquscdn.com/next/recommendations/ Frame FFD3 923 B
1018 B 31ms
30ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2bfdbf7d2df8d37016a17d53674d2799bb77996a763bf2bee8b1f604dd31a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4611015
x-cache: Hit from cloudfront
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: s8kbkncke_r5kCjCn4vN05X9vDz3zL2hc2XFdtofmpCgnWLLED9xpw==
x-cache-hits: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6993 78 KB
26 KB 218ms
218ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.teads.tv
URL: https://a.teads.tv/page/67790/tag

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1067 / 646 of 1000 / last-modified: 1639177483"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 89ms
85ms Image
image/gif 23.195.249.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=e1cacc00-33db-4817-b267-bcaf319bc2a8&pageId=67790&pid=72694&slot=native&vid=00000000-0000-0000-0000-000000000001&fv=927&ts=1639203221557&f=1&referer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.65 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 94ms
94ms Image
image/gif 23.195.249.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=72694&pageId=67790&auctid=e1cacc00-33db-4817-b267-bcaf319bc2a8&vid=00000000-0000-0000-0000-000000000001&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&p=v7SR23rs_Aqk7VeSZkcm927n&cts=1639203221087&cs=377812273884518737605&fv=927&ts=1639203221572&referer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.65 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 st Show response
imprammp.taboola.com/ Frame CE96 0
90 B 43ms
42ms Document
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=10DCF2B5E2413085101241524191&cicmp=1337627&cijs=1&dast=V78igCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzEYcWiUCWtFGS02g-FqsFxMJqPdaDFYLCFhFovFaDJbDadgsIXP6e5uQwqaTofPda_X_X53kdNhefpNfo_Lbrr8TX63627y2zV-t11i-csBAAAA4AGAqCUaYse3oT0CAAAAQIJn5FqBIqDi30LgAgAAAAADgEAsXANAnAMBHaab02U2-QMA4EEBBABAACMEwCHrTQQAAABgBAAAAIAEQCCxsATA4W7RBAAgoA8VpGXqBAAA4KBO5mmb5f___z8GIO-9SQaAIm3jxqAH4MEH4EEIAADgYujS4uz52lkmnajAtIgRAAAAgDCJW-nRpE6oLKr-____rQCuAAAC-lBBWsaybk6KWcMAAAAAxhboYfH7zQ67xu922f________-_2f8ZAJrQEwBAmm-d8KMaz8i1wtovIAAA27sBALwJwMUcgB0AAADA3f___38eAAAA1h4l22s1nj3Kep_BFj6nu7t-E7YYrSaTzXI4Wy4mg-FoOBrtTyBnA5yIwXI5mSwmu9VoNdoMd6PZYIECMZggRYsGk9VoNFlMhqvRZDVbLna7DVK0ajUbbQbD1Wwy2-1Ww8FwORrhhC1Gq8lksxzOlovJYDgajkZDPKg6l87n1fnoEMvRXDObKxaDuWK2WiUAAAAAAAAAgCVMmTcBAAAAOA1iNpvsdituvNkzQazValkDAAAAcOtGDg!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

server: nginx
accept-ranges: bytes
date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 varnish
x-served-by: cache-lcy19223-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1639203221.190786,VS0,VE8
content-length: 0

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/30_3_6010/infra/ 604 KB
112 KB 20ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 varnish
age: 1529572
x-amz-meta-mtime: 1637665336
x-cache: HIT
x-amz-meta-ctime: 1637665337
x-amz-meta-mode: 33188
content-encoding: br
content-length: 114684
x-amz-id-2: sTqdsZ+tLSPmipVaDg7PHmDfdkdjKK1Rg+5BlGQu1mt2emgQpW6lh5FtikXaEsciWRfCuibdFYo=
x-served-by: cache-lcy19223-LCY
accept-ranges: bytes
last-modified: Tue, 23 Nov 2021 11:02:18 GMT
server: AmazonS3-br
x-timer: S1639203221.190501,VS0,VE0
etag: "c85616763ae0c5c14b78b36594bb92db"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: HSH966319T58B3HE
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 120273

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/ 61 KB
8 KB 42ms
42ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 varnish
age: 1529572
x-amz-meta-mtime: 1637665346
x-cache: HIT
x-amz-meta-ctime: 1637665346
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8011
x-amz-id-2: FPwq3mAZR8Pbcp/5vbxVY/kJMU92iXH9aNpyK98t9mDwl2scLA22Fxnl+NDx/a5f5ysE6ngwb44=
x-served-by: cache-lcy19223-LCY
accept-ranges: bytes
last-modified: Tue, 23 Nov 2021 11:02:27 GMT
server: AmazonS3-br
x-timer: S1639203221.190693,VS0,VE0
etag: "35d592e602402e62e13fc963c20298fc"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: HSH8K1RK1YWCMQ72
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 110365

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 5AA7 0
52 B 40ms
40ms Document
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=84228EC252374251862050303999&cicmp=1337627&cijs=1&dast=V72v0CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDiaTIYrDmU12exGk9ViuFosB4PZaLNaLZaQMIvFYjSZrYZTMNjC53R3tyEFTafD57rX636_u8jpsDz9Jr_HZTdd_ia_23U3-e0av9susfzlAAAAAPAAQNQSDbHj29AeAQAAACDBM3KtQBFQ8W8hcAEAAACAAUAgFq4BIM6BgA7Tzekym_wBAPCgAAIAIIARAuCQBScCAAAAMAIAAABAAiCQWFgC4HC3aAIAENCHCtJydQIAAHBQJ_O0zfL___8fA5D33iQDQJG2cWPQA_DgA_AgBAAAcDFEB9z05tQ_PUFUsFrECAAAAECYxK30aFInVBZV_____1YAVwAAAX2oIC1sWTcnxaxhAAAAAGML9LD4_WaHXeN3u-z_________3-z_DABN6AkAIM23TvhRjWfkWmHtFxAAgO3dAADeBOBiDsAOAAAA4O7___8_DwAAAGWPku21Gs8eZb3PYAuf091dvwlbjFaTyWY5nC0Xk8FwNByN9ieQswFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIR5UnUvn8-p8dIjlaK6ZzRWLwVwxW60SAAAAAAAAAMASpsybAAAAAJwGMZtNdrsVN97smSDWarWsAQAAALh1Iwc!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

server: nginx
accept-ranges: bytes
date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 varnish
x-served-by: cache-lcy19223-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1639203221.193215,VS0,VE9
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 161ms
51ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&domain=www.diariodocentrodomundo.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1269
date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame D051
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&domain=www.diariodocentrodomundo.com.br&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=G49KhXx1MGJOYm9hZVNRVHhYVElKL1ZINHlSa0FMa3FqdlFEMWdITjUzMU1uSldCc2tVL3VLRnBnMkh3ejI0MkxaVTllMW5Yc3dQZkRVN1RjVUsrb0tEL3FzSFNkalBQY1MrejZWMkNhaHArUVJwUXdDZHNpQmhYZ1NhRk...

409 B
646 B

81ms
28ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=G49KhXx1MGJOYm9hZVNRVHhYVElKL1ZINHlSa0FMa3FqdlFEMWdITjUzMU1uSldCc2tVL3VLRnBnMkh3ejI0MkxaVTllMW5Yc3dQZkRVN1RjVUsrb0tEL3FzSFNkalBQY1MrejZWMkNhaHArUVJwUXdDZHNpQmhYZ1NhRkdFamN4WXk5RVZaWkxhSFVST1Rac2FBOVlLOHRkbUdleG5aMlExVzRzb1dSZm81Q0srZTlBWXlHQjY5dWFIenBwZk9ySFZNdzNXRERhNEpDL0Zab1ZEcXFFN0d6eEpPYW9mTHRORThKbnluNUNsZUYxRi9CMmF0RHVNS1pOeHdTT0tST2pva1ZLfA&cppv=2

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e40cf12f53823be2946db860a9e5948d5784edc4eb2ef669ecc7f6688533fabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 11 Dec 2021 06:13:41 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2307
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 11 Dec 2021 06:13:40 GMT
location: https://mug.criteo.com/sid?cpp=G49KhXx1MGJOYm9hZVNRVHhYVElKL1ZINHlSa0FMa3FqdlFEMWdITjUzMU1uSldCc2tVL3VLRnBnMkh3ejI0MkxaVTllMW5Yc3dQZkRVN1RjVUsrb0tEL3FzSFNkalBQY1MrejZWMkNhaHArUVJwUXdDZHNpQmhYZ1NhRkdFamN4WXk5RVZaWkxhSFVST1Rac2FBOVlLOHRkbUdleG5aMlExVzRzb1dSZm81Q0srZTlBWXlHQjY5dWFIenBwZk9ySFZNdzNXRERhNEpDL0Zab1ZEcXFFN0d6eEpPYW9mTHRORThKbnluNUNsZUYxRi9CMmF0RHVNS1pOeHdTT0tST2pva1ZLfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1804
content-length: 509
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B64C 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDZ-0J4f47LbRcNPzj7X0UYW2kOCJT6SqVB-Ot5coh2smkxAX8YWGFGXNRjD--1iOAAL4rbanyw71GN9BYT2yfi4otKurlQhKxvRvZr3bzJ1nI7rAzbTIUomPKiTnBtTLsK0YI8FG9yw_93A1dTqN1WRlEq5zqj9Iq0uE5AXuq_hB_VKBTRUZwznezHFenP3reePjiW8iGuFgyAwV8lq25_dEj9bR6O2X18YeJ7oIPZqBgf6hHSsuYR-Q6jd-DhJ6eEuQnGDPoUUArlBxBWPwbUmj08Cr1wZug8-II_ueGDh83M9AACUYw4uXETP4nVG8S-Lt_CRbDNjShvxq-oSxF1Vd9_dwpfDlPiH82s6HIyEoG&sig=Cg0ArKJSzCa1vWZOlS_yEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame B64C 19 KB
8 KB 102ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:09:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B64C 2 KB
1 KB 105ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:10:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B64C 119 KB
37 KB 127ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B64C 0
0 78ms
39ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3tiXLU9WvQ6zXFBs35LXgYmSWEntg65iSW1FKey8o7OqRoeKqQDfrsCzoAwQB586U3NaZudeLJGBhi-VJkjsAte4RaQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 17657797851197649295
tpc.googlesyndication.com/simgad/ Frame B64C 63 KB
64 KB 105ms
35ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17657797851197649295

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df946b6dcd5cc0e10dee91ac7550349110a9cb95faef4211df970ac46acbbb53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:26:00 GMT
x-content-type-options: nosniff
age: 326861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64744
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 21:22:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 11:26:00 GMT

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js Show response
c.disquscdn.com/next/embed/ Frame E624 282 KB
93 KB 31ms
31ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9068118211410bc5f67f5bb8d6806cba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4030091
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: in9ErXGAfaRaut1NsRieIECCmYK5EqwwD2gIyMFQjMr2RqtePiKhQg==
x-cache-hits: 0

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D051 348 KB
117 KB 40ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
H2 200 json Show response
trc.taboola.com/unknown-site-on-disqus-network/trc/3/ Frame AF28 34 KB
11 KB 111ms
111ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/unknown-site-on-disqus-network/trc/3/json?tim=06%3A13%3A41.930&lti=deflated&data=%7B%22id%22%3A720%2C%22ii%22%3A%22%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3A%22556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714%22%2C%22uifp%22%3A%22556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714%22%2C%22lbt%22%3A1639045921363%2C%22vi%22%3A1639203220664%2C%22cv%22%3A%2220211209-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A982%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A982%2C%22dh%22%3A27%2C%22nsid%22%3A%22disqus-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A18%2C%22uim%22%3A%22thumbnails-a%3Apub%3Ddisqus-network%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22diariodocentrodomundo%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22diariodocentrodomundo%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fde69d80f1c687b95dfc33c151fbc9563985129cbd399504a4238cf532bc2fc4

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 92
date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
server: nginx
x-timer: S1639203222.544804,VS0,VE92
x-served-by: cache-lcy19223-LCY
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 haddad-bolsonaro.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.diariodocentrodomundo.com.br/wp-content/uploads/2018/10/ 4 KB
5 KB 22ms
21ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.diariodocentrodomundo.com.br/wp-content/uploads/2018/10/haddad-bolsonaro.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5fc16c04e026fd6dff0b09181784a4cefe5403da4324f2c650faf49408aea15d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 114067
edge-cache-tag: 483551542514728830255292849631580539458,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 483551542514728830255292849631580539458,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 633
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.diariodocentrodomundo.com.br/wp-content/uploads/2018/10/haddad-bolsonaro.jpg
content-length: 4220
x-request-id: 56afc91a683b11effb09be8650769cf1
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 09 Dec 2021 19:46:11 GMT
server: nginx
x-timer: S1639203222.571412,VS0,VE1
etag: "3171a4e7149c6924ddc9349228a4ed07"
x-served-by: cache-bwi5036-BWI, cache-dca12921-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 490049668__kt0feeI4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 9 KB
10 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/490049668__kt0feeI4.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c946aa71f663be5b0f8705ba7db07ec1bbf0cb6141dbb01cbb6772741a8e608

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 318383
edge-cache-tag: 574468697795230361036764397071511284397,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 574468697795230361036764397071511284397,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 97
x-envoy-upstream-service-time: 469
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/490049668__kt0feeI4.jpg
content-length: 9540
x-request-id: 9fe3be53eca7528a33b336627e4eaac9
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Tue, 07 Dec 2021 12:18:34 GMT
server: nginx
x-timer: S1639203222.571497,VS0,VE1
etag: "8f53767f3f1c008fc87746041efb8b13"
x-served-by: cache-bwi5055-BWI, cache-dca17775-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 uc%3Fid%3D1IgOcv5CPOrDajIib10k3o-M7Md2mfQta
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/ 4 KB
4 KB 21ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/uc%3Fid%3D1IgOcv5CPOrDajIib10k3o-M7Md2mfQta
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b5a2f1c24adedd5e1793e6b1de6f11819f6529e0b68dd83e1bbfbcfce918dcb2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1442936
edge-cache-tag: 492131585343278586158680241511682486192,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 326
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//drive.google.com/uc%3Fid%3D1IgOcv5CPOrDajIib10k3o-M7Md2mfQta
content-length: 4042
x-request-id: 016703ae3d9b68b90b410cab18c51b22
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Wed, 24 Nov 2021 05:52:06 GMT
server: nginx
x-timer: S1639203222.571669,VS0,VE1
etag: "bcd98d0d9ffca2c833dee9cc34217efc"
x-served-by: cache-dca17760-DCA, cache-dca17758-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1

GET
H/1.1 200
OK horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js Show response
platform.twitter.com/js/ 7 KB
3 KB 51ms
51ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEB) /
Resource Hash: 7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:34:11 GMT
Server: ECS (mil/6CEB)
Age: 121639
Etag: "8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2438

GET
H2 200 common.bundle.6c6defcc206edabe5048d82459ee0a0e.js Show response
c.disquscdn.com/next/recommendations/ Frame FFD3 262 KB
87 KB 31ms
31ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4611016
x-cache: Hit from cloudfront
content-length: 88862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-15b1e"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: uceU7Oc1ZiMxuY4KJF0UhKF_SIOVb4fc82EIKLRZUimgFIuI4bX3ew==
x-cache-hits: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 94ms
27ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1138
date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 5E0F 928 B
599 B 31ms
31ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=undefined&cb=1639203221987&uv=3076&tms=1639203221987&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=4D2360E97239833529848531671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 varnish
x-served-by: cache-lcy19223-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1639203222.605293,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6B37 928 B
1014 B 96ms
28ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:41 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3404

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 5 KB
3 KB 260ms
254ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4918115&noaop=5&sortOrderType=0&cb=1639203221993&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1308&pt=754209034&tz=0&viewable=true&ddast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1436175&dpubid=243785&abtst=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br&en=1&subu=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1dc60b7d6cbf47b6e9ded6bebf35d14d85e824bd5c031a6cde0d8b0086a6b691

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
machineid: 1475
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy19223-LCY
pragma: no-cache
server: nginx
x-timer: S1639203222.614747,VS0,VE235
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://impr.taboola.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 90ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=31589837&cb=1639203221987&uv=3076&tms=1639203221987&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1639203217765.8!ts:1639203221987&mntl=1
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-length: 0
server: nginx

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/2.2.1/ 51 KB
16 KB 20ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 1e32ff56dbe60788e13e98e33367b4bb.cloudfront.net (CloudFront), 1.1 varnish
age: 2227739
x-amz-meta-mtime: 1542789750
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 15795
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 21 Nov 2018 08:42:31 GMT
server: AmazonS3
x-timer: S1639203222.708026,VS0,VE0
etag: "57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR62-C2
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: wD56YGziuQOIWifFpGQi4arWxpi02IWs674SONqg-0lT7fzaATF5iw==
x-cache-hits: 132534

GET
H2 204 b
sb.scorecardresearch.com/ Frame AF28 0
337 B 33ms
33ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1639203222139&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&c9=
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 85HoUui6b0gAaiZpjKxiSPXef8fOcwnzOqO31LxxbCzb5MUYjSBbaQ==
x-cache: Miss from cloudfront

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B64C 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRsX763flMNrZW8Jmt-Jp6v6lsE0fdBCrFQtvgUdyquqsWPqDLB_KrOnLaLXrT0IldgJnZ5ZCk3doTXluP3ScUNHbH5Y-TYSSzP3UHncty3CB3PM52hUe7ZhkZSs3m3VyAw1YcFt99z8hhrEGO2zMpA591uEYCCBLYyJqZxMTRCN3gmZo0RH1TF_Cs2h2YZUsAlzkO1KPNCS0aa4iQpP6B61Q24bW4HWZABGVzuu3MCFMXWMlgkzbX1d32nxg9D57b37N4qD11KIjAnUk8iVQqYup5NO1StfIvOG6W-SwbXqyapObB2OnAX3NzHOgNNSNU9ZXvv1LdrC7e11iidhiTnbPNyk5jVJD0pl0LsUNimQ1afi8&sig=Cg0ArKJSzI39t8jMabEGEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
DATA 200
OK truncated
/ Frame B64C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15ba21410b6cae567c186f83ebb068c26b3f95aa5f7a9f2813e87ca512d28d12

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9628 6 KB
3 KB 72ms
34ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:40 GMT
expires: Sun, 11 Dec 2022 06:13:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E568 6 KB
3 KB 65ms
32ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:40 GMT
expires: Sun, 11 Dec 2022 06:13:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ Frame AF28 19 KB
6 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: n7qu5_m2oY3yYk8zx0ISQgopnHkiUO7s
content-encoding: gzip
etag: "103abcd7af0ff73c2bca84d874ada0e2"
age: 25209
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6020
x-amz-id-2: KiQ4YWBbZGThNXrAb1IG86QGyrmcUIG3OFu+/p87BdEOUf30OSGo7/xws9XBOn7QZQeFj+HDPlc=
x-served-by: cache-lcy19223-LCY
last-modified: Tue, 30 Nov 2021 12:15:08 GMT
server: AmazonS3
x-timer: S1639203222.855948,VS0,VE0
date: Sat, 11 Dec 2021 06:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: C4YV1VF92GTM9FJG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 44
x-cache-hits: 45846

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame AF28 2 KB
938 B 19ms
19ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 8oi59FmV5lZnBSZug04yEHoBr2VIEPOj
content-encoding: gzip
etag: "44e0fb48ae5c8af459ee8102bcc39ee7"
age: 25209
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 702
x-amz-id-2: vI2M7c/0QUKSoTM2aQTfSkt2vLrPC5kL05J4NiUHffGuyqLP6gXAAuDMTZKnY1ohLePXO/4kbak=
x-served-by: cache-lcy19223-LCY
last-modified: Tue, 30 Nov 2021 12:15:07 GMT
server: AmazonS3
x-timer: S1639203222.856061,VS0,VE0
date: Sat, 11 Dec 2021 06:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: DM4J0EY8NB1HZHEW
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 44
x-cache-hits: 44541

GET
H2 200 tfa-eid.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame AF28 14 KB
5 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a9094ce5f18a9e36476ef2be0c657a0d969cf42e5cdf39b6938607182f9e2ab

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9fmuZ4rqC8Z5LeeLztqlC3_nThG7nPzS
content-encoding: gzip
etag: "fe1800cdf5eae6d9755cd49fa5f163d1"
age: 32
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5061
x-amz-id-2: IoXgrSZsziqfbmyOLZ29MiNpbDb6O7EYrVpPElEzBSRBtVCBvx6HdnCUo45DN0XOsLHQTuPKUJ0=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:15:54 GMT
server: AmazonS3
x-timer: S1639203222.856662,VS0,VE0
date: Sat, 11 Dec 2021 06:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: 95W38FZWZBFM4JRH
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 61

GET
H2 200 sha256.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame AF28 6 KB
3 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df2df7ab27ecdbd3544c33a84ca2581c534ffc23048e8edd1dc9006e83507523

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wBEWtZC4PEyfK6Irf.yA22bSAXD1a3tL
content-encoding: gzip
etag: "0a32a3cbbea38e3c51221e97e065afce"
age: 19
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2590
x-amz-id-2: PUVWFXb3j5QnWVgAuX6Lth2N1m8WP5f3T9aWapUfTzvoSJwy0pXZzxClQLTFKibxskr7tbiv/MQ=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:16:45 GMT
server: AmazonS3
x-timer: S1639203222.856868,VS0,VE0
date: Sat, 11 Dec 2021 06:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: P5P5KN4KBPT5AH92
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 33

GET
H2 200 tb Show response
15.taboola.com/ Frame AF28 32 KB
10 KB 36ms
36ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=unknown-site-on-disqus-network&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22diariodocentrodomundo%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&encoded=1&uid=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714&variant=-100|1786173784&callback=TRC.videoTagCallbacks.videoCallback1&cb=1639203222257&tagid=&cntry=GB&platform=1&sesid=1a54b551f489977f6440fcf4c4660894&itemid=/essencial/atila-hacker-certidao-de-vacinacao&viewid=1639203220664&geolat=&geoing=&deviceifa=&appid=&sd=v2_1a54b551f489977f6440fcf4c4660894_556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714_1639203221_1639203221_CIi3jgYQg5BIGLjZgMHaLyABKAQwTTin8g1A8YwQSJWL2ANQvLUyWABgAGiApKeijMutlDNwAA&ri=d20b03b56ce89ac00b48296597bb2695&appname=&cdb=&gdprApplies=true&rid=&sii=3274293255189510694&oee=true&tpubid=1181699&uis=4&fagg=1&ccpaDns=false&ccpaPrivacy=&region=HRT&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e623a26c2d2e1864745e53c1773c1af3da805f0a6252dd04de407a430a32e07

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
machineid: 1450
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-lcy19223-LCY
pragma: no-cache
server: nginx
x-timer: S1639203222.871528,VS0,VE17
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20211209-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame AF28 17 KB
5 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20211209-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 108b212a0f6a3d2d4efd35f1f9ea615ca76baa406b806064e4dcb42ce5b15f1d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gnvPGW_ylDxX5RkfJvFRoqUOE9m1hBRC
content-encoding: gzip
etag: "a078577fcaa0862a2cc3cabff4d37f24"
age: 52
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5339
x-amz-id-2: 29IjmD22iXLdHZEHu783ogu9ICc3+NyhqduqOVEp6vQSIqcYuJvLVVio4kwGonVbfNTwJsimMjU=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 09 Dec 2021 10:15:37 GMT
server: AmazonS3
x-timer: S1639203222.871641,VS0,VE0
date: Sat, 11 Dec 2021 06:13:41 GMT
vary: Accept-Encoding
x-amz-request-id: 95WDHN68VK8GJT6M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 10

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6993 348 KB
117 KB 41ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ 0
153 B 195ms
194ms XHR
text/plain 52.58.61.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=180108068&w=400&h=225&skip=1&req_type=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&l=EN&dt=2&c=GB&pid=52453&sid=&sname=&d=diariodocentrodomundo.com.br&sp=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:42 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
478 B 540ms
319ms XHR
text/xml 2600:1f18:612b:4200:8560:f9d7:993:6d2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C9162660765278957349807421836%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8560:f9d7:993:6d2d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 1125ms
583ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1260332275&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 161ms
43ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&cb=2027469272&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C5278957349807421836804160774%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000370
X-SpotX-Timing-SpotMarket: 0.006541
X-SpotX-Timing-Page-Mux: 0.000878
X-SpotX-Timing-Page-Require: 0.000464
X-fe: 019
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000026
Content-Length: 77
X-SpotX-Timing-Page: 0.010779
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000296
Last-Modified: Sat, 11 Dec 2021 06:13:42 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.006541
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diariodocentrodomundo.com.br
X-SpotX-Timing-Page-Misc: 0.002195
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 1127ms
583ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1035136914&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 1144ms
588ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=168425024&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ= Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 1142ms
584ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1349826589&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
919 B 54ms
45ms XHR
application/xml 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C5278957349807421836187207783%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: df863cb90f32a052467223f4f435c369802334669615b9cf814e5adb0643e68e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 649
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ 0
153 B 186ms
186ms XHR
text/plain 52.58.61.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=1020721646&w=400&h=225&skip=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&l=EN&dt=2&c=GB&pid=52453&sid=&sname=&d=diariodocentrodomundo.com.br&sp=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:42 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
921 B 51ms
44ms XHR
application/xml 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C20272506155278957349807421836%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bb456e31c6f9b199040d9a50c6dd63faf5323a8f470ebca13fe715941d27147c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:41 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 651
expires: Sat, 11 Dec 2021 06:13:41 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame D051 107 B
122 B 79ms
39ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.diariodocentrodomundo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D051 107 B
122 B 80ms
40ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.diariodocentrodomundo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D051 0
23 B 50ms
50ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3893877200361406&correlator=1840518151970230&output=ldjh&impl=fifs&eid=44756717&vrg=2021120601&ptt=17&gdpr_consent=tcunavailable&tcfe=3&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=101482493%2Cposition%2Crecommendations&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=5&cust_params=shortname%3Ddiariodocentrodomundo%26experiment%253Avariant%3Dnetwork_default%253Afallthrough&cookie=ID%3Dd7a340af9c5b965e%3AT%3D1639203220%3AS%3DALNI_MZA5wVnzqtVwwFleVYXyUJSv1p66Q&bc=31&abxe=1&dt=1639203222374&dlt=1639203221126&idt=1235&ea=0&frm=23&biw=1600&bih=1200&isw=300&oid=2&adxs=292&adys=4266&adks=3213429204&ucis=g0p2qc8ssada&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&top=www.diariodocentrodomundo.com.br&vis=1&dmc=8&scr_x=0&scr_y=0&psz=304x0&msz=300x0&ga_vid=409617009.1639203221&ga_sid=1639203222&ga_hid=184577100&ga_fc=true&fws=260&ohw=300&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
640b8f6ac9713c4187d50d6eb844be94.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3352 6 KB
3 KB 66ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://640b8f6ac9713c4187d50d6eb844be94.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:42 GMT
expires: Sun, 11 Dec 2022 06:13:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 bulk Show response
trc.taboola.com/diariodocentrodomundo/log/3/ 0
215 B 31ms
30ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/diariodocentrodomundo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203222.998266,VS0,VE10
x-served-by: cache-lcy19223-LCY
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/30_7_6/infra/ 783 KB
133 KB 62ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 151e52cb24cf872678ae4ff655994a2f5190f29faaa88215c438e9b5bb5712d1

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Origin: https://www.diariodocentrodomundo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish
age: 849919
x-amz-meta-mtime: 1638353232
x-cache: HIT
x-amz-meta-ctime: 1638353232
x-amz-meta-mode: 33188
content-encoding: br
content-length: 135129
x-amz-id-2: aIjTYZ1g1idVSlAt43v0w3CLS52JkJnt1hgHJ0nzDIvcS7O9/1Sl4Cf2rZq/9qwDs0vzZ4MZZFo=
x-served-by: cache-lcy19258-LCY
accept-ranges: bytes
last-modified: Wed, 01 Dec 2021 10:07:13 GMT
server: AmazonS3-br
x-timer: S1639203222.049622,VS0,VE0
etag: "a8b73c2317874414cd76be0562ea1d81"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 8BMXHTKAAW4AW19D
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 152295

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_7_6/assets/css/ 61 KB
8 KB 30ms
30ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_7_6/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 890fdf47e484671989bdf43a80416d4386ea3114ef7e75aa5522e954f3996cfb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish
age: 849919
x-amz-meta-mtime: 1638353249
x-cache: HIT
x-amz-meta-ctime: 1638353250
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8084
x-amz-id-2: nYv2oukVh8mFz+vQxRjarBkB4Y8tK4R7cULGZL0/25L/Gko5X9zaPJc+jUSrNKILc8PMHZRgRPg=
x-served-by: cache-lcy19223-LCY
accept-ranges: bytes
last-modified: Wed, 01 Dec 2021 10:07:31 GMT
server: AmazonS3-br
x-timer: S1639203222.014638,VS0,VE0
etag: "0a5b5574a20bc1d9cd6238783869dad2"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 8BMZ49WSX8FNS9P7
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 232280

GET
H2 200 0161bc66306266994ac881b789aa9917.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 3 KB
4 KB 27ms
27ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0161bc66306266994ac881b789aa9917.jpeg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b992fa74ae2d898f78561af205e3b8c8badc801ea764ccf36cadb13ed78d5d8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 307790
edge-cache-tag: 422138612063608750686207603515876471143,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 422138612063608750686207603515876471143,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 130
expiration: expiry-date="Thu, 09 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0161bc66306266994ac881b789aa9917.jpeg
content-length: 2978
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 08 Nov 2021 10:27:13 GMT
server: nginx
x-timer: S1639203222.014798,VS0,VE1
etag: "316b7138c5f0cad02dabfd4360791430"
x-served-by: cache-wdc5554-WDC, cache-dca17758-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 94d46af3c04ce81136e598d0ec794ab7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 23 KB
23 KB 27ms
26ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94d46af3c04ce81136e598d0ec794ab7.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eada7450f463ca6875c630ad7f529889e22d8391023e364d76e02cdcf86e4f61

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 3204663
edge-cache-tag: 331972698464505008723261319863681396859,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 554
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94d46af3c04ce81136e598d0ec794ab7.jpg
content-length: 23114
x-request-id: cb57d5393b12529aeb840c50f112a1ac
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Wed, 03 Nov 2021 20:04:45 GMT
server: nginx
x-timer: S1639203222.014914,VS0,VE0
etag: "ed7888516c15f228354f5fb340d5ad5a"
x-served-by: cache-wdc5543-WDC, cache-dca17734-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 357

GET
H2 200 0f08117e230a85430ea52293779ac00a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 3 KB
4 KB 26ms
26ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f08117e230a85430ea52293779ac00a.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 16d2c8f30d65c537a5259a8a96346daceb60f28a64f8b4092caac03e0255d98a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 3051935
edge-cache-tag: 334104128982105477513627244562321066306,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 32
expiration: expiry-date="Tue, 30 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f08117e230a85430ea52293779ac00a.jpg
content-length: 3106
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sat, 30 Oct 2021 14:03:06 GMT
server: nginx
x-timer: S1639203222.015032,VS0,VE0
etag: "a683632ba98258d499de1158ff163e57"
x-served-by: cache-wdc5555-WDC, cache-dca17772-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 5d4d80712d874576eeb39eaaebdd1002.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 11 KB
11 KB 25ms
25ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d4d80712d874576eeb39eaaebdd1002.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02c56a663727032f8dc2f2b710b19f1aacbf5746e9db756857a84124484d2f92

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1808671
edge-cache-tag: 573374940111509278404143778555270702673,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 89
expiration: expiry-date="Wed, 15 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d4d80712d874576eeb39eaaebdd1002.jpg
content-length: 10866
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Sun, 14 Nov 2021 20:06:48 GMT
server: nginx
x-timer: S1639203222.015648,VS0,VE0
etag: "3c69921ee6b704cc3b6fcab15a0aac9c"
x-served-by: cache-wdc5528-WDC, cache-dca12922-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 3

GET
H2 200 1284784045__U0SwUTJa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame AF28 18 KB
18 KB 41ms
41ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1284784045__U0SwUTJa.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cb30a0062f2212374679ae04654d7eae07c153b058d56d74f98ea4c7e2bdc496

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 220495
edge-cache-tag: 318830597585826476570546980541171097579,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 318830597585826476570546980541171097579,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 594
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1284784045__U0SwUTJa.jpg
content-length: 17950
x-request-id: 7c7d66e0ef6e9cb44d12f341fec42f35
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Wed, 08 Dec 2021 16:34:15 GMT
server: nginx
x-timer: S1639203222.015765,VS0,VE1
etag: "61eb59b3a35acbd96ed52011b144b4a4"
x-served-by: cache-wdc5525-WDC, cache-dca17769-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 b92e99f663d9279272685bab6be91b9d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 17 KB
18 KB 40ms
40ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b92e99f663d9279272685bab6be91b9d.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 020a358dd2294ed0656577aa904a333e70d37b581cc20044b8ae7ed91d4758d2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1716824
edge-cache-tag: 424370456968951801931539548530375270959,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 171
expiration: expiry-date="Sun, 28 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b92e99f663d9279272685bab6be91b9d.jpg
content-length: 17696
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Thu, 28 Oct 2021 09:07:59 GMT
server: nginx
x-timer: S1639203222.015891,VS0,VE0
etag: "401a949dc8a57b31427b0a3c44fad8a4"
x-served-by: cache-bwi5083-BWI, cache-dca17752-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

GET
H2 200 6f0bbfa94a8afb40816a59fed1eb22a9.jpg
images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_510,y_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 8 KB
8 KB 19ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_510,y_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f0bbfa94a8afb40816a59fed1eb22a9.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c32de543e55cdf6a2c7f0e63f9cb69eaef4c68377a3650f7149fb5f9ec43fcf1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 420518
edge-cache-tag: 414186546921205154198751781036997700172,611077572366434990491414361697202466954,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 111
expiration: expiry-date="Mon, 13 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_510,y_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f0bbfa94a8afb40816a59fed1eb22a9.jpg
content-length: 7742
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Fri, 12 Nov 2021 13:14:04 GMT
server: nginx
x-timer: S1639203222.038362,VS0,VE0
etag: "009d44b0373bb594ccebd071032ab70c"
x-served-by: cache-bwi5040-BWI, cache-dca17750-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 9148cbf81917b00a7c9fb9f63ae911fb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 11 KB
11 KB 20ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9148cbf81917b00a7c9fb9f63ae911fb.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 81e8f8a1f94dc0aac72dc723a422f7f13e29a684672d4390dc4288d40cd35d24

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 686308
edge-cache-tag: 346547531020065106411499694503983567687,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 520
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9148cbf81917b00a7c9fb9f63ae911fb.jpg
content-length: 11096
x-request-id: dae8f5104fb340387df593946798e71b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 03 Dec 2021 01:19:50 GMT
server: nginx
x-timer: S1639203222.047130,VS0,VE0
etag: "c6226d1291a35401e48e040c9745ca7b"
x-served-by: cache-bwi5045-BWI, cache-dca17725-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

GET
H2 200 Makeup-56055.jpg%3Fwidth%3D1200%26height%3D628
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wfmulti.wpengine.com/wp-content/uploads/2021/01/ Frame AF28 13 KB
13 KB 21ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wfmulti.wpengine.com/wp-content/uploads/2021/01/Makeup-56055.jpg%3Fwidth%3D1200%26height%3D628
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f058ff6e4e5c4260d3bb5dfe42338a57272ea58dbe8e60e3688171ac3d4f5a07

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 2138564
edge-cache-tag: 576371472889129376042082301174852017211,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 291
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//wfmulti.wpengine.com/wp-content/uploads/2021/01/Makeup-56055.jpg%3Fwidth%3D1200%26height%3D628
content-length: 13094
x-request-id: f6d2ddb8f797fc7664457627ae52917a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 22 Oct 2021 20:33:26 GMT
server: nginx
x-timer: S1639203222.047286,VS0,VE0
etag: "3c2fff152fdb1a29158d5aa0be99b1d1"
x-served-by: cache-bwi5052-BWI, cache-dca17733-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 0_JHP_MDM_290421WRIGHT_SQUIRES_22.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i2-prod.mirror.co.uk/incoming/article24368922.ece/ALTERNATES/s1200/ Frame AF28 9 KB
9 KB 23ms
23ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i2-prod.mirror.co.uk/incoming/article24368922.ece/ALTERNATES/s1200/0_JHP_MDM_290421WRIGHT_SQUIRES_22.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d3e5bb05fb467fe9d3022bc27b67dda46a645df439c19d112f1c0e94324b3082

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 2125386
edge-cache-tag: 498131929290628775299931683526462078624,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 108
expiration: expiry-date="Sun, 12 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i2-prod.mirror.co.uk/incoming/article24368922.ece/ALTERNATES/s1200/0_JHP_MDM_290421WRIGHT_SQUIRES_22.jpg
content-length: 8756
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 11 Nov 2021 12:12:55 GMT
server: nginx
x-timer: S1639203222.047377,VS0,VE0
etag: "891bd526689930ab910ccedbefb13f75"
x-served-by: cache-bwi5050-BWI, cache-dca17776-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 GettyImages-472734960-44170-1-55315.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.postfun.com/wp-content/uploads/2021/07/ Frame AF28 9 KB
9 KB 19ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.postfun.com/wp-content/uploads/2021/07/GettyImages-472734960-44170-1-55315.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61e367f4704eff6580b659b74e28cf3b92b5d89ac6f366c0a69fa6a45636af08

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1422900
edge-cache-tag: 501319748305034139828653345159057267810,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 308
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.postfun.com/wp-content/uploads/2021/07/GettyImages-472734960-44170-1-55315.jpg
content-length: 8828
x-request-id: 9818d5bc80a377574ba97bde7eb2a715
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 24 Nov 2021 04:07:06 GMT
server: nginx
x-timer: S1639203222.053838,VS0,VE0
etag: "36042608ba2c5d0039ce9957b0fb3ff4"
x-served-by: cache-bwi5034-BWI, cache-dca17768-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 0c17140079e52209a4e92e096a488673.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 9 KB
10 KB 19ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0c17140079e52209a4e92e096a488673.jpeg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a8240580e874bf1ef555d5ee49371d10f7dd004c21a0e64d9d173a315c2fc5cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 2278570
edge-cache-tag: 462801776607444972567320658497164201762,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 96
expiration: expiry-date="Sat, 20 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0c17140079e52209a4e92e096a488673.jpeg
content-length: 9440
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Wed, 20 Oct 2021 08:53:15 GMT
server: nginx
x-timer: S1639203222.054728,VS0,VE1
etag: "92309301f6a684d66bfd5bb8013b3033"
x-served-by: cache-dca17778-DCA, cache-dca17723-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 zab_1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/hivemedia-images/creatives/zab/ Frame AF28 12 KB
12 KB 20ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/hivemedia-images/creatives/zab/zab_1.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a9561368972781e4bce76170f22b8d009e4be64d622afb3421cb86983d403ba8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 2134408
edge-cache-tag: 602769834505247591865230455653898237443,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 89
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/hivemedia-images/creatives/zab/zab_1.jpg
content-length: 11796
x-request-id: 9a2bf5bda8b7ce7260e29b6c4d19fc29
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Thu, 04 Nov 2021 07:47:43 GMT
server: nginx
x-timer: S1639203222.058902,VS0,VE0
etag: "462bf148ea53fe8f6713491990846294"
x-served-by: cache-wdc5579-WDC, cache-dca17757-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 47041af90ef86bb2166fa01ea041b0dc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//dwyeew221rxbg.cloudfront.net/632059/ Frame AF28 15 KB
16 KB 21ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//dwyeew221rxbg.cloudfront.net/632059/47041af90ef86bb2166fa01ea041b0dc.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f77beacdfdc953ac02ad4da4b3dbe715f94b7e3368ccbf0a6735436da65218a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 3791181
edge-cache-tag: 367037800989775526540986420421750633262,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 83
expiration: expiry-date="Wed, 10 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//dwyeew221rxbg.cloudfront.net/632059/47041af90ef86bb2166fa01ea041b0dc.jpg
content-length: 15450
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Sun, 10 Oct 2021 13:47:41 GMT
server: nginx
x-timer: S1639203222.067830,VS0,VE1
etag: "1f3a770962ef6d77ba80057a294239c4"
x-served-by: cache-wdc5521-WDC, cache-dca12925-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 banner52.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.marriagetaxhelpdesk.co.uk/content/images/banners/ Frame AF28 5 KB
5 KB 21ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.marriagetaxhelpdesk.co.uk/content/images/banners/banner52.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aed25060a18e332a994cf95a1e73507390f2557c5a09ec8aebdd96447e3357e6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1794871
edge-cache-tag: 552065885052061754619380031440724477121,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 41
expiration: expiry-date="Thu, 09 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.marriagetaxhelpdesk.co.uk/content/images/banners/banner52.jpg
content-length: 4916
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 08 Nov 2021 10:24:44 GMT
server: nginx
x-timer: S1639203222.067962,VS0,VE1
etag: "13b8908d0baed49f8c3903f9e569a414"
x-served-by: cache-bwi5045-BWI, cache-dca17777-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 c9a842679e8bd7c001ca4e11e6a06e06.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 13 KB
14 KB 20ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9a842679e8bd7c001ca4e11e6a06e06.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92bdf9f823923f06008184ad2f19dbdc092a1cde89906a222fbd346a4976083c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 2583056
edge-cache-tag: 301834351220719917540146784549481126354,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 147
expiration: expiry-date="Fri, 26 Nov 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c9a842679e8bd7c001ca4e11e6a06e06.jpg
content-length: 13350
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Tue, 26 Oct 2021 15:16:56 GMT
server: nginx
x-timer: S1639203222.071772,VS0,VE1
etag: "75a273f31e2d4bdbd25feb129a22478d"
x-served-by: cache-bwi5044-BWI, cache-dca12923-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 77fa4652cf40a479b8b4e8556e887ead.jpg
images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_495,y_418/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 14 KB
14 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_495,y_418/http%3A//cdn.taboola.com/libtrc/static/thumbnails/77fa4652cf40a479b8b4e8556e887ead.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 223fd57264cad1aca2a6b1eca88c7504f6290a997a892f6a18f5620771016037

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 1458536
edge-cache-tag: 505034444893355103399183560788096618832,322341655704704739296056895017855712272,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 542
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_495,y_418/http%3A//cdn.taboola.com/libtrc/static/thumbnails/77fa4652cf40a479b8b4e8556e887ead.jpg
content-length: 13978
x-request-id: 967b96edbb03feb1a7e33df2156865e3
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Mon, 08 Nov 2021 09:07:21 GMT
server: nginx
x-timer: S1639203222.073445,VS0,VE1
etag: "591aef29ee5518f9c8e683ba909ef49c"
x-served-by: cache-bwi5031-BWI, cache-dca17757-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 img_60dc2e2b16e287.72712011_2qwNuvhEwlyn6VBrVKSwsfqMJ3T0plWriJVGzpQKK2abDq3ZGF_ob-adp02-taboola-winning-image.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/ Frame AF28 11 KB
12 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/img_60dc2e2b16e287.72712011_2qwNuvhEwlyn6VBrVKSwsfqMJ3T0plWriJVGzpQKK2abDq3ZGF_ob-adp02-taboola-winning-image.jpg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a8ae87a3984a2643eab54e6b257f7ad959ff437f5398a5f34289c991e0fbb30a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 354613
edge-cache-tag: 336744520568041038930995899439407632434,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 336744520568041038930995899439407632434,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 101
expiration: expiry-date="Sun, 26 Dec 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/img_60dc2e2b16e287.72712011_2qwNuvhEwlyn6VBrVKSwsfqMJ3T0plWriJVGzpQKK2abDq3ZGF_ob-adp02-taboola-winning-image.jpg
content-length: 11112
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 25 Nov 2021 01:48:51 GMT
server: nginx
x-timer: S1639203222.074786,VS0,VE1
etag: "5044045bb8d8ea0b17e1582bb962ddcf"
x-served-by: cache-bwi5028-BWI, cache-dca17737-DCA, cache-lcy19223-LCY
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ Frame E624 165 KB
26 KB 31ms
30ms Stylesheet
text/css 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283595
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: KlKC9OBVsI4qK_Ul6LJQZH3LvUzAhc8JtdOlaj5pTZEPseJHSyIvDQ==
x-cache-hits: 0

GET
H3 200 container.html Show response
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8E04 6 KB
3 KB 31ms
31ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:40 GMT
expires: Sun, 11 Dec 2022 06:13:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
730 B 21ms
20ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25207
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: WVanEJ6D+w9phdukLefqJwOvpI5WsmM7iQkGzXcfZQK1PEn9ZU9pBHZ5XGoc27ZQb5DVzprPUhI=
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1639203222.051843,VS0,VE0
date: Sat, 11 Dec 2021 06:13:42 GMT
x-amz-request-id: C4YYT74YZ84DXJCZ
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 44
x-cache-hits: 2923

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5E0F 70 B
264 B 31ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=undefined&cb=1639203221987&uv=3076&tms=1639203221987&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=4D2360E97239833529848531671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 5E0F 43 B
182 B 301ms
94ms Image
image/gif 2600:1f18:612b:4264:e8c6:2f28:702a:f217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=undefined&cb=1639203221987&uv=3076&tms=1639203221987&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=4D2360E97239833529848531671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e8c6:2f28:702a:f217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 5E0F
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7d2865bc-5a49-11ec-aef5-1d66682b0006&orig=video&us_privacy=1---gdpr=1&

0
229 B

49ms
26ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7d2865bc-5a49-11ec-aef5-1d66682b0006&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=undefined&cb=1639203221987&uv=3076&tms=1639203221987&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=4D2360E97239833529848531671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9462

Redirect headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7d2865bc-5a49-11ec-aef5-1d66682b0006&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 64
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 5E0F 43 B
220 B 33ms
33ms Image
image/gif 18.196.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=undefined&cb=1639203221987&uv=3076&tms=1639203221987&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=4D2360E97239833529848531671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 5E0F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A

0
230 B

41ms
26ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=undefined&cb=1639203221987&uv=3076&tms=1639203221987&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=4D2360E97239833529848531671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14487

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A
date: Sat, 11 Dec 2021 06:13:42 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6B37 70 B
264 B 31ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 6B37 43 B
183 B 282ms
94ms Image
image/gif 2600:1f18:612b:4264:e8c6:2f28:702a:f217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e8c6:2f28:702a:f217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6B37
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7d2865bc-5a49-11ec-aef5-1d66682b0006&orig=video&us_privacy=1---gdpr=1&

0
228 B

48ms
26ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7d2865bc-5a49-11ec-aef5-1d66682b0006&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9462

Redirect headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=7d2865bc-5a49-11ec-aef5-1d66682b0006&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 113
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 6B37 43 B
220 B 43ms
33ms Image
image/gif 18.196.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 6B37
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A

0
230 B

41ms
26ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14487

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A
date: Sat, 11 Dec 2021 06:13:42 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 9A4E 487 B
971 B 51ms
50ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CED) /
Resource Hash: 7e99cae469202590f2a4c1afb6fb984d8a842cabebc849559c3659e1c93bd5f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 129
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Sat, 11 Dec 2021 06:13:42 GMT
Etag: "b5afbf73ee4d1579f3fb2f618f6accc7"
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CED)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 lounge.bundle.920cdf639b386b42eddc25a8b2755561.js Show response
c.disquscdn.com/next/embed/ Frame E624 475 KB
121 KB 31ms
30ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

01b1844125589a15317239014be029ba024bc0d6e059222bc99bd913a82ecb88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283595
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 122873
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1dff9"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: lXFDEZSmxLAFb1BhkGLtjacQzcmSbwWx08zoE2NGpOo9QTGiFuUoOQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame E624 14 KB
15 KB 19ms
19ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f8b30a2aaa19326c2f546b8e22134512c9e5486fa6fec2f0d1c8ca2bbc8acb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 41
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 96ms
96ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8gsud7f27augk6&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=diariodocentrodomundo&zone=thread&version=9068118211410bc5f67f5bb8d6806cba&page_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=2233022

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.5.4/ Frame AF28 97 KB
28 KB 20ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 890aefc340c1b2efe49d71cad4618a6c13ac793d2ce7e4d51d301c96393836c4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 cccbced9d09951cf2e947066c4fc2442.cloudfront.net (CloudFront), 1.1 varnish
age: 1800623
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 28307
x-served-by: cache-lcy19223-LCY
last-modified: Sat, 20 Nov 2021 10:02:27 GMT
server: AmazonS3
x-timer: S1639203222.145210,VS0,VE0
etag: "e5d90598697be1a7577dea026b23fc11"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: qubBwmc2QNXMkjuMw-8rYZg-Azpy_0P1E5s-Gt8pqr9rppjeeFGXpg==
x-cache-hits: 25323

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 20ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_3_6010/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 a1a4fa2aa1a6ec4964511a9d2ab566d4.cloudfront.net (CloudFront), 1.1 varnish
age: 1460828
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-lcy19223-LCY
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1639203222.173098,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR62-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: a_kqlf4sYBO9XqGC8z3veSDwFE3DpWg6h96HmlkdbxxrBg7oFtlX2Q==
x-cache-hits: 364253

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame FFD3 14 KB
3 KB 30ms
30ms Stylesheet
text/css 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4611017
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: ADJtK5c4WMqQiCpSjEGIwQz2D3ZZF8KaF4eMjnNbFk4bNyWK7eJhqA==
x-cache-hits: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 6993 107 B
122 B 40ms
39ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.diariodocentrodomundo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6993 107 B
122 B 40ms
39ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.diariodocentrodomundo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6993 61 KB
29 KB 335ms
334ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1276719430509735&correlator=2714222214404827&output=ldjh&impl=fif&eid=44756717&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211211&iu_parts=21622511100%2Cteads_passback_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D85bc53f154cdba07%3AT%3D1639203220%3AS%3DALNI_MZD9NlfUsZBubyYrg5K2f9WwUWxVw&cdm=www.diariodocentrodomundo.com.br&bc=31&abxe=1&lmt=1639203222&dt=1639203222660&dlt=1639203221564&idt=1072&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=2&adxs=800&adys=5178&adks=3755939548&ucis=s2zin4q1lybo&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&top=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x0&ga_vid=409617009.1639203221&ga_sid=1639203223&ga_hid=1480025957&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cbbfc283deb98751e5105f5912f22b7fd5fb0dec833a5075e3a4397347a3daa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29453
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6993 11 KB
9 KB 119ms
45ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a01a36b8b8d11408dc8a46ed765e0e08f2c44711adca177f7c7cd8c320af195f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8492
x-xss-protection: 0

GET
H2 200 container.html
b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8ABF 6 KB
0 53ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:42 GMT
expires: Sun, 11 Dec 2022 06:13:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2106 624 B
340 B 115ms
43ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjHnd61ATAB&v=APEucNWW0ZzTAp2ZPyeC6B4LDvKtDG4MGQL9N2FdUFO99G4A54ZVPQLDL6heJfrpqPWAxP4Ajp3COoHmonCVgRiEWRy36-iqCQI48I47pnvOJ5yf-Mn5biP23MoFd0AJstvWwIeBpFbXU12edV-xA5sIZk72hpfH225jzMOe2VGdooPop9ddy0M

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 11 Dec 2021 06:13:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E568 11 KB
9 KB 139ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7hXCqNIia_Kh8GTZvP3E9zb5CQQEsNpVrXcJHw3jNAWBFe0Vmpk6u-l3BemRDNsXkX6-3MZ4JCZAwS30ANpGZcIcIv2Vn27pAN2KXh-B8-O5vZAapsWeCihMPO7-fp1DzYHKY_i7qetwWpdsO0B4iCjXPLA&cry=1&dbm_d=AKAmf-AjxzhBFfpGtKTOZM60nI_pXe2kMk0EbZ6Js9JVc0rsmIkTmWSs_Fqdmk4gLNnwi6UFU9ysYrSgv4zsCBpyi91rhwcdeT_l0vU0QmTa5_uWLSRNEBHAqZVrtN1ajlFD638MAucS5BTno50KWe9eROct7AKxh8TW5xNn2JDo5t8Pe7b_1Ac2qrS5tVz8BSLjNUIJ5nDARYcLqApfEMTu4-gBH0oIWNSokavBfoFitucbRH94qKngfeLCTQQ0cVccDcwV-UBharc15-27d-gOW1KNSJXI2xyfRcqVtiwky0bdaTofzI6yPStgOgbHTM6ncAKZzE1RSRkya9nXVN7WHnyI9Kn4As8u0GiUBuXLAxHyssVaZwT3nbbFhp0sqzhfNRHWKtC6M3T4q6ly76hi6k6IRhv0yorcz8cw4Mu_9VgRo0w2SGkuS6T-PuFB3Gcwb9RfSm7E1OFURrF3nAt2ADA5TCIiRfkC8MlzHDuxahD_2WYgTrcYWPj0RsgwHSyb2eJEjTjV7qlVz2Cb1Prp4g9WQ-uV6u8dVNtR5A4MUAhHI7UxWVKUXly5SP_fNGOa8EurJc_qPCx3iyDmJBiaMcotEMS78xLphv4SxwGAWh0doVagHzUs8d2EmcpRPIUx13Xi8wPRwjz2p5bvvd8GrOoKAIQwLU8-GniconDnMFPDHztmDDlMrpBN5y32o1Y-gQ-fqzHr-tGH3xRrWt2lgc1_4HWZxxSjQ1ZZy7FTf9O78PdMB5btnD_Wvg_ak1Q7qDPz3BGF7hMfdfvXQQ1hTznAEGIqfpqJ8XDgOB-w945JEI6joDufMbvYtEWQyztJVAYXZZbWfQWOs3-tX4zF-5xF3vDx8WLgSYrgOotj_MCFRtITKmLU3ZpIyyc4LrCz0WERdzfBGlKy4W5BC6oPLrbrEOOkFor5VM15inJTSdfEpD1N4Zy4e16EnlVV8tOv9smCrLimdXRiVgdCAyt2KSNvI-ia8fXIrpvSMnL78dxSIiGydt3k5GzIJaC9Xwr84elzETS8vRY8hs6KFfMGNnI7i3hl3d-dCE7Fd4H4kisO1p5diVNpCpzLs8RI7fYZyxTfyFNgQkpDYtYP9Pfh09hzEvIdAliNtoYi-kIR13IDanyZzowBkZRxFmGMXUXqkfh0JL0RMk-gVGMbuFtWFnm7eoTpfUJTBTqKaZ5ZuYmoBmPIBlo8g08zWOlGa20M6_tMJaB3AGUcEtvwUfu6MvzdQlDnGhQjc38wNI4Lz5HmVRPK-DDQISFv2PnIK3S-R9oMT5fFQxIgpD5rVq6Ww9BkOSrtnD9AXvl3kiTLEJB4XOwDQAs1gvN-RV9zJysU-p99JqH2v-hupyxEdM_1VWKuKaBiDDbs6t2TNxh2F5R6jK2yQJdio46Vs3o8PfPDh9UTWzIc9FvcXN69OuZAnOUX3zhgM-bGm2ppoPg96KjFY9Nlj_m91ZxmUPYlJGZVKSjkt1Yjzcr-bIReAMQfu0-Xs23tA7RwGD0dL8KbEMchlTmZDqbErjTWbzruOXscBPxq1hx8IhRFLjpeHfCQUyNWXr3zU9k98sfuKh2gLQa79youe1YFoRloIzWyvk7k_icUx6mOEDuTxHMsHv6DIWinNva-W4dMJ23wcec6yERJVMk2du705Ck4zQsiHeS7YA2SZbr87oS6UdRij-cyeHCy__C3hsTGpp1hrWKTaKdJd60PtEggdYYV4_vdG-kseImVxXId28kR_YfSxh5UwZdkU0G9Cq7_ybKwv2L6ZGiciCFsoLBkunZj0vF45ZjvOZEfg_RBWpJZygjcr7gGc_cPKWC_MuEmH8aI1y9wYOYZ-If6h_1QPzB7XSlerYUVmtkXGNY42ObyzKZMJRxXXmjiLO4S2tS2kyjFFsTCIdsXYgtIoYofo1Qwml0jQi6YvPJq54TIFzVnnC0Tal60Y3uF7MEtX5RwQrJgNQD7S5m_QYg3GEmuOjeYMrZPbP_2Iq2GWavWwiUmHbUFIN6NUghQw9DNuslbOjUtAMkskTXW3FOIdXazB7Vuo224LGPybxLVknvXMJEE_y3qKebdnWOckNKhYSZFvQU_LiqHW0ZOHCL8zqM5ipiUkWnvmpP9FF4Dgczg9bC5_Yh4BTR5BiNeMArrwTdpYwYPeG43dbKkBpCNhAZ8akMXBYuNfX69qX8SFPJWeQvh328u8sJ3WBMz-u8Nh0twFzER5FAS2WDkhVIK1JUiCdir7uqK_H78Ddim5jmS1lIFsNwhU0pyMwEhonsgg0w9YFQjEol_lsmdoYhRgcplzwl15fSI-Nq9ATHlibhbmNFjOMkV9h4IM17hltdfw4FwO1i5Ycb4RoNG7RLGlFMZbw7rY-de6t4QpWKEc6EUajwbOopRe8M5Zj2rKFhedAYnNQ0h8bh_UpuOnFcAWONhG6Cq-aDhWgV_uCDFALSFsMajh0cDbTv2rKURBKhQQP7RlILeEIAo7pth6y6KVO_OvFmTS7w5FrzeJhWpQwJc3eHaOLkeYdPXyyfQQFf-P6SL5IKvE7zD9z6e9GVyrkYfRIXDeqrTZFLXnTaPClJTPzMvNG_cuz_s_bRH-My1MmS8aKKnGJc-RvI1HvfL0ynEQtFEPL3tto8PQJl6YxlIWMEklXMtxoII-2tw1d7Ki4Fwl2uZ-e5ffQk3uxMhvzqLQxEWyfM5Jfrqb0oRwnEqS17UCqj9tqO_gM2jC5GaftcK6PciCNFVIYd2qjAu5_AhXtPxVD_epuoDYl13zT8Uz1n_9FXc_8Gs6PdAP4xjNz_qLRbpcvI0txnquc0xuNb7YSZ1735A3TEct8bh0z7MZP3p3Zcd_JOvoc3rP-SDi648TRMkzJarHzn4bxEwoxkdCiHPD75rJDPtIxElGco4bEhjLyUIW0rYinoNRVsmdKq8FypUpOEawl9ZVYeo0JNF3GEKCY_CK-DwiURH9rf6Dr6TCK-bL-j0OlfCB0CaXaFM7ILxpbYLc3XCHNhI-Vvo0LeDLWBVNMzFPeFZ8nl7pN0HfuA8vDhFXv8TfjkFMv_iZbL_dQ9W4x1LhrTY3UsXu2jxChf-fbSN_RQLjrn-hPjktnqdSci8w2K4jM0xxB_qOaQfOmdsZzTJO3YTikQD84MEQVRxX6pfWGK8YpbrCp28nCJfik4TbiWCTSNMQe_M1xtO030aqsCwN-uIHUbuOsXbjD-DpEaN-lOYfw2etADpBtWYQew2HblSbRqIui25wVp7LUX1RqArxhSSkkgDGFmubiSqDAb2vOSCdT7U-U_u8j2IjU4-Ikl4iZdkMG4eevGmZy9pbY4gGCLt6rnSjSuPml13f8AguGXRxWuI9kfdca_OGv_1c0XyRUUYeg&cid=CAASEuRohTedcxGQlTRToYd1_La1Ew&rfl=1%2Chttps%253A%252F%252Fwww.diariodocentrodomundo.com.br%252F%240

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00758b991750c5ee485ccbaef81986492e0d27da84a985ac588ea00cbf5f1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8696
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E568 42 B
494 B 133ms
63ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AX8xkTswq8If3o5Qp6RPLzu8fDwLzfurVvXGnZQhAd1qLmEZg_XyKTP-TbqvAn7LznucCdcLrS07Gp4824Qos-yhd_-mlL61RjxsrOZRXOxPFUr2c

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/829650/57301878/dcm/ Frame E568 229 KB
76 KB 124ms
41ms Script
application/javascript 54.194.39.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/829650/57301878/dcm/dcmads.js
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.39.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-39-62.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cfc6194ec89056736bd357173afcaf5aeb41de6bdc24795d57b8cae0ff1a9921

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame E568 47 KB
14 KB 126ms
43ms Script
application/javascript 52.19.214.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=18517273&campId=47474513&pubId=1&chanId=32204227674&placementId=381128391&dealId=&adsafe_par&impId=ABAjH0hB-PFP_YWLEN4IvaC_sraZ&bidurl=https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.214.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-214-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 905f3e832a6c227b693ee7e42699059758f879ae187977ab22f8e185da6cbdfd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-server-name: app32.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E568 2 KB
1 KB 79ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:57:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E568 119 KB
36 KB 107ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E568 15 KB
6 KB 73ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E568 0
0 39ms
38ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTdHdFp-ghshnOyAvpH1-RBQFUcflbKitr2SowY556xKT5EwCqu2VJjQeJkZoundrlp877haqYWdaRDolQRaqAuU4KwQ
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 container.html Show response
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6D0 6 KB
3 KB 31ms
30ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:40 GMT
expires: Sun, 11 Dec 2022 06:13:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FA61 624 B
733 B 83ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhje_5K7ATAB&v=APEucNWtGRKKsrTUDlCIP2DPjcfiDwTwqMvA4FvffdLtpK23G8Wzn7nTCwEAAilZJC4HXWVz2WBG41l_wOgeq_ty6oZMN1ulisofBbDrCexjHNIUDbLvYBAn2jDBdjU5dz-zgiPzGeSIoK0BiDrxIGGC0aW_lgSDuCIKIOstAPCR8C1AH3A5-JQ

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 11 Dec 2021 06:13:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9628 24 KB
14 KB 101ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUWZEd_PMyrn350-SbKvg_KJm5jtBtG6Nt_4JhJ49vw-CpXDNQMAnSLLuHsQJ8WXF9XWWfEcLmRtoMdMGQbtSQbVh5Gpvd9SdVsOP0bNXKpGpQo7LTC7eDZg51mybdf0Y7yfN9qXGf4vEmjYn0gdUROP2Q3A&cry=1&dbm_d=AKAmf-BbLRK9i-Vs3tKFQ50IOf1tO5hd3Uxj2hNQOToinrDQWL-aqmlmZNhoe6rTg62zJC-ajutmQuM0sVbjw1exu1b7Y3LrrW7MJFnEv12IHnALTkJ6RYq-kyR9MWN-ZD-YCUoInqnumnzp0ldK4yJZqahiAsbxLgEVfqyaceZuYEXctllKoHtL4B1FnbOyt9v190ncLZMjI_k8W7__ayRDU6remaZVGZmFx-fJS89fxzjkEziQHMLrsz4cBhZkgha1ChF34aFe3H2PWgweScjyenNTca68JRMV-bzK_svV-AIrynxMghdT7t3lbnud3xhFzwyjl5ss_A7WwAlhfF1t-gPSqz1zTW4aDSdMCStHB5sHMwWJMGKf_sKDZ1cMBn2vZ5xoZTkGi961jBGJw5tYqh97a_B5dAKNn3XVpgvGqyasHL9EUhA8rq7swWl7eEHQbspsqPkYnKpzPwet8C4NT7VDUaPAS2IkB9fVEuyYL2OYKd9ruSZK8Q7Bmz2EIcTrfUuCssiFYbOG5rupgTR5w1DbDj9_xb_FE5qlreUNvVAZ2wfPN2CfHilgUugky8GEhPBe3l-R6hjf8Ug5BcrFCkEzn6vQ2RnWoblQ4A6tFPjh8f7ZKmzWGflQFcWHjSvQ6AbnEGp19fWYflUm2UzZHTqEWbDA0oVCiLuFII75Pre4T_0bv_2-CCvmmjjtBjF_Xjdd10IY73wYIOtsJNU7ESi8lod3srLdsOscO5fvN8CkwwO5EfrIU67rpkoxqudyGCR_3Xo5HCnUuVMdEp0WtFwjwQpvPM6MJwcdNqJN5lrZZGaPcHeFZW_axlNYkhukR4fD9yi26H4FGdbdRpB48OcW3CR74WqdfeXWP7q0NqLLuITf3bejyK2HWk1oWJx5LF71YD54ZpmLv0muOZx6JURc_u2CbxMjlnHleZ4nBRdsnjVvxOFAKZa0JlVB7nQvkBEMvzEh6YK7kOl1VbXyxFl4uN4jLC2Y1NbCOElr6IphzZYvoZkI8NrrH1o03HMB1lc8G6uEC4ANr63SbsZRv0MxX4vGfrJ9GGKjYDLZkgg9pQXPkmLTDH1d3INLUBpnXNvzwSVyYTfKBoyN-62y7YYmLCk5yhmCgrS6RUbEfAxFsikNI1cjWqZOa4iFolqcAx3Ezt5vOozqoon3UNFQ8ctbx14IGrokZw0FXoOeQZ93gzq5ihsappmiLAAaG9kg23sgJSBkfs4Si3zOnb43mgJf35q4Sh3Tn1XV7Stlh8LtxaUWH4rHPRQvvdlGI0G0A8zyNuGImwAz46v9B63mB7IxvF6upgRppRse3PFQDt__1QT7I7JmKY8bWaB2UnKYewYGyyU-IZGI8H6mQur9-0E9X3E7i52Nos21vcwphP3upY5vdB2DEKivk3ft5lIWg4F7q8LijJew81nXT-oGYT0yYBntmh-G04M1Srnc4dPE6RjH-FHWJdW5paamWr4kdAads22xG8acZLuVPPZeZIFoRhy_MNZeHRs6W-W1JMJvm6WIt5LE2lS_iV00hwi8-_dZU_cNlPF2RIGrfG1jKlIBdN_fBFeN3NUx2_HRb9YYR3kjk7EGunjgg20NCGzZJQvR9J5qZ3KKgQ8E2x-s9ZzSPspyGswObX2rUsvD-m1ZNDacvh7O5fiM8H9bmRIrZQoSOWy2iWpNv24yInlNbyvVJkW1iqe74gIuHISYErt6Qb2tz3MYUmQ7pUhrfPbe0LizweL-1Z9idaH7AnGl9Xb0tY-IdskeIa0GcJsFUdo7Ojr7u06ifZdLQqKhH-2jz_J8vic7M4pTNjQaP9Kf5xOUYAY-rMsgw4KtBotoLH2Ab0g3qNdp1QI46Dhhfs0b2_DKr_rY3NntDbZy-teK3Fm-QsYSM1fV2pttheYcH7rqaEKPhnjozwgksMg4e3rwUxqNnEv7s85cJHAjggLBfK7MV1Fm58qEkqKsybAc09LCPGyg7uGmRf7slbE7Gk-Ej7-fqHPmjpb6MlpW1ZMii367VzKIFl8gIIrM1goej9E7AhME5N5LttfW2IU-z92jz5Q6SDGRJ7IC_CWZML8247Zpz11zDM0s38XKdMOW_9k1tO598rmSBHJ8dk9Xxmq7epj1iYRbawCzUJb2gcBYOvauhJoiKxcN_m2ayKtZXtDDdWI4tQdNxnahkEhoxbh6829zctBvKsg14TUYYCr7_yQfbocAmEyhYBTbrXDFqQI6kyCdJLZ-JB8EMEH1T8aAzU_H3EZg7duWHV9CAEthSqglP8H4LHu9S-y5aKxxtv6YkyeqYjey_2HmGM2TIZHnyDKVADZJ-rjeeb5NESUZe7s4D5pyxEl-AFxZHHz0M6wdgDqLEdb2yl-IR_pckABVBhHVTMDShHyW_HttILTcTkhxYdf8lWX7FXDu8_w8FmKZ7HhdpZ8QGU9ro7EV49SeYTMjTxO5IaxAqHulECffA4t_el2ngLQ5n42NdJvnMJXVL80PKLBfK4WfNyb28JteTucMkToV58Yxmomq91VD3tmKm24HgX8Deer3588YDRzBBr3eR9rNLAeZAsa1v73tvkqpPZMH_BT8OJ7laj1FBQCm-CFl27GEjp-8xSVor3QQL6mnSmOpQxZAQhFQjy2hABn4YY2IUFqmqKU2yXEriR0gTJEqteH1aEQLdI8sYQBjiSG7Nfj-g3PW2EJPUAfEgC9EGygVb03sGhh8PGJlmmc4TafghZQkveZdcDv6VtL8lvugdB5RjJmsLWFxMDkx5H8NxeSSCYVDAw5I1gpmQB-IjxK-kvMoyyCQJoPoJxi82kqfe-BNFWVoIz3iJp6UjdW7XvdQL6WYoxTeyEhfBeshR7mbqGWiZNuGS6jnnK9JlxEEU4yd_DU7vYvbR1gRbls2uwPMWrs_qJYkk-RqQUkU4zQHUgXL0GjQGPL_rVrIY0k4we77nRQH9u7tuncFWRo82lzMD_91uveW_tbA9bzrG8mRTkOy08YsD0f_wmnmD-jhDjoNxa0ooYOJ7jDWZxC9I_uuGaBOoxz8Q6KFqJpfN9_61WNzTB40_ulHCThsAXs5bUfxNcT3O6bA0HjsBwRoWMjVgBBeFc9Rx0GK5l86XEZ5p6yZVEsqswN6Awy16xrjHX_R8uQDWZkQx1mLA48UG1G2vl2xVzANEuMl7z8C_c7KrDW-PN71-EnTihPIzKrODm8qIGfo3YL2SOEilM-tVHol8Sq3aOPpMKCJ7-OcJT_0R6XUVoDwGGYe4OfvbsrZ4yK-zyTq-HkymJ934z33vBl8MhP_9-M0ywOuPCmtp2EE6KqVp8cJDe2JMnDOv1ARNL4afcLoflL9OEFjRUJvLqC4AYvLNK1NGm1TGFQAVnAHYu4Tn14AQU3YKDfmh54sSutU4rQrKzwm9ko6O28dAbuSm3YobyGBM0mzIeuSTGYAiw&cid=CAASEuRoQXeAzLtUgDRdug9JlPZmBA&rfl=1%2Chttps%253A%252F%252Fwww.diariodocentrodomundo.com.br%252F%240

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9840d10e6c057d489416711b47e985daabb00a9211e9e78a84a8ac2675a56312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9628 42 B
107 B 103ms
63ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CPI7fg4nyxMH4s2djJYpPkBmwdXlDwx2V51Qv9PH4U_HmD_iBZuQDGghn7x-fWTip84NZ2wzKYImifQBmQUSBiur6VS6idV_KutUU9TeG97z32ZJg

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9628 9 KB
4 KB 39ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:45:47 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/878020/58502531/ Frame 9628 46 KB
12 KB 96ms
44ms Script
application/javascript 52.19.214.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/878020/58502531/skeleton.js
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.214.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-214-88.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 260793b5b3e987f4debd6a3f6a17de01af1ef6aeaa48077bd5cd0229db0f6653

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 9628 2 KB
1 KB 41ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:57:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9628 119 KB
36 KB 49ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 9628 15 KB
6 KB 41ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9628 0
0 40ms
39ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThYsHlJLtX8s68olhbOh7n8T7y0lDmyD4vZQY3SA7hPWY8cHxPhVjVKgmu6KwDeciIgXaBV0h5UCBgkV1p2k3zSmmCAA
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame FFD3 65 KB
20 KB 31ms
30ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5219279
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: BUlAzBtftpUYgUWrnuqnoKVTlf-AIaF7tyTW0dWzuuncr8Zk-r7Mtg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame FFD3 14 KB
15 KB 24ms
23ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f8b30a2aaa19326c2f546b8e22134512c9e5486fa6fec2f0d1c8ca2bbc8acb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 42
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 97ms
96ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=8gsudhf5sbntn&experiment=network_default&variant=fallthrough&service=dynamic&area=recommendations&product=recommendations&forum=diariodocentrodomundo&zone=thread&version=42dfcc5041eed24b84f85a10a88fa215&page_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&page_referrer=&object_type=advertisement&provider=google&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A991%7D&advertisement_id=160465&forum_id=2233022

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 d2428440ce503624f438381ac01a2c8d.cloudfront.net (CloudFront), 1.1 varnish
age: 2889818
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-lcy19223-LCY
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1639203222.459501,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR62-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9t1Rn74-0noDnbVCmB6Sb6mQkdD5T7FqaYfEoSarc1kBR8hHohWPHw==
x-cache-hits: 694795

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/ 576 KB
118 KB 20ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a789216a5b5923f74870e5b02d4f3808cb246bdee2ba8ff232c8f6dde87875c5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
via: 1.1 varnish
age: 504714
x-amz-meta-mtime: 1638698456
x-cache: HIT
x-amz-meta-ctime: 1638698469
x-amz-meta-mode: 33188
content-encoding: br
content-length: 120176
x-amz-id-2: 0IQCTjZ87XN/+3NqQB72XZFYy8U9kxxSbXY2GVXSStsrf2eIM9m0gmcXtfxdkoL4kGLyqyLEd5I=
x-served-by: cache-lcy19223-LCY
accept-ranges: bytes
last-modified: Sun, 05 Dec 2021 10:01:10 GMT
server: AmazonS3-br
x-timer: S1639203222.476215,VS0,VE0
etag: "c9beaa76567541fe62f2ff79e69d2939"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: YJPFJ6KW5EPA39ZX
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 263340

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 1286 924 B
1009 B 28ms
28ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3435bb7a03a55632cb2540112a71344e6d679e6a1657943d50e30a1f5c35cd5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:42 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3403

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 26ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=31579697&cb=1639203222866&uv=3076&tms=1639203222866&su=3&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vE&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-length: 0
server: nginx

GET
H2 206 qw3bnthfkvyvyivjya0p.mp4
c3.taboola.com/libtrc/static/video/v1627830541/ 541 KB
542 KB 26ms
19ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/v1627830541/qw3bnthfkvyvyivjya0p.mp4
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1954b13c71de8cdb2c0bcf29fe2b3979eaf1b1b88ad96b15b639cc3b1145bdc

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: bgVmtmAl6APROBazFFBy8R3SDhk6Pj4b
via: 1.1 varnish
etag: "fe0048838f482b03457842a13aef0310"
age: 93
x-cache: HIT
Content-Range: bytes 0-554248/554249
x-amz-replication-status: COMPLETED
Content-Length: 554249
x-amz-id-2: RkdZK0G9sSBQchyJn4yVnYckbYs5/9uLcTBEGQ1e/+xnxN8h4tMdDLRtM/4XtlDa0nOG/PRmuk8=
x-served-by: cache-lcy19223-LCY
last-modified: Sun, 01 Aug 2021 15:10:38 GMT
server: AmazonS3
x-timer: S1639203223.537003,VS0,VE1
date: Sat, 11 Dec 2021 06:13:42 GMT
x-amz-request-id: 85GE1S8T9E2GVGAB
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 98
x-cache-hits: 0

GET
H2 206 dvj6h0vqblnlrjcllnss.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1624554133/ 1 MB
1 MB 122ms
117ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1624554133/dvj6h0vqblnlrjcllnss.mp4
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4f5e2784f2836b197a6ca66251124511552dad2313a41fadd4e99e5d28c34c2

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: bSW5sVs4zZ2QrD3ztPklVfRZUH4v17Dy
via: 1.1 varnish
etag: "b9e926df4d95992d8a65329cf95d2754"
age: 0
x-cache: HIT
Content-Range: bytes 0-1258715/1258716
x-amz-replication-status: COMPLETED
Content-Length: 1258716
x-amz-id-2: tSVxrjbHap1iKd2DHBzVBFfmzXlvZtuc27lOSSgoujWCzHXy9KNhhE9ejEhyO6MWvro25aXFsDQ=
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 24 Jun 2021 17:03:02 GMT
server: AmazonS3
x-timer: S1639203223.537110,VS0,VE89
date: Sat, 11 Dec 2021 06:13:42 GMT
x-amz-request-id: VM37V6CFYTFYPNG8
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 98
x-cache-hits: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F0F4 624 B
297 B 81ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjWExDk_jAYwqqkvQEwAQ&v=APEucNWJIpPffGBtKurPIsKPaJCiL0GS-wP5h4P2-TJlQC-qJMjZ-TtN4gP68DgyOjSvRuhsXLWZgusqg9lk2xvljUtRhu1n5UG2T7lBkMPKOCHtkuaZGwEjbqL2jkhGdoV2YKTP0QkB2JUm-qdhIjlXoF79MT18WyEOIfO50FUpAgqr_sUqjuY

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 11 Dec 2021 06:13:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8E04 72 KB
30 KB 114ms
75ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOM5CjcBpOI1JfU622UxaPrAc6jByDoNB1OMdKYbZUkpYrpUjUcZlXV83IDc6yIrtQ1uORyzOTKMdD40T0r7HJ4gyA_AJi6DPYRnJu3kkkjKDR8Ud5RuGSuzDuRIhVPUYNS7hpdSAXqn9QI1AaI6on8xOR2Q&dbm_d=AKAmf-D0a8jaRnQorzuj45yHHGmHmhFhxFCrECH3XxgPtRFRQJSKPTMloW-xbs7F6-szCae8cCrd78UBsVIK-OeNqplnxHqhFZbhwcf3FMAqpucOAkNx1t-dCSA-7DwOtW9ww1-mZ3tF39I2EEmzVEdTaPHgo5NzO5IsceZxpX1ll4o8KLPIYgbGUWunLGJVtFhuf7rySXhHC53BLcJ2uNx-Nt-Zi-ZVD7uTGIxWcZ3XAocK1EsK0GJwLF5ryfOQuy4rvR7ip3G0piMLUqhEXM1B2ATWfKr_0aYyKwn7DBmAyP0eJy_7a6v7z62J86L6TXgOj_A9etGUy_u_nYGSk2hYEBEjRbm09PC5eA478p2pKQf2GHhJGG9T22ZL34iShemqijFv6xRT8cLfl0QV3LMy5Du_kpWQawVU4hc-0lucZ_HiLcyGugqO9Oswl11sZ5VHJ6EYBkoO0fmb74B5yrdvsN_9ldmRHgXhJF6CeOXgBG6TtwifU2QSoAoVXHup3LgnTXRbWK3Zf0ylA9QOfsn0hhC5y0OeNwS03jbEqoq06Ofy9PpFBFRICJpL8lSEFv_cDunbW64zIJkL4vB5LxpcqksxjT-D78dks6nzNzFCGeBUFBBppN1UJdipP___usEysOo-j_MKmdjnTiVqFrvpPj8QpK6NYuk1C6CprH8CQdBDOYpAQz-Gwip1z10uYhfbnFmKHon9MdejsmGjg1eKwcVKw5L3WaQ2OK6e2egO2Z7Tw5E2zmGMlB-2AD8IMOF-06h8He4dzK2h8xTxjPD_akpDa8mQWcECNkSVe_TBVLK0qB9A-6AqvUyt469iIl9swsXmsMV5HmmqCEnwaZWaXUegx_rOlJyHJiKaJzAYDuqlzJ-kp5YPKtAfhYgLNyzyX8UmrggQujdoKfBvEVW3aZzB_8z-c1q7j5dmqhKWd2YuyHlhg5OkmofyKG7GygxQ6YI8EXURFYsz2LA0dTcoNbRQ2vq_dBxbetucmD_M3dpbeuamU8wPwkzW5PZCeNXAldEG_2CIQa67hk5WIECpX8TJg0wLAKVf3k7rX65Dc31Q-U0EH-L-27_Enmsmj6b0tjW5m31jpSo2QzmhdcBE336MjEnxvaSAu6DaNsekXWvYL_DtCr0_wce6ppzImafIDbGG-giZQKsi3pvwDzE61Sltf8s_BrojjYd2VY5SDUGQP6r_89oY5sSVs4bdjWezjLCIDhgnmYxMZEvUqy_B1XKjzYQAaHY3Ph3UsRrfbOXF3L6VR6jcCYnJAxj0VItoa9POUB7hHWm5kL84YsYxdnp6xF_egd8vpGUz3DtqlpaG2wd7hb0QGPD1f5zO-qMYxEu3lwHR8iT2tvozjcZ2Ph-DhCrwScVt7YY3Pq5NNCmHDjMtwrf_gkmzalUEBIv5YGhtK3ziur6nMpWPHHgk3h07Im55iJY1zHckqtxWiQR7Chw3cxJllBiRF38pALQ46jMbVN5vd4F75K1Kw1pyfclCk4R8WtSXgvWZCNPlaO7jN85gQysyHBUxpMSo9A4Bsp6bwLrX7cD_XOxQtc6NAbkgtZX8JVGRh2D8YYtmE1pF_j7wBfib64QHkoPBebqq31ZVTAX1A7_G2Ndi0R4gOwmB9WKijlV_gn30k5cz2OkNKgUhpHrwFJujwsO5rH-vdKZ3d18cAg7mz5bD2hg6qRj3Db1L2RTHCXUn9wHbI1AjH208WUgyIURULR_KEJSnCnuyaSHzU_0m9YZ9Bw2EE-zX1f3D2J7cXJClEn_2B6zrW8lFZFzgCP0XcF3pFnr3pNbvyTxxV7VvNWGjakavBq0FBovJjnUl-t3fQT_7jvmunBew-IwzML8zrKsXriz6rCbmCV9rs9xRDC0x4jvhVmuxkU7uorEMtIUotjFW2G_InTMqSyX6BH1knJd9eFhnC3ADuSKakLOKqsMvZjNyl4PAxxBPK-5Lb1-lqCSvKa95sJB9hz3uIQ4itQnDw2HAcgdYMyYb-Zj0tZL190YU3spqKV1TExbjSDYcEWCtIHbw0JeHOOzByftrCjgcAJB8A2dQVcg0cDzl_6KCAUDThu35Q5PUrwyvjkyrPsaFxDmNG2P_vVIKVLkwMkxrV8q6QyaXhaExTNA7Sd5lnPlVZqu2YYxvywXQk9-ecoMCqka1tUDwJSPbgXFMVnm8oPTsrVpYcqDWVhJ6stmFSViIxZ3cHRz6Jz4o3TAFUzVcsjg94_2m6XhMN6xukQKgVe0c0bRJlNZFZsAbJy0nWeRsQ23prDodF8iLam99yt9pyxOrU_Lt7H5fJyzPLUJuA7fa10R0CSdm27Sy76UE0-VDuGXLCiYV78tVQDSQnoVhm4D4JNoTIcJMxBnGvqxmUHqaydypMV68OrHgQEclX6vIPBeItE7WcYDQGMSHte-BrGeo_xoFIlpe0SoY5ncyDFi6R0iORqNtkrYyLFyl8k-CUFzeeiFw9GP9V1zKRlhVIpdgwQ2Y--sIXONV1TOaBsrljApzJGP1E_Qu46k8frWjEpvTyZwWiVcOnrEcu3-9uhXohsTh6pgd8eUsNPhFUAMf9wq19sa95_VUHVDmYlkx19W8j7tlDWNgWtp-yEi9H20cPknOEX24SklvrgnHEFygFRJINDV7OXHiqbvmRT4Zc3JLrbTbtVGDHzmoO1wBGsby-c1GCnP6TG9i2WdgGoQQTO4rV5kxsih4BU0cav4Ys49AdwB6gSK9QVYUV0TW4gBsB-iZqDTp2QYUcNXKTF8wkc9TPUMxi0KISGu-c9aKrckNZazJcXcnhRsyejMyxAPFlpAlXPJtSBmZksPTdBpL3b1pR_TA14V9ZljeiErDInwV9x2iGAq0tpaQdoYWG0MtU2dANqZK0VHq3LSdziGI7t-34j6MgFzfG9XfMZ6IGaM5b_V4LFqkY-8SqaWZwP9QuFzokDSLb_5GrF_0J5aDxA6RWxlEI873FPfKAgobzAgBWG2xmUSBCN-eoqHFA1wVmxC2n6Pg5V_eRKuXr5zamD0Zok-W16KQ7nzkbR-OaonUedJt5du3JY31xLZ-AauupQo_iX5zDhRroqLJTkr5zKsIsRvhmxUD_zIPRguiNhjE5B3CUQK7YcL7mC9yGhEYlZfqm2VZW8propt9EOkcNAhnWduMsrr9rjMuzHeIJPQefklhJXgQa1T9pPwaoBMaYqKb0nz4SAl1DR47c7UR33vAyL0q6EuJmakmYc8gO3-jcytv_4VxyXSP0E6YtlCvGhAwcrMm7tfmFXOzUvfuu9-RvKIa1DHqzBGKVqO1dP4nCz8WXqucmEZShOMurvOQ-GR5LNtjEo0OX0WANUlMCgHibhjL9U0EHNxNlVTQiI6-2wl-pG0pDikepPA7WLT7QyXYzrpDPSu-qV6s3Ig-sgwhSPp3soVz1VccY_q48x2Dx_8orxi0M0enHCCpWlRrvDBbG9a01bIE7QLke3wKeU8HswGvt6ErlbeOCKu0dejLrwfG72ZxE3muRZkqVYxSiTYfP0I&cid=CAASEuRodnjaInL6ptjbvagSSBNeNg&rfl=1%2Chttps%253A%252F%252Fwww.diariodocentrodomundo.com.br%252F%240

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cf25c21afaad77a4907cafa9ee00ad8a95a0979fb15df0fd09985593de8833e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30700
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E04 42 B
63 B 102ms
64ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKbAWbpixwEoeJWlP2CBqSWbfEoDy1FaX6c-qYRLBeqcM6FZ7V9ov9a4adw6Zo7HGkNdgMqqElhf-u4CodDcUfHkvEQ-WpOGIfNfyBjRnX8O1Qi8Q

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8E04 2 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:57:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E04 119 KB
36 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8E04 15 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6993 17 KB
6 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Sat, 11 Dec 2021 06:13:42 GMT

GET
H/1.1 200
OK embed.runtime.54a58eb5540918258367.js Show response
platform.twitter.com/embed/ Frame 9A4E 8 KB
4 KB 51ms
50ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CED) /
Resource Hash: 12c748318ff42d318458ecde073d66441c47dfa28d941be5f42694fc4e02a0ac

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CED)
Age: 121640
Etag: "c5272c96b4a5d0323eb55dac2cf6003d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3522

GET
H/1.1 200
OK embed.modules.66e311263622456867b1.js Show response
platform.twitter.com/embed/ Frame 9A4E 519 KB
163 KB 103ms
52ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: 8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE2)
Age: 121640
Etag: "d2a7d4d81994376470f2560f453ad37b+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 166772

GET
H/1.1 200
OK embed.i18n.c052951fae9a0c2b4020.js Show response
platform.twitter.com/embed/ Frame 9A4E 146 B
651 B 204ms
50ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CFA) /
Resource Hash: 9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CFA)
Age: 121640
Etag: "ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 146

GET
H/1.1 200
OK embed.Tweet.7441fbde60739a79657a.js Show response
platform.twitter.com/embed/ Frame 9A4E 16 KB
6 KB 206ms
50ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.7441fbde60739a79657a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: ac0b312f9cb9d890f38d50965cac80da09e0157a74877d144cf9db089963e1ea

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE7)
Age: 121639
Etag: "882fc55e2cbdd922fdb9289839725a36+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5739

GET
H2 200 pt_BR.js Show response
c.disquscdn.com/next/current/embed/lang/ Frame E624 15 KB
6 KB 30ms
30ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/embed/lang/pt_BR.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8e74ffce485d7f721bb94b623087c910341ebf59a10b0f7a125786b6edba84be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 5856
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-16e0"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Sat, 11 Dec 2021 06:17:55 GMT
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: jfJj1LLY03xD7KFojBXbQUt6gLr1yhQA8QMHwQ-ushGMXBxprb_3eg==
x-cache-hits: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 60ms
60ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 3572
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: DcwtOhqkJPBMn0QDS/bBkThXt5sS0ECRpcdU/GUWTyrU9uZNcJHG4xRA49ZTsSfQqm4CU39Mcx0=
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1639203223.641050,VS0,VE0
date: Sat, 11 Dec 2021 06:13:42 GMT
vary: Accept-Encoding
x-amz-request-id: DM4GJXK9EXG77GGP
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 98
x-cache-hits: 7484

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 9628 24 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUWZEd_PMyrn350-SbKvg_KJm5jtBtG6Nt_4JhJ49vw-CpXDNQMAnSLLuHsQJ8WXF9XWWfEcLmRtoMdMGQbtSQbVh5Gpvd9SdVsOP0bNXKpGpQo7LTC7eDZg51mybdf0Y7yfN9qXGf4vEmjYn0gdUROP2Q3A&cry=1&dbm_d=AKAmf-BbLRK9i-Vs3tKFQ50IOf1tO5hd3Uxj2hNQOToinrDQWL-aqmlmZNhoe6rTg62zJC-ajutmQuM0sVbjw1exu1b7Y3LrrW7MJFnEv12IHnALTkJ6RYq-kyR9MWN-ZD-YCUoInqnumnzp0ldK4yJZqahiAsbxLgEVfqyaceZuYEXctllKoHtL4B1FnbOyt9v190ncLZMjI_k8W7__ayRDU6remaZVGZmFx-fJS89fxzjkEziQHMLrsz4cBhZkgha1ChF34aFe3H2PWgweScjyenNTca68JRMV-bzK_svV-AIrynxMghdT7t3lbnud3xhFzwyjl5ss_A7WwAlhfF1t-gPSqz1zTW4aDSdMCStHB5sHMwWJMGKf_sKDZ1cMBn2vZ5xoZTkGi961jBGJw5tYqh97a_B5dAKNn3XVpgvGqyasHL9EUhA8rq7swWl7eEHQbspsqPkYnKpzPwet8C4NT7VDUaPAS2IkB9fVEuyYL2OYKd9ruSZK8Q7Bmz2EIcTrfUuCssiFYbOG5rupgTR5w1DbDj9_xb_FE5qlreUNvVAZ2wfPN2CfHilgUugky8GEhPBe3l-R6hjf8Ug5BcrFCkEzn6vQ2RnWoblQ4A6tFPjh8f7ZKmzWGflQFcWHjSvQ6AbnEGp19fWYflUm2UzZHTqEWbDA0oVCiLuFII75Pre4T_0bv_2-CCvmmjjtBjF_Xjdd10IY73wYIOtsJNU7ESi8lod3srLdsOscO5fvN8CkwwO5EfrIU67rpkoxqudyGCR_3Xo5HCnUuVMdEp0WtFwjwQpvPM6MJwcdNqJN5lrZZGaPcHeFZW_axlNYkhukR4fD9yi26H4FGdbdRpB48OcW3CR74WqdfeXWP7q0NqLLuITf3bejyK2HWk1oWJx5LF71YD54ZpmLv0muOZx6JURc_u2CbxMjlnHleZ4nBRdsnjVvxOFAKZa0JlVB7nQvkBEMvzEh6YK7kOl1VbXyxFl4uN4jLC2Y1NbCOElr6IphzZYvoZkI8NrrH1o03HMB1lc8G6uEC4ANr63SbsZRv0MxX4vGfrJ9GGKjYDLZkgg9pQXPkmLTDH1d3INLUBpnXNvzwSVyYTfKBoyN-62y7YYmLCk5yhmCgrS6RUbEfAxFsikNI1cjWqZOa4iFolqcAx3Ezt5vOozqoon3UNFQ8ctbx14IGrokZw0FXoOeQZ93gzq5ihsappmiLAAaG9kg23sgJSBkfs4Si3zOnb43mgJf35q4Sh3Tn1XV7Stlh8LtxaUWH4rHPRQvvdlGI0G0A8zyNuGImwAz46v9B63mB7IxvF6upgRppRse3PFQDt__1QT7I7JmKY8bWaB2UnKYewYGyyU-IZGI8H6mQur9-0E9X3E7i52Nos21vcwphP3upY5vdB2DEKivk3ft5lIWg4F7q8LijJew81nXT-oGYT0yYBntmh-G04M1Srnc4dPE6RjH-FHWJdW5paamWr4kdAads22xG8acZLuVPPZeZIFoRhy_MNZeHRs6W-W1JMJvm6WIt5LE2lS_iV00hwi8-_dZU_cNlPF2RIGrfG1jKlIBdN_fBFeN3NUx2_HRb9YYR3kjk7EGunjgg20NCGzZJQvR9J5qZ3KKgQ8E2x-s9ZzSPspyGswObX2rUsvD-m1ZNDacvh7O5fiM8H9bmRIrZQoSOWy2iWpNv24yInlNbyvVJkW1iqe74gIuHISYErt6Qb2tz3MYUmQ7pUhrfPbe0LizweL-1Z9idaH7AnGl9Xb0tY-IdskeIa0GcJsFUdo7Ojr7u06ifZdLQqKhH-2jz_J8vic7M4pTNjQaP9Kf5xOUYAY-rMsgw4KtBotoLH2Ab0g3qNdp1QI46Dhhfs0b2_DKr_rY3NntDbZy-teK3Fm-QsYSM1fV2pttheYcH7rqaEKPhnjozwgksMg4e3rwUxqNnEv7s85cJHAjggLBfK7MV1Fm58qEkqKsybAc09LCPGyg7uGmRf7slbE7Gk-Ej7-fqHPmjpb6MlpW1ZMii367VzKIFl8gIIrM1goej9E7AhME5N5LttfW2IU-z92jz5Q6SDGRJ7IC_CWZML8247Zpz11zDM0s38XKdMOW_9k1tO598rmSBHJ8dk9Xxmq7epj1iYRbawCzUJb2gcBYOvauhJoiKxcN_m2ayKtZXtDDdWI4tQdNxnahkEhoxbh6829zctBvKsg14TUYYCr7_yQfbocAmEyhYBTbrXDFqQI6kyCdJLZ-JB8EMEH1T8aAzU_H3EZg7duWHV9CAEthSqglP8H4LHu9S-y5aKxxtv6YkyeqYjey_2HmGM2TIZHnyDKVADZJ-rjeeb5NESUZe7s4D5pyxEl-AFxZHHz0M6wdgDqLEdb2yl-IR_pckABVBhHVTMDShHyW_HttILTcTkhxYdf8lWX7FXDu8_w8FmKZ7HhdpZ8QGU9ro7EV49SeYTMjTxO5IaxAqHulECffA4t_el2ngLQ5n42NdJvnMJXVL80PKLBfK4WfNyb28JteTucMkToV58Yxmomq91VD3tmKm24HgX8Deer3588YDRzBBr3eR9rNLAeZAsa1v73tvkqpPZMH_BT8OJ7laj1FBQCm-CFl27GEjp-8xSVor3QQL6mnSmOpQxZAQhFQjy2hABn4YY2IUFqmqKU2yXEriR0gTJEqteH1aEQLdI8sYQBjiSG7Nfj-g3PW2EJPUAfEgC9EGygVb03sGhh8PGJlmmc4TafghZQkveZdcDv6VtL8lvugdB5RjJmsLWFxMDkx5H8NxeSSCYVDAw5I1gpmQB-IjxK-kvMoyyCQJoPoJxi82kqfe-BNFWVoIz3iJp6UjdW7XvdQL6WYoxTeyEhfBeshR7mbqGWiZNuGS6jnnK9JlxEEU4yd_DU7vYvbR1gRbls2uwPMWrs_qJYkk-RqQUkU4zQHUgXL0GjQGPL_rVrIY0k4we77nRQH9u7tuncFWRo82lzMD_91uveW_tbA9bzrG8mRTkOy08YsD0f_wmnmD-jhDjoNxa0ooYOJ7jDWZxC9I_uuGaBOoxz8Q6KFqJpfN9_61WNzTB40_ulHCThsAXs5bUfxNcT3O6bA0HjsBwRoWMjVgBBeFc9Rx0GK5l86XEZ5p6yZVEsqswN6Awy16xrjHX_R8uQDWZkQx1mLA48UG1G2vl2xVzANEuMl7z8C_c7KrDW-PN71-EnTihPIzKrODm8qIGfo3YL2SOEilM-tVHol8Sq3aOPpMKCJ7-OcJT_0R6XUVoDwGGYe4OfvbsrZ4yK-zyTq-HkymJ934z33vBl8MhP_9-M0ywOuPCmtp2EE6KqVp8cJDe2JMnDOv1ARNL4afcLoflL9OEFjRUJvLqC4AYvLNK1NGm1TGFQAVnAHYu4Tn14AQU3YKDfmh54sSutU4rQrKzwm9ko6O28dAbuSm3YobyGBM0mzIeuSTGYAiw&cid=CAASEuRoQXeAzLtUgDRdug9JlPZmBA&rfl=1%2Chttps%253A%252F%252Fwww.diariodocentrodomundo.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9628 41 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:55:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E568 41 KB
15 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7hXCqNIia_Kh8GTZvP3E9zb5CQQEsNpVrXcJHw3jNAWBFe0Vmpk6u-l3BemRDNsXkX6-3MZ4JCZAwS30ANpGZcIcIv2Vn27pAN2KXh-B8-O5vZAapsWeCihMPO7-fp1DzYHKY_i7qetwWpdsO0B4iCjXPLA&cry=1&dbm_d=AKAmf-AjxzhBFfpGtKTOZM60nI_pXe2kMk0EbZ6Js9JVc0rsmIkTmWSs_Fqdmk4gLNnwi6UFU9ysYrSgv4zsCBpyi91rhwcdeT_l0vU0QmTa5_uWLSRNEBHAqZVrtN1ajlFD638MAucS5BTno50KWe9eROct7AKxh8TW5xNn2JDo5t8Pe7b_1Ac2qrS5tVz8BSLjNUIJ5nDARYcLqApfEMTu4-gBH0oIWNSokavBfoFitucbRH94qKngfeLCTQQ0cVccDcwV-UBharc15-27d-gOW1KNSJXI2xyfRcqVtiwky0bdaTofzI6yPStgOgbHTM6ncAKZzE1RSRkya9nXVN7WHnyI9Kn4As8u0GiUBuXLAxHyssVaZwT3nbbFhp0sqzhfNRHWKtC6M3T4q6ly76hi6k6IRhv0yorcz8cw4Mu_9VgRo0w2SGkuS6T-PuFB3Gcwb9RfSm7E1OFURrF3nAt2ADA5TCIiRfkC8MlzHDuxahD_2WYgTrcYWPj0RsgwHSyb2eJEjTjV7qlVz2Cb1Prp4g9WQ-uV6u8dVNtR5A4MUAhHI7UxWVKUXly5SP_fNGOa8EurJc_qPCx3iyDmJBiaMcotEMS78xLphv4SxwGAWh0doVagHzUs8d2EmcpRPIUx13Xi8wPRwjz2p5bvvd8GrOoKAIQwLU8-GniconDnMFPDHztmDDlMrpBN5y32o1Y-gQ-fqzHr-tGH3xRrWt2lgc1_4HWZxxSjQ1ZZy7FTf9O78PdMB5btnD_Wvg_ak1Q7qDPz3BGF7hMfdfvXQQ1hTznAEGIqfpqJ8XDgOB-w945JEI6joDufMbvYtEWQyztJVAYXZZbWfQWOs3-tX4zF-5xF3vDx8WLgSYrgOotj_MCFRtITKmLU3ZpIyyc4LrCz0WERdzfBGlKy4W5BC6oPLrbrEOOkFor5VM15inJTSdfEpD1N4Zy4e16EnlVV8tOv9smCrLimdXRiVgdCAyt2KSNvI-ia8fXIrpvSMnL78dxSIiGydt3k5GzIJaC9Xwr84elzETS8vRY8hs6KFfMGNnI7i3hl3d-dCE7Fd4H4kisO1p5diVNpCpzLs8RI7fYZyxTfyFNgQkpDYtYP9Pfh09hzEvIdAliNtoYi-kIR13IDanyZzowBkZRxFmGMXUXqkfh0JL0RMk-gVGMbuFtWFnm7eoTpfUJTBTqKaZ5ZuYmoBmPIBlo8g08zWOlGa20M6_tMJaB3AGUcEtvwUfu6MvzdQlDnGhQjc38wNI4Lz5HmVRPK-DDQISFv2PnIK3S-R9oMT5fFQxIgpD5rVq6Ww9BkOSrtnD9AXvl3kiTLEJB4XOwDQAs1gvN-RV9zJysU-p99JqH2v-hupyxEdM_1VWKuKaBiDDbs6t2TNxh2F5R6jK2yQJdio46Vs3o8PfPDh9UTWzIc9FvcXN69OuZAnOUX3zhgM-bGm2ppoPg96KjFY9Nlj_m91ZxmUPYlJGZVKSjkt1Yjzcr-bIReAMQfu0-Xs23tA7RwGD0dL8KbEMchlTmZDqbErjTWbzruOXscBPxq1hx8IhRFLjpeHfCQUyNWXr3zU9k98sfuKh2gLQa79youe1YFoRloIzWyvk7k_icUx6mOEDuTxHMsHv6DIWinNva-W4dMJ23wcec6yERJVMk2du705Ck4zQsiHeS7YA2SZbr87oS6UdRij-cyeHCy__C3hsTGpp1hrWKTaKdJd60PtEggdYYV4_vdG-kseImVxXId28kR_YfSxh5UwZdkU0G9Cq7_ybKwv2L6ZGiciCFsoLBkunZj0vF45ZjvOZEfg_RBWpJZygjcr7gGc_cPKWC_MuEmH8aI1y9wYOYZ-If6h_1QPzB7XSlerYUVmtkXGNY42ObyzKZMJRxXXmjiLO4S2tS2kyjFFsTCIdsXYgtIoYofo1Qwml0jQi6YvPJq54TIFzVnnC0Tal60Y3uF7MEtX5RwQrJgNQD7S5m_QYg3GEmuOjeYMrZPbP_2Iq2GWavWwiUmHbUFIN6NUghQw9DNuslbOjUtAMkskTXW3FOIdXazB7Vuo224LGPybxLVknvXMJEE_y3qKebdnWOckNKhYSZFvQU_LiqHW0ZOHCL8zqM5ipiUkWnvmpP9FF4Dgczg9bC5_Yh4BTR5BiNeMArrwTdpYwYPeG43dbKkBpCNhAZ8akMXBYuNfX69qX8SFPJWeQvh328u8sJ3WBMz-u8Nh0twFzER5FAS2WDkhVIK1JUiCdir7uqK_H78Ddim5jmS1lIFsNwhU0pyMwEhonsgg0w9YFQjEol_lsmdoYhRgcplzwl15fSI-Nq9ATHlibhbmNFjOMkV9h4IM17hltdfw4FwO1i5Ycb4RoNG7RLGlFMZbw7rY-de6t4QpWKEc6EUajwbOopRe8M5Zj2rKFhedAYnNQ0h8bh_UpuOnFcAWONhG6Cq-aDhWgV_uCDFALSFsMajh0cDbTv2rKURBKhQQP7RlILeEIAo7pth6y6KVO_OvFmTS7w5FrzeJhWpQwJc3eHaOLkeYdPXyyfQQFf-P6SL5IKvE7zD9z6e9GVyrkYfRIXDeqrTZFLXnTaPClJTPzMvNG_cuz_s_bRH-My1MmS8aKKnGJc-RvI1HvfL0ynEQtFEPL3tto8PQJl6YxlIWMEklXMtxoII-2tw1d7Ki4Fwl2uZ-e5ffQk3uxMhvzqLQxEWyfM5Jfrqb0oRwnEqS17UCqj9tqO_gM2jC5GaftcK6PciCNFVIYd2qjAu5_AhXtPxVD_epuoDYl13zT8Uz1n_9FXc_8Gs6PdAP4xjNz_qLRbpcvI0txnquc0xuNb7YSZ1735A3TEct8bh0z7MZP3p3Zcd_JOvoc3rP-SDi648TRMkzJarHzn4bxEwoxkdCiHPD75rJDPtIxElGco4bEhjLyUIW0rYinoNRVsmdKq8FypUpOEawl9ZVYeo0JNF3GEKCY_CK-DwiURH9rf6Dr6TCK-bL-j0OlfCB0CaXaFM7ILxpbYLc3XCHNhI-Vvo0LeDLWBVNMzFPeFZ8nl7pN0HfuA8vDhFXv8TfjkFMv_iZbL_dQ9W4x1LhrTY3UsXu2jxChf-fbSN_RQLjrn-hPjktnqdSci8w2K4jM0xxB_qOaQfOmdsZzTJO3YTikQD84MEQVRxX6pfWGK8YpbrCp28nCJfik4TbiWCTSNMQe_M1xtO030aqsCwN-uIHUbuOsXbjD-DpEaN-lOYfw2etADpBtWYQew2HblSbRqIui25wVp7LUX1RqArxhSSkkgDGFmubiSqDAb2vOSCdT7U-U_u8j2IjU4-Ikl4iZdkMG4eevGmZy9pbY4gGCLt6rnSjSuPml13f8AguGXRxWuI9kfdca_OGv_1c0XyRUUYeg&cid=CAASEuRohTedcxGQlTRToYd1_La1Ew&rfl=1%2Chttps%253A%252F%252Fwww.diariodocentrodomundo.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:55:11 GMT

GET
H3 200 container.html Show response
b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C70 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:42 GMT
expires: Sun, 11 Dec 2022 06:13:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 206
Partial Content 15c20f33-e970-4ea0-8168-3f266190d9ab
https://www.diariodocentrodomundo.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.diariodocentrodomundo.com.br/15c20f33-e970-4ea0-8168-3f266190d9ab
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content f5dd4295-8dfc-4188-96cd-96e3a0c90605
https://www.diariodocentrodomundo.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.diariodocentrodomundo.com.br/f5dd4295-8dfc-4188-96cd-96e3a0c90605
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D051 11 KB
8 KB 85ms
44ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9af9bfaf1bc32e633b9e96bb687fe3f0989202fd586d056824f0110282ec495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8450
x-xss-protection: 0

GET
H2 200 pt_BR.js Show response
c.disquscdn.com/next/current/recommendations/lang/ Frame FFD3 15 KB
6 KB 31ms
30ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/current/recommendations/lang/pt_BR.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8e74ffce485d7f721bb94b623087c910341ebf59a10b0f7a125786b6edba84be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:12:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 5856
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-16e0"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Sat, 11 Dec 2021 06:17:13 GMT
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: w9xO92Xy-ptaGBv2JnC4u6DdeXzz1VlgAKkT69mQEvlUI0rFoRL90A==
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FA61
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1&C=1

43 B
893 B

65ms
65ms

Image
image/gif

23.195.249.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhje_5K7ATAB&v=APEucNWtGRKKsrTUDlCIP2DPjcfiDwTwqMvA4FvffdLtpK23G8Wzn7nTCwEAAilZJC4HXWVz2WBG41l_wOgeq_ty6oZMN1ulisofBbDrCexjHNIUDbLvYBAn2jDBdjU5dz-zgiPzGeSIoK0BiDrxIGGC0aW_lgSDuCIKIOstAPCR8C1AH3A5-JQ
Protocol: HTTP/1.1
Server: 23.195.249.2 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-2.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Dec 2021 06:13:43 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 11 Dec 2021 06:13:42 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FA61
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbRBlpqpoyN6UDzphB.I9QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2

43 B
893 B

64ms
64ms

Image
image/gif

23.195.249.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhje_5K7ATAB&v=APEucNWtGRKKsrTUDlCIP2DPjcfiDwTwqMvA4FvffdLtpK23G8Wzn7nTCwEAAilZJC4HXWVz2WBG41l_wOgeq_ty6oZMN1ulisofBbDrCexjHNIUDbLvYBAn2jDBdjU5dz-zgiPzGeSIoK0BiDrxIGGC0aW_lgSDuCIKIOstAPCR8C1AH3A5-JQ
Protocol: HTTP/1.1
Server: 23.195.249.2 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-2.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Dec 2021 06:13:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FA61
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEKSfjTEdmXtkvBk2SHyJks&google_cver=1

43 B
1006 B

33ms
28ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEKSfjTEdmXtkvBk2SHyJks&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDdhLiuAhje_5K7ATAB&v=APEucNWtGRKKsrTUDlCIP2DPjcfiDwTwqMvA4FvffdLtpK23G8Wzn7nTCwEAAilZJC4HXWVz2WBG41l_wOgeq_ty6oZMN1ulisofBbDrCexjHNIUDbLvYBAn2jDBdjU5dz-zgiPzGeSIoK0BiDrxIGGC0aW_lgSDuCIKIOstAPCR8C1AH3A5-JQ

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:42 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f351bf3d-20de-43b6-9c3e-f44c0d9d73b3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEKSfjTEdmXtkvBk2SHyJks&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA61
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

170 B
188 B

47ms
47ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 44c92ec6-016d-4058-8321-ad02bfbd2a97
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2106
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1&C=1

43 B
893 B

102ms
101ms

Image
image/gif

23.195.249.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjHnd61ATAB&v=APEucNWW0ZzTAp2ZPyeC6B4LDvKtDG4MGQL9N2FdUFO99G4A54ZVPQLDL6heJfrpqPWAxP4Ajp3COoHmonCVgRiEWRy36-iqCQI48I47pnvOJ5yf-Mn5biP23MoFd0AJstvWwIeBpFbXU12edV-xA5sIZk72hpfH225jzMOe2VGdooPop9ddy0M
Protocol: HTTP/1.1
Server: 23.195.249.2 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-2.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Dec 2021 06:13:43 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 11 Dec 2021 06:13:43 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2106
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbRBlpqpoyN6UDzphB.I9QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2

43 B
893 B

63ms
63ms

Image
image/gif

23.195.249.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjHnd61ATAB&v=APEucNWW0ZzTAp2ZPyeC6B4LDvKtDG4MGQL9N2FdUFO99G4A54ZVPQLDL6heJfrpqPWAxP4Ajp3COoHmonCVgRiEWRy36-iqCQI48I47pnvOJ5yf-Mn5biP23MoFd0AJstvWwIeBpFbXU12edV-xA5sIZk72hpfH225jzMOe2VGdooPop9ddy0M
Protocol: HTTP/1.1
Server: 23.195.249.2 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-2.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Dec 2021 06:13:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2106
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEKSfjTEdmXtkvBk2SHyJks&google_cver=1

43 B
1006 B

59ms
26ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEKSfjTEdmXtkvBk2SHyJks&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDwoIKyAhjHnd61ATAB&v=APEucNWW0ZzTAp2ZPyeC6B4LDvKtDG4MGQL9N2FdUFO99G4A54ZVPQLDL6heJfrpqPWAxP4Ajp3COoHmonCVgRiEWRy36-iqCQI48I47pnvOJ5yf-Mn5biP23MoFd0AJstvWwIeBpFbXU12edV-xA5sIZk72hpfH225jzMOe2VGdooPop9ddy0M

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:42 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9c3b0f3f-62a5-4890-8b5e-2312fd55890c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEKSfjTEdmXtkvBk2SHyJks&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2106
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

170 B
188 B

47ms
47ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5bc43b2e-c549-4603-93fb-dbbd52e02d7b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 1286 43 B
182 B 95ms
94ms Image
image/gif 2600:1f18:612b:4264:e8c6:2f28:702a:f217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e8c6:2f28:702a:f217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1286 70 B
264 B 31ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1286 43 B
220 B 33ms
33ms Image
image/gif 18.196.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 1286
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A

0
230 B

27ms
26ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12133

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A
date: Sat, 11 Dec 2021 06:13:42 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 container.html Show response
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6598 6 KB
3 KB 31ms
30ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:40 GMT
expires: Sun, 11 Dec 2022 06:13:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame E6D0 3 KB
579 B 77ms
40ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 04:37:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 11 Dec 2021 06:13:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Dec 2021 06:13:42 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E6D0 1 KB
880 B 30ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:59:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E6D0 0
0 50ms
49ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmDNflUG0YYTsLMOC7gOfj6L4Dvnw89Nmx_-gq_UOZBABINbOt05gu76ug9AKoAHmv-zPA8gBCakCQgxxayhFtj7gAgCoAwHIA5sEqgTAAk_Qb32JS-9i-Pmavb2A1i0WqaLr9hLwIz4HTRAMB2i87J_yAidMAomxmv0GUO0K17iFrCKqm-WUhSybFPK-OGg1A-vCilswcyHVDlj_Nq8sevhD5aULtjwg50WEfWMLsdaVhQDmHHyVr4MXd9m5hu91sdpFwV3nMbGH-5quaaVareG01Q6nKbKKjG8TreGOMnbXnv1wbs9c8VxUwzdgd9Oztv5fkzQpJJUTP1AQEjt8OPZTUTNBk_N0IlgCwhgqkjNvVBgpHIRAjKgNkEOXD53aUq-NXBJeCytwqW4bXw4stCVL0h2-mgbg50wp7EwzPogN7K2yseDoYUdkNpMHOhgIlXsJ_6M5DDz644BHK5N4G8KKPmvmOSLRGcHkcdhA79DwJ6m2kBKE4j_J8g-NoswcBtPDhbJWqiqVypb9slgkwATu2LnW2QPgBAGSBQQIBBgBkgUECAUYBKAGLoAH8civDqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELymC9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTEyMzk1MDE0MDEwODg1NoAKA8gLAZgMkJDUzfgDuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi0yODQ1NDYzNDM4MTUzNzgyGM_UaQ&sigh=u0Czwvc8W5Y&uach_m=[UACH]&template_id=515
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame E6D0 19 KB
8 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:59:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E6D0 2 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:57:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6D0 119 KB
36 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E6D0 15 KB
6 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:28 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame E6D0 27 KB
12 KB 102ms
30ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 19:06:50 GMT

GET
H3

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame E568
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/829650/57301878/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa7afee...
https://www.googletagservices.com/dcm/dcmads.js

9 KB
4 KB

31ms
31ms

Script
text/javascript

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:45:47 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame B15B 80 KB
21 KB 151ms
48ms Script
application/javascript 2600:9000:223f:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 6127512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: Rqc9_kM986bPOUvWui_5AKlbJJJH4mekvWNkskNSWQcutmAxJnZbWw==

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A308
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

97ms
29ms

Document
text/html

104.96.5.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.5.77 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-5-77.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Dec 2021 06:13:42 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Sat, 11 Dec 2021 06:13:42 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F0F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1

43 B
1013 B

183ms
101ms

Image
image/gif

23.195.249.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjWExDk_jAYwqqkvQEwAQ&v=APEucNWJIpPffGBtKurPIsKPaJCiL0GS-wP5h4P2-TJlQC-qJMjZ-TtN4gP68DgyOjSvRuhsXLWZgusqg9lk2xvljUtRhu1n5UG2T7lBkMPKOCHtkuaZGwEjbqL2jkhGdoV2YKTP0QkB2JUm-qdhIjlXoF79MT18WyEOIfO50FUpAgqr_sUqjuY
Protocol: HTTP/1.1
Server: 23.195.249.2 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-2.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Dec 2021 06:13:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWWdxbr-m4025FwLW3dbHk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F0F4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbRBlpqpoyN6UDzphB.I9QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2

43 B
893 B

65ms
64ms

Image
image/gif

23.195.249.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjWExDk_jAYwqqkvQEwAQ&v=APEucNWJIpPffGBtKurPIsKPaJCiL0GS-wP5h4P2-TJlQC-qJMjZ-TtN4gP68DgyOjSvRuhsXLWZgusqg9lk2xvljUtRhu1n5UG2T7lBkMPKOCHtkuaZGwEjbqL2jkhGdoV2YKTP0QkB2JUm-qdhIjlXoF79MT18WyEOIfO50FUpAgqr_sUqjuY
Protocol: HTTP/1.1
Server: 23.195.249.2 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-2.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Dec 2021 06:13:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F0F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK_WdWOht4M-ejFxKNhvcbI&google_cver=1

43 B
1006 B

26ms
26ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK_WdWOht4M-ejFxKNhvcbI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjWExDk_jAYwqqkvQEwAQ&v=APEucNWJIpPffGBtKurPIsKPaJCiL0GS-wP5h4P2-TJlQC-qJMjZ-TtN4gP68DgyOjSvRuhsXLWZgusqg9lk2xvljUtRhu1n5UG2T7lBkMPKOCHtkuaZGwEjbqL2jkhGdoV2YKTP0QkB2JUm-qdhIjlXoF79MT18WyEOIfO50FUpAgqr_sUqjuY

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8b95e28f-ed39-441e-81ac-607aee0b0f83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK_WdWOht4M-ejFxKNhvcbI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0F4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

170 B
188 B

42ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:42 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 306b64e6-7ed9-4c35-b16f-dbdcf012145e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8E04 106 KB
38 KB 130ms
31ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
Origin: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 13:10:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 8E04 8 KB
3 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOM5CjcBpOI1JfU622UxaPrAc6jByDoNB1OMdKYbZUkpYrpUjUcZlXV83IDc6yIrtQ1uORyzOTKMdD40T0r7HJ4gyA_AJi6DPYRnJu3kkkjKDR8Ud5RuGSuzDuRIhVPUYNS7hpdSAXqn9QI1AaI6on8xOR2Q&dbm_d=AKAmf-D0a8jaRnQorzuj45yHHGmHmhFhxFCrECH3XxgPtRFRQJSKPTMloW-xbs7F6-szCae8cCrd78UBsVIK-OeNqplnxHqhFZbhwcf3FMAqpucOAkNx1t-dCSA-7DwOtW9ww1-mZ3tF39I2EEmzVEdTaPHgo5NzO5IsceZxpX1ll4o8KLPIYgbGUWunLGJVtFhuf7rySXhHC53BLcJ2uNx-Nt-Zi-ZVD7uTGIxWcZ3XAocK1EsK0GJwLF5ryfOQuy4rvR7ip3G0piMLUqhEXM1B2ATWfKr_0aYyKwn7DBmAyP0eJy_7a6v7z62J86L6TXgOj_A9etGUy_u_nYGSk2hYEBEjRbm09PC5eA478p2pKQf2GHhJGG9T22ZL34iShemqijFv6xRT8cLfl0QV3LMy5Du_kpWQawVU4hc-0lucZ_HiLcyGugqO9Oswl11sZ5VHJ6EYBkoO0fmb74B5yrdvsN_9ldmRHgXhJF6CeOXgBG6TtwifU2QSoAoVXHup3LgnTXRbWK3Zf0ylA9QOfsn0hhC5y0OeNwS03jbEqoq06Ofy9PpFBFRICJpL8lSEFv_cDunbW64zIJkL4vB5LxpcqksxjT-D78dks6nzNzFCGeBUFBBppN1UJdipP___usEysOo-j_MKmdjnTiVqFrvpPj8QpK6NYuk1C6CprH8CQdBDOYpAQz-Gwip1z10uYhfbnFmKHon9MdejsmGjg1eKwcVKw5L3WaQ2OK6e2egO2Z7Tw5E2zmGMlB-2AD8IMOF-06h8He4dzK2h8xTxjPD_akpDa8mQWcECNkSVe_TBVLK0qB9A-6AqvUyt469iIl9swsXmsMV5HmmqCEnwaZWaXUegx_rOlJyHJiKaJzAYDuqlzJ-kp5YPKtAfhYgLNyzyX8UmrggQujdoKfBvEVW3aZzB_8z-c1q7j5dmqhKWd2YuyHlhg5OkmofyKG7GygxQ6YI8EXURFYsz2LA0dTcoNbRQ2vq_dBxbetucmD_M3dpbeuamU8wPwkzW5PZCeNXAldEG_2CIQa67hk5WIECpX8TJg0wLAKVf3k7rX65Dc31Q-U0EH-L-27_Enmsmj6b0tjW5m31jpSo2QzmhdcBE336MjEnxvaSAu6DaNsekXWvYL_DtCr0_wce6ppzImafIDbGG-giZQKsi3pvwDzE61Sltf8s_BrojjYd2VY5SDUGQP6r_89oY5sSVs4bdjWezjLCIDhgnmYxMZEvUqy_B1XKjzYQAaHY3Ph3UsRrfbOXF3L6VR6jcCYnJAxj0VItoa9POUB7hHWm5kL84YsYxdnp6xF_egd8vpGUz3DtqlpaG2wd7hb0QGPD1f5zO-qMYxEu3lwHR8iT2tvozjcZ2Ph-DhCrwScVt7YY3Pq5NNCmHDjMtwrf_gkmzalUEBIv5YGhtK3ziur6nMpWPHHgk3h07Im55iJY1zHckqtxWiQR7Chw3cxJllBiRF38pALQ46jMbVN5vd4F75K1Kw1pyfclCk4R8WtSXgvWZCNPlaO7jN85gQysyHBUxpMSo9A4Bsp6bwLrX7cD_XOxQtc6NAbkgtZX8JVGRh2D8YYtmE1pF_j7wBfib64QHkoPBebqq31ZVTAX1A7_G2Ndi0R4gOwmB9WKijlV_gn30k5cz2OkNKgUhpHrwFJujwsO5rH-vdKZ3d18cAg7mz5bD2hg6qRj3Db1L2RTHCXUn9wHbI1AjH208WUgyIURULR_KEJSnCnuyaSHzU_0m9YZ9Bw2EE-zX1f3D2J7cXJClEn_2B6zrW8lFZFzgCP0XcF3pFnr3pNbvyTxxV7VvNWGjakavBq0FBovJjnUl-t3fQT_7jvmunBew-IwzML8zrKsXriz6rCbmCV9rs9xRDC0x4jvhVmuxkU7uorEMtIUotjFW2G_InTMqSyX6BH1knJd9eFhnC3ADuSKakLOKqsMvZjNyl4PAxxBPK-5Lb1-lqCSvKa95sJB9hz3uIQ4itQnDw2HAcgdYMyYb-Zj0tZL190YU3spqKV1TExbjSDYcEWCtIHbw0JeHOOzByftrCjgcAJB8A2dQVcg0cDzl_6KCAUDThu35Q5PUrwyvjkyrPsaFxDmNG2P_vVIKVLkwMkxrV8q6QyaXhaExTNA7Sd5lnPlVZqu2YYxvywXQk9-ecoMCqka1tUDwJSPbgXFMVnm8oPTsrVpYcqDWVhJ6stmFSViIxZ3cHRz6Jz4o3TAFUzVcsjg94_2m6XhMN6xukQKgVe0c0bRJlNZFZsAbJy0nWeRsQ23prDodF8iLam99yt9pyxOrU_Lt7H5fJyzPLUJuA7fa10R0CSdm27Sy76UE0-VDuGXLCiYV78tVQDSQnoVhm4D4JNoTIcJMxBnGvqxmUHqaydypMV68OrHgQEclX6vIPBeItE7WcYDQGMSHte-BrGeo_xoFIlpe0SoY5ncyDFi6R0iORqNtkrYyLFyl8k-CUFzeeiFw9GP9V1zKRlhVIpdgwQ2Y--sIXONV1TOaBsrljApzJGP1E_Qu46k8frWjEpvTyZwWiVcOnrEcu3-9uhXohsTh6pgd8eUsNPhFUAMf9wq19sa95_VUHVDmYlkx19W8j7tlDWNgWtp-yEi9H20cPknOEX24SklvrgnHEFygFRJINDV7OXHiqbvmRT4Zc3JLrbTbtVGDHzmoO1wBGsby-c1GCnP6TG9i2WdgGoQQTO4rV5kxsih4BU0cav4Ys49AdwB6gSK9QVYUV0TW4gBsB-iZqDTp2QYUcNXKTF8wkc9TPUMxi0KISGu-c9aKrckNZazJcXcnhRsyejMyxAPFlpAlXPJtSBmZksPTdBpL3b1pR_TA14V9ZljeiErDInwV9x2iGAq0tpaQdoYWG0MtU2dANqZK0VHq3LSdziGI7t-34j6MgFzfG9XfMZ6IGaM5b_V4LFqkY-8SqaWZwP9QuFzokDSLb_5GrF_0J5aDxA6RWxlEI873FPfKAgobzAgBWG2xmUSBCN-eoqHFA1wVmxC2n6Pg5V_eRKuXr5zamD0Zok-W16KQ7nzkbR-OaonUedJt5du3JY31xLZ-AauupQo_iX5zDhRroqLJTkr5zKsIsRvhmxUD_zIPRguiNhjE5B3CUQK7YcL7mC9yGhEYlZfqm2VZW8propt9EOkcNAhnWduMsrr9rjMuzHeIJPQefklhJXgQa1T9pPwaoBMaYqKb0nz4SAl1DR47c7UR33vAyL0q6EuJmakmYc8gO3-jcytv_4VxyXSP0E6YtlCvGhAwcrMm7tfmFXOzUvfuu9-RvKIa1DHqzBGKVqO1dP4nCz8WXqucmEZShOMurvOQ-GR5LNtjEo0OX0WANUlMCgHibhjL9U0EHNxNlVTQiI6-2wl-pG0pDikepPA7WLT7QyXYzrpDPSu-qV6s3Ig-sgwhSPp3soVz1VccY_q48x2Dx_8orxi0M0enHCCpWlRrvDBbG9a01bIE7QLke3wKeU8HswGvt6ErlbeOCKu0dejLrwfG72ZxE3muRZkqVYxSiTYfP0I&cid=CAASEuRodnjaInL6ptjbvagSSBNeNg&rfl=1%2Chttps%253A%252F%252Fwww.diariodocentrodomundo.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:58:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 8E04 24 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E72D 13 KB
5 KB 33ms
31ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sat, 11 Dec 2021 06:06:36 GMT
expires: Sun, 11 Dec 2022 06:06:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6199 783 B
535 B 78ms
77ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b9982238ba586f833d40d0b929dab219d1c93301e35dac609f246aadc3ccf464

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nwP1unaYDwxxfzIGg7UkCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 11 Dec 2021 06:13:42 GMT
date: Sat, 11 Dec 2021 06:13:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nwP1unaYDwxxfzIGg7UkCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame E624 3 KB
4 KB 111ms
111ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=diariodocentrodomundo&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5db6ca44792eadaa613ebabd75bdf0fdc249d5c1535944062cdabefd2ec9140b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:42 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3173
X-XSS-Protection: 1; mode=block

GET
H3 200 13193860777428516948
tpc.googlesyndication.com/simgad/ Frame E6D0 1 KB
1 KB 31ms
31ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13193860777428516948?w=100&h=100

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93feb602a34f6308f7be31051c1fdc482b37a46f85b0b77de667fe482da44799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 04:18:39 GMT
x-content-type-options: nosniff
age: 266103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1257
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 17:16:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 04:18:39 GMT

GET
H3 200 container.html Show response
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B060 6 KB
3 KB 32ms
32ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:40 GMT
expires: Sun, 11 Dec 2022 06:13:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D051 17 KB
6 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Sat, 11 Dec 2021 06:13:42 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
216 B 579ms
184ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=829650&asId=819cbadb-fd53-9bd0-35dd-37e3ec439e08&tv=%7Bc:wsWTdo,pingTime:-3,time:165,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:165,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B157~0%5D,as:%5B157~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o*.829650-57301878%7C1o1%7C1p1%7C1q%7C1r%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
215 B 577ms
185ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=829650&asId=819cbadb-fd53-9bd0-35dd-37e3ec439e08&tv=%7Bc:wsWTdp,pingTime:-6,time:166,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B158~0%5D,as:%5B158~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o*.829650-57301878%7C1o1%7C1p1%7C1q%7C1r%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.diariodocentrodomundo.com.br*&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 CreativeDisplayer Show response
impr.taboola.com/ 2 KB
2 KB 34ms
27ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://impr.taboola.com/CreativeDisplayer?adId=6403275&excid=22
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 501ca1acb5b5c0bd0ce8aa0a2a98f309be642643fc8b68f7fbecab0745dade3f

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203223.996695,VS0,VE9
x-served-by: cache-lcy19223-LCY
x-cache: MISS
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E0C0 22 KB
8 KB 31ms
30ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Dec 2021 12:55:11 GMT
expires: Fri, 09 Dec 2022 12:55:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 148712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 st Show response
imprammp.taboola.com/ Frame B069 923 B
563 B 29ms
29ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=undefined&cb=1639203223421&uv=3076&tms=1639203223421&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2B618152492382799231451752896&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f844bca815eceffbf6cd2ab4237d8d1f1baa5c29373bd4255decf59dbebe5595

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Sat, 11 Dec 2021 06:13:43 GMT
via: 1.1 varnish
x-served-by: cache-lcy19223-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1639203223.037954,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D23A 1017 B
1 KB 27ms
27ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: db297c129a9aa0c906961921eb64e6e07f2c48ae6da83b715e7298c5ff7b3d76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:43 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3405

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame AF28 2 KB
1 KB 141ms
140ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=462&height=259&pubid=169497&tagid=953497&crid=4711345&noaop=3&sortOrderType=0&cb=1639203223428&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1308&pt=1624913939&tz=0&viewable=true&ddast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&dtagid=1682865&dpubid=224845&abtst=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c9f42955b87deca2742deed59fad3cf34c9ca8bab6a21dbc1eb5ac74b5ec4b9

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: gzip
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
machineid: 1410
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy19223-LCY
pragma: no-cache
server: nginx
x-timer: S1639203223.043255,VS0,VE122
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame AF28 0
43 B 120ms
120ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=31589837&cb=1639203223421&uv=3076&tms=1639203223421&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1639203220763.8!ts:1639203223421&mntl=1
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-length: 0
server: nginx

GET
H2 200 / Show response
pips.taboola.com/ 4 B
134 B 25ms
18ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-lcy19258-LCY
access-control-allow-methods: GET
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.pt-js.f5406e38ddc5bcd20f33.js Show response
platform.twitter.com/embed/ Frame 9A4E 31 KB
10 KB 51ms
51ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.pt-js.f5406e38ddc5bcd20f33.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEB) /
Resource Hash: 61683fd91e24ec32467a8731b074889bbb8b7b81552fcfb382e77171eed6c3f4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CEB)
Age: 121634
Etag: "060f07a80137c30e796d48a3e1fea836+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 9835

GET
H/1.1 200
OK embed.ondemand.i18n.pt-js.f32b04cfd008e07aea18.js Show response
platform.twitter.com/embed/ Frame 9A4E 4 KB
2 KB 51ms
50ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.pt-js.f32b04cfd008e07aea18.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE5) /
Resource Hash: 1f3eb04cb25c17fed8e1653749f3f6235d758151987c9f2b567bfb4dfe65be00

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE5)
Age: 121640
Etag: "7efa7fdc43fda4a6e2d87d1a0f637633+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1790

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
215 B 332ms
185ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=829650&asId=819cbadb-fd53-9bd0-35dd-37e3ec439e08&tv=%7Bc:wsWTho,pingTime:-2,time:413,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:472,mdZ:626,beA:909,beZ:910,mfA:912,cmA:913,inA:913,inZ:918,prA:918,prZ:929,si:937,poA:939,poZ:963,cmZ:963,mfZ:963,loA:1074,loZ:1077,ltA:1321,ltZ:1321%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:413,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B405~0%5D,as:%5B405~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o*.829650-57301878%7C1o1%7C1p1%7C1q%7C1r%7C1s%7C1t%7C1u,idMap:1o*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:382,readyFired:false%7D&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 9628 41 KB
17 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 15:45:48 GMT

POST
H2 204 bulk Show response
trc.taboola.com/unknown-site-on-disqus-network/log/3/ Frame AF28 0
224 B 29ms
29ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/unknown-site-on-disqus-network/log/3/bulk?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203223.191790,VS0,VE10
x-served-by: cache-lcy19223-LCY
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 moatvideo.js Show response
z.moatads.com/taboolajsvideo2446883476/ 346 KB
113 KB 147ms
41ms Script
application/x-javascript 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3330f5c2a6380d346b4046607480f7abd23d09ca6b2c2214ce30a0a39463313b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:37:23 GMT
server: AmazonS3
x-amz-request-id: G85DTM6ZVT8E7XZ2
etag: "9accc1b8fe087f390028fc567aa26def"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26060
accept-ranges: bytes
content-length: 114690
x-amz-id-2: vJc2yzTHYLBa3i4iEdryzOnR7zfQkTvDEZzjFZXCSfSUtU21KKCQsZgpJaVDdGoiRJ4farDWxWs=

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame FFD3 3 KB
4 KB 19ms
19ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=diariodocentrodomundo&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5db6ca44792eadaa613ebabd75bdf0fdc249d5c1535944062cdabefd2ec9140b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3173
X-XSS-Protection: 1; mode=block

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame FCB1 0
176 B 130ms
129ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 7EF8 152 KB
36 KB 50ms
50ms Script
text/javascript 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C5278957349807421836187207783%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3472 624 B
297 B 43ms
43ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhj-iK-9ATAB&v=APEucNUiOi3NdYNslRDxcnxa7BKcKCCIuWkXGgCiQtcrVE44Ek3zc8ykormlwtZfltz__dYdGCiu9YeiWbqT8LZioxQxq2FsSBb-3wRXt4Kr8K4mhm1VHCuyTrO7T3pB3zz8LNO9R6F1Q8SEV-eMqwDh2tnOV7YnNSMCf3Xcbq1ROzZ-rOeXwRc

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 11 Dec 2021 06:13:43 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 8C70 19 KB
8 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:07:25 GMT

GET
H3 200 7418152615098273394
s0.2mdn.net/simgad/ Frame 8C70 16 KB
16 KB 71ms
31ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7418152615098273394

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee539d65a0dee4b994deaf0dd68b1384b8975bd5dd09adcec359ce30d2626e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 21:10:27 GMT
x-content-type-options: nosniff
age: 118996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16457
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 17:20:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 21:10:27 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 8C70 6 KB
3 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 01:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 01:40:43 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C70 0
571 B 150ms
64ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUQYeR0RgXzsS0JbKLGwlH1t1-DSw4qh3FzpL0rVJyz2beFYEg9zDngoriCe0iZNmhw7CeuVjG9Fuag2biStAS8lIzknkeXq2qLZWjIkrLSTWuh4kDqaT3r8dsD67ZvJWVNM7VlOM4dYmkBkPEZRmmgHeNEDyxvDgzQMwwLZfBeroPDNPg5jsh-IYobwBqWv5RnyW3x8D3nE2agfIYE7Cbv7JsitF8-3Db0aIB6zag9Ykq6D_1ffzCfgjZl_IuM0GG-b-o6ywjnr6gZJ8A5CWrH_XE9sKAHaUVf4miuLB_XnKEq8_W9MOyRg2lQd1dDmi4YZO8y43ueXlq3DoJs1BCLNtM-WYAN7iKDKTDRoSlS34cCohYsR03jkbD8pt1irO4gk01_4Aoi7cf-nTDDbo9OjUifTR0WdWbVfKN492Ou3RX2HnvwMj8JRLQt3uQz0jgr3tZ-VT5Yek0QI0m48dzzXd-6dvJthl-frjSMCCiM3lxlRBqpwC4CVZwIwo3eevNj9GVfMNF6VpX5TW1E_Z4c8oGq1to1kgKXnyOMpVhemnWC5_qBDhb55B8T9YyGfuKYo3LT3PBdmDcKrqq09fdIPZAN7FkFv4QX6COVbLy70AEvKmA627u5lZfsfE_y9lctkz-qKMnExZGT5lvyHGnVARHGT2n4Dl7ymRNhZX2JdKIGoCWwEh0Q1RFUo5fE98e5keoT6IkKHZi4i3JpsrgkidBHSkF7Gd0rx6AbeZrEuZ1zQHDs4IjqhCD5GlpH7DaiavTjGCxY3tA6aHfPXvaQE1TKkS6xdU8FOisbffWGcaXLuZrT2S2C54WCsBXAhQHAHxJ1By2Z19EPNGsXmLz1zR9ve6CN3unsU-SUmpDpLXItxZgjvJHqvb2sKUsSigmFtH95g_3r0PlEmXY7bKwy1mYo2DRNok2Tm692sHffVqOYoJ6l5WLVx4Ln5Uogr0oX_qkqNjNPUSmL6WLJmYUvlSZYUngyGyazETpF7PlPW6LZ8Z-48rBQ5A0fIIKB5f9ByI9n4Z3H9_RH7qEQftlSDFVJNPTFrrhETDCTIEAsvfFjSIG_y2TU0lArodJ10mqsQWkVopW-6oLrjKQVs7dpAVD9J9o-j4FIcaaoFCpzFxINQEKcFZ35lo1qGgSpGjqd8ldHbZ1P5vtx5LEdoDR42qy3aoIXjBRgW7KoL11s0UJ4tm51xHyI-FjHOfBKaudHzehDu-7s-bylzdTcre58JjOcuvHeqUQw-Wx4LCOzmV0CDkpGzVBhpm8d2fJsOTkJKjakusf&sai=AMfl-YTsnEJlCH2sbSnzDzgrkZTxIv6EGuzwRELki0jQlTRBMnEE9szbmyno3YcIpDYxzHN6iuqPVri6luOGHyLQkeWa7JDhijt_ncUePJSLvLJ8JMw7rgu_NFH4yJJOpaLa_DiBFBqGxH6HEbb0dHFZAH0p8DQGdQe1OCTNTLG_CKKce7bSdBEekA8TUd6KZFmQK2zwtfr3AXBqokanHMtHjBo6XKi3YvTCNEIpsqf6XdFnL6b2VB0PlO0ro-tUoo_Ln48NWMrOrnc3IPXp0UVbYln8xnQcR6Iv0IeY-ZeGfR1G&sig=Cg0ArKJSzGNma6HA_NomEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.92434&adurl=

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 11 Dec 2021 06:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C70 41 KB
15 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:55:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C70 42 B
63 B 63ms
63ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABl0d8pLsgZS_EEQNHUOXKmEQ3BZVHPIldXRw6QPpYJQbdhs8jGZbZMZtiqJyWnGKTBqvxvjdpU2kjBSEPZ3Wqj75jjVFU_1Vxa7ZdIORj_Wc7WFU

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8C70 2 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:57:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C70 119 KB
36 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8C70 15 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C70 0
0 38ms
37ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDuGFUAMRMA8z_eQm0ObpNt5If67mQsQSlF4je1xuVWpcAGsgPT_quWLXV9_OKuPFPdg9YASwH2i2RO62-elf5duRxVQ
Requested by: Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E7B1 22 KB
8 KB 32ms
32ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Dec 2021 12:55:11 GMT
expires: Fri, 09 Dec 2022 12:55:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 148712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 t Show response
t.lkqd.net/ Frame FCB1 0
176 B 110ms
109ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame E568 41 KB
17 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/829650/57301878/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:819cbadb-fd53-9bd0-35dd-37e3ec439e08,c:wsWTbb,sl:outOfView,em:true,fr:false,thd:1,mn:app22ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o*.829650-57301878%7C1o1%7C1p1%7C1q%7C1r%7C1s%7C1t%7C1u,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:7d5dbbfb-5a49-11ec-9a5a-06da572054ee,v:19.8.273,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 15:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 15:45:48 GMT

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/30_7_6/infra/ Frame AF28 681 KB
118 KB 31ms
30ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e48098e2976ae69faabeff044573dfa865a02283a1a02f4044f7e17fad51d8f7

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Origin: https://www.diariodocentrodomundo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
via: 1.1 varnish
age: 849918
x-amz-meta-mtime: 1638353194
x-cache: HIT
x-amz-meta-ctime: 1638353195
x-amz-meta-mode: 33188
content-encoding: br
content-length: 120703
x-amz-id-2: /D9bRwiQxYwpmGl3XT+DYGcRqH426tctwyLpHO8OP8nPpWXTWTKLI42yKJSDbHk9/wXTbGFhuwg=
x-served-by: cache-lcy19258-LCY
accept-ranges: bytes
last-modified: Wed, 01 Dec 2021 10:06:36 GMT
server: AmazonS3-br
x-timer: S1639203223.303253,VS0,VE0
etag: "052ba54c54e9786118425f329740ce7f"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: JC8CKJGVBFEGND89
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 234766

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_7_6/assets/css/ Frame AF28 61 KB
8 KB 19ms
18ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_7_6/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.4/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 890fdf47e484671989bdf43a80416d4386ea3114ef7e75aa5522e954f3996cfb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
via: 1.1 varnish
age: 849921
x-amz-meta-mtime: 1638353249
x-cache: HIT
x-amz-meta-ctime: 1638353250
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8084
x-amz-id-2: nYv2oukVh8mFz+vQxRjarBkB4Y8tK4R7cULGZL0/25L/Gko5X9zaPJc+jUSrNKILc8PMHZRgRPg=
x-served-by: cache-lcy19223-LCY
accept-ranges: bytes
last-modified: Wed, 01 Dec 2021 10:07:31 GMT
server: AmazonS3-br
x-timer: S1639203223.292692,VS0,VE0
etag: "0a5b5574a20bc1d9cd6238783869dad2"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 8BMZ49WSX8FNS9P7
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 232281

GET
H2 200 noavatar92.png
a.disquscdn.com/1638827995/images/ Frame E624 2 KB
2 KB 73ms
18ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1638827995/images/noavatar92.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 286775
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: LHR61-C2
content-length: 1644
x-amz-cf-id: OLNGCZI20tjEeWzvPvirYtcDM6KVTByPdsorr9n008QqfWzBJHYl-A==
expires: Thu, 06 Jan 2022 22:34:07 GMT

GET
DATA 200
OK truncated
/ Frame E624 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame E624 13 KB
13 KB 30ms
30ms Image
image/svg+xml 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19582562
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bY9sdrnpi-UkEhl7NnQFKdlzQBIybEbCYyOxsxm02pqMnGvC8ahCFg==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame E624 3 KB
3 KB 30ms
30ms Image
image/gif 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 26874936
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MeIloBeKOaLhjlAMB92lL19ZdI3nQ4qYfMUW1HtAYJXnBBEFl8yE9w==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame E624 2 KB
2 KB 30ms
30ms Image
image/png 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6863155
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EdcDC-rSN-T4AeciSooMppYoX9LB6wTOMvunpLulytQij40UOU63fw==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame E624 8 KB
8 KB 33ms
33ms Font
application/octet-stream 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
Origin: https://disqus.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8712925
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: x_dLSeaI6BgATvlyUctzpuxnmU7oCmA3Bn2dtC-EQ3X2SnY0LqT-AA==
x-cache-hits: 0

GET
H3 200 container.html Show response
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E03 6 KB
3 KB 31ms
30ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 11 Dec 2021 06:13:40 GMT
expires: Sun, 11 Dec 2022 06:13:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200 538.json Show response
id5-sync.com/g/v2/ Frame D051 213 B
550 B 140ms
38ms XHR
application/json 51.75.146.199
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/538.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.199 , France, ASN16276 (OVH, FR),

Reverse DNS

p12.id5-sync.com

Software

Resource Hash

8fb5b9465fe08d0c7818c13251ad7c59293abfd5feb1ab92d432ba0eca57138c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.diariodocentrodomundo.com.br
Date: Sat, 11 Dec 2021 06:13:30 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 envelope Show response
api.rlcdn.com/api/identity/ Frame D051 0
291 B 176ms
122ms XHR
text/plain 34.120.155.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame D051 63 B
348 B 304ms
108ms XHR
application/json 52.73.153.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.153.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-153-177.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2cb7e2198ca07763689e295dc46cdd511dbe067d8013513d1644554b0d6b2236

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache
x-server: 10.40.5.71
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame D051 108 B
662 B 44ms
44ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158685/2513/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 95b1d0c6503ee3f9c89b47407a7cd94d1b3d67fb773df010465b590391e18cd4

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Mon, 10 Jan 2022 06:13:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6598 3 KB
579 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 04:31:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 11 Dec 2021 06:13:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Dec 2021 06:13:43 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6598 1 KB
880 B 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:59:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6598 0
0 54ms
54ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6W0nlUG0YaSCOs-cgAeAp7aQBPnw89Nmx_-gq_UOZBABINbOt05gu76ug9AKoAHmv-zPA8gBCakCQgxxayhFtj7gAgCoAwHIA5sEqgTHAk_Qu32nESH9QBqt3Z8Hn6khCedSJfe2ax0LWMYfJ6zuVUe6IazvNEHo3AGOCGI4G-U9dI12Ru6eUe_91QWBggpeWBLxYnhgwQTZgDLrNzxfzXWOCx7l1Hb9206pAp4d3CO_k4FWYP_U_BLKM-FqmtruaIpX1cQi-L5PrI_21QF4_jcZFnquFla-CyfTLvNFZerxUqVy8DCgmctyhxUCa_jagVOqg2ZWZKgq5M0nsMlfU7xuYuVeeHGuGm9dCh8cr--NCE6TPRki9Fsw4bryre76UA5rjnMjUYiNO0AfsLjZjxKNBwWka_1MjtlsqgYIGvSG7lsSbaFDGuzm40PczcWogpgt7TiqEqfuGgMyyeWJPC6Jg1Kw7HkJ8HcchhMUa-0DI-ALeWI_p1V4CSBv2qpOFyjAteMs2J4Nb3gmRfVQ2e84RbcgcMAE7ti51tkD4AQBkgUECAQYAZIFBAgFGASgBi6AB_HIrw6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD79hXSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkxMjM5NTAxNDAxMDg4NTaACgPICwGYDJCQ1M34A7gTgwTYEw7QFQGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=5hkMjrs7CKs&uach_m=[UACH]&template_id=515
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 6598 19 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:59:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6598 2 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:57:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6598 119 KB
36 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 6598 15 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:28 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 6598 27 KB
11 KB 69ms
31ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 19:06:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4468 13 KB
5 KB 31ms
31ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sat, 11 Dec 2021 06:06:36 GMT
expires: Sun, 11 Dec 2022 06:06:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0D1D 783 B
534 B 40ms
40ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e4faa7e7f95eebf7005010873ba46be7b9436bc756fbc4fbb5b6ebc59de8f1e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QC2UJTLZIbHrNE9dbc32Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 11 Dec 2021 06:13:43 GMT
date: Sat, 11 Dec 2021 06:13:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QC2UJTLZIbHrNE9dbc32Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 322ms
105ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 11 Dec 2021 06:13:43 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3 200 728x90-B.html Show response
s0.2mdn.net/sadbundle/2691227766234564666/728x90/ Frame 7FFA 44 KB
11 KB 32ms
31ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2691227766234564666/728x90/728x90-B.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce0df99e01bf7ee46cfb12fdf8873ac4d9b17e3f6b0ba92ed6d19491a1084152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Thu, 09 Dec 2021 13:14:50 GMT
expires: Fri, 09 Dec 2022 13:14:50 GMT
last-modified: Thu, 09 Dec 2021 09:52:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 11113
age: 147533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E04 0
24 B 99ms
61ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0wV4GVUsori_nCKqMrZBWjK2VRkfBdUIMZtzv4OGc6CLLGUEu3M8RqMV4nTm2SHVDeGp3ePLn__O5GjwUGoGCHX0fEPKAihL3AK7Ttc5-EGhOHDhvrZxZ1wrJgA7OLQWfThp9SGU3yVxLWG0RxvSLP7AzUCZEBjULRM3spCJW5ba4nx1IC892jWbqYl8ct09AUjmL44ccf052hPvOL4VKdI_xcoxN1wNBDSo-dtr8pj1eqRd7NbkXF24IHPHJxi6YCINGZ6Vkylc_kgqQDyMqnGc_32l_dR6xd4vFJ1b1L9zmH5P8fSS-gDr0XF76cbrrQg5soIFSzKgVdPiioZk21QC_q2gOGMmteviAt7KLe4vc786HD1FNIEjX6yED6ftUpC2Uvt8fG70gDEXMjDAOmByfd9VYIG3LImg_52WPUnb-6wW8bjoWMpucHw6-uT0ISmrXz7zyqbHen6dqY8cT8xFxbh_bxQpP_qpc23MVbeiXqos63HZCME43xI8QwvF3ERzpBQvDU4cUrcAWlYBrQ0ReARcrmrgbFu8hhMFriSO_fJvfLDbHisuUP_CchNPXxNxwqUR4CQEKjwJeZd9eIjihCHsg3Zy2Cx9WR-d9PK45KkVz1EvdRkdjAIvO0Xtrkc6CuO9uE5Df3h-nllaNKmtGZPmrSRY16IoJKBEpz1i5sICNV0pALkRvBy7sjRERXyseQmw2dSGDyBmx_Zl4Vl5NAiz4GWrVF7wgeBVyPsKQjDkXrODW1XI3wxEmpKR2YxUyNKcDQ-buEj8T2b9P1OEUBemLdjUulVGQaso53wtWldVkgHtZdlL8fGbUwqM29FcYrGqXUmXZ7KNqJc4GeNU0k2aF5OhMuF6J4hhsD4u_vgpMNZVUsAEkAa_xuAnd_rTkNDmbd0aoI_lYakMt4DrP6iffFryQxBHReZuuYyebQPisxN8ovJHw8_rlCbes-8zysTf5uZISvQzzd0sPeRVsNW3DAFZRbwLFTAdlutZ1zB9iwfiasfnUXThQuKy0lvJ9jDEN-ueHCZ3U5eTXG64IwfH_H2HZsg6PAnGXMvaebgXDxzerRdvwbK521vQGjDWhJep6jEUdHeLMr8Q6MSZxp1B6rfdPpySLDAg7brfmGj5wDJcdv7wEl6_6seepjVQ6LTiftLfAjyAGvw4Z5aJGPThf95V1fGAFE2h95wvznJsyab_Lv4kOMgw2UJTf0sPVjJurVIvOXwU-163SYGUV0waPpKzgXJRoJSYRJTPlx2gOP6HJAnZJzQ8bKJ9uOlIGAH_E06aik_GtOIyOIH2CiyHiUqcDMJc1anskzyYQJCAYInvPCkAjZjQxb3DGoMgqpw&sai=AMfl-YTYoQF6N-zelj3Uw_zuIZ2RonegdbLy0Y7FlLvPLSakGd9TggCJS0PfrlIwdkBCPPHJJUozuZlHk77BCUivNuljFVTxbx5yTuLRFf0b-cqhN3D8XyfBJtwVjxN2GNOFMB26NdieAjyo6M4GAbbZSATwFOd3Gw&sig=Cg0ArKJSzOSpWNE_QtQHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=626&cbvp=1&cstd=623&cisv=r20211207.04961&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 11 Dec 2021 06:13:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A308 32 KB
10 KB 32ms
32ms Script
text/html 104.96.5.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.5.77 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-5-77.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 48ab57cb7771642f95f87f04f505937b8a54c3fe49758d9750c04948bcb87a3e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46768
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9507
Expires: Sat, 11 Dec 2021 19:13:11 GMT

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 33ms
30ms Script
application/javascript 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18974893
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: XryX8nToIDf2IJZDP6VNas_NjlNVN8DKRU_kO0cgt-8AqHk2eBZHQA==
x-cache-hits: 0

GET
H3 200 13193860777428516948
tpc.googlesyndication.com/simgad/ Frame 6598 1 KB
1 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13193860777428516948?w=100&h=100

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93feb602a34f6308f7be31051c1fdc482b37a46f85b0b77de667fe482da44799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 04:18:39 GMT
x-content-type-options: nosniff
age: 266104
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1257
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 17:16:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 04:18:39 GMT

GET
H2 206 fn998gys9pdce4zltby8_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/228385/ 4 MB
4 MB 21ms
21ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/uploadedVideos/228385/fn998gys9pdce4zltby8_DESKTOP.mp4
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61a71d0750b6bf10cccbb9e1ce422612bf9343452b28424e16115f497b274121

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
via: 1.1 7e6302699a89f60ff8e9259d2dea52ba.cloudfront.net (CloudFront), 1.1 varnish
age: 359247
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-4201528/4201529
x-amz-meta-md5-hash: 5248b16b080ff4fcd37113b3acb27990
Content-Length: 4201529
x-served-by: cache-lcy19223-LCY
last-modified: Sun, 01 Aug 2021 18:21:15 GMT
server: AmazonS3
x-timer: S1639203224.505923,VS0,VE1
etag: "5248b16b080ff4fcd37113b3acb27990"
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR3-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: caoU8CmRVL2yuR9Oj7W6E8V16aQyS8SXr-HU2pSnmlKs0ZaGgDCnog==
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame AF28 254 B
742 B 20ms
20ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 25208
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: WVanEJ6D+w9phdukLefqJwOvpI5WsmM7iQkGzXcfZQK1PEn9ZU9pBHZ5XGoc27ZQb5DVzprPUhI=
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1639203224.506241,VS0,VE0
date: Sat, 11 Dec 2021 06:13:43 GMT
x-amz-request-id: C4YYT74YZ84DXJCZ
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 98
x-cache-hits: 2924

GET
H2 200 B26709132.317133383;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=548554673;ord=6qlph3;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCr1jPlUG0YbSeEq6cx_APxeml4Az3rYqMZ8vDlveAD... Show response
ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/ Frame 9628 42 KB
22 KB 156ms
65ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/B26709132.317133383;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=548554673;ord=6qlph3;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCr1jPlUG0YbSeEq6cx_APxeml4Az3rYqMZ8vDlveAD5fPor3AARABINbOt05gu76ug9AKoAHoxPDRAcgBCakCQgxxayhFtj6oAwGqBJ0CT9AhYkMRDXIH-vNf7Z6u_eNs23xqev_85RzYdOjQSx28WqxyhbonJ6qg7LmU4xOFTdY7S6hrb0TLUkKyR1uPP8U1pCSCOpZV0Hf1uY9W_AFf40EtBqT3SvLTUD9KHElVORVFFEaSPdArMnSfUCkUwcCJIlR8_c1LpPe4HL1zLg6O2xjzoRbmkZ-uMhARLSqmKIYmIbkXwi_TK2WqLnDjF0UpgY22gToaGhXdDhWfhpka_YsW0UyETsgI4nUCzkkpmDidGkhqNwhXNKkDraAk7Q9PXgT_TniNsFskl3pCwtM27hqOIg6yPVcwcV4oyCUKev3NW7IynnO-0arY8HvLlQDniShgPZMKq8X0tx-nzSGW-NChrAl-79wCG3AswATauuKJ4gPgBAOQBgGgBk2AB4C7j64CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MTIzOTUwMTQwMTA4ODU2gAoDmAsByAsBgAwBsBOdqswN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoQXeAzLtUgDRdug9JlPZmBA%26sig%3DAOD64_37X40v-NpB2coCfETuko5QfF48Pw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-B2rR52Yzq3ZR7VPgql-HXVvuKafJkpZEk4KDxW-muLD69Z3PzCXJkHjr1agBBqIpsXkpPbZskaozKxy81MbCLyEgS2FCQumdfzbgzEnGF4iQTm9Bf8-ySwkF13pxA609sApfht47QRRjWfN9nE-I03PVDuUA%26cry%3D1%26dbm_d%3DAKAmf-BgudBtN_B5KyCgtMQSsThn-Kbbc5z3zH-4C7KZSxLuy-YMk9_XcLFrBHllnuf6kG2B9t7XHQ1VbDINKzWpjrr64p51-3IICwmv0Pe6ivnuuNlsg9UscsHzO_rPwrpaVF9yEmG5od5HYFNL-p29-sNus20EWenVZPIsSz0-sIRXiQszMhav2MALptFIthhz10PURRps1pzLZ579C7CDnZk4QbAwVvyzDan5by718sF2b_xPGq6GEfJ9bZOYvIPtbwqGOWzyQ9xOUh3SiXshGtEpfD0mAjN9l6YWpVIebmiJ6MpU-TKNQWLqkqAyAztS8gvOgInyh9St9awhs6izkcrqMN0orUy3KhKbIvpYaiX_edagsvRtK1iYQJsfP39AlVElDwTiIpgc6_LLcnhNqSIx9ffN1EDxNMjnWMnzO49JV-WoVBlmPpByhWDbEuw8jn_C6e7lZll2nlr2i0Lp5pdpNMpjeSo6EBhsGIxznIkU1EvPnQpLp_oUfsh0N4ZFOdxl4wZzI9LVDDbC5OB4JGYSocjwog%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F$0;xdt=1;crlt=xt0zilGvTH;sttr=346;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

dda112be1f5cc80885bd0ac9d73056debf9ba2b60297cf5759885834228207d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21758
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame E624 43 B
339 B 98ms
97ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=1311&event=init_embed&thread=8919859333&forum=diariodocentrodomundo&forum_id=2233022&imp=8gsud7f27augk6&thread_slug=atila_diz_que_invasao_hacker_foi_para_atacar_a_certidao_de_vacinacao&user_type=anon&referrer=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D23A 70 B
264 B 34ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame D23A 43 B
182 B 96ms
96ms Image
image/gif 2600:1f18:612b:4264:e8c6:2f28:702a:f217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e8c6:2f28:702a:f217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame D23A 43 B
220 B 33ms
33ms Image
image/gif 18.196.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/ Show response
sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/ Frame D23A
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24EMXUID&b64_redirect=aHR0c...
https://cs.emxdgt.com/umcheck?apnxid=3404206974503617722&redirect=https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=$EMXUID&b64_redirect=aHR0cHM6Ly9zeW5jLnRhYm9vbGEuY29tL3NnL2Vt...
https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3404206974503617722brt66781639203223984226ba

0
230 B

26ms
25ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3404206974503617722brt66781639203223984226ba
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11037

Redirect headers

location: https://sync.taboola.com/sg/emxdigitalrtb-network/1/rtb-h/?taboola_hm=3404206974503617722brt66781639203223984226ba
date: Sat, 11 Dec 2021 06:13:43 GMT
content-length: 0
content-type: text/html

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B069 43 B
182 B 96ms
95ms Image
image/gif 2600:1f18:612b:4264:e8c6:2f28:702a:f217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=undefined&cb=1639203223421&uv=3076&tms=1639203223421&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2B618152492382799231451752896&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e8c6:2f28:702a:f217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B069 70 B
264 B 33ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=undefined&cb=1639203223421&uv=3076&tms=1639203223421&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2B618152492382799231451752896&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B069 43 B
220 B 33ms
33ms Image
image/gif 18.196.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=undefined&cb=1639203223421&uv=3076&tms=1639203223421&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2B618152492382799231451752896&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/ Frame B069
Redirect Chain

https://ups.analytics.yahoo.com/ups/58533/occ
https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A

0
230 B

26ms
26ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=undefined&cb=1639203223421&uv=3076&tms=1639203223421&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2B618152492382799231451752896&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11556

Redirect headers

location: https://sync.taboola.com/sg/yahoossplatam-network/1/rtb-h/?taboola_hm=y-A6M67DhE2uFh_BcTNe8iuSIxH5BfFsS7G6y8GfE-~A
date: Sat, 11 Dec 2021 06:13:43 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 78B2 93 KB
22 KB 32ms
32ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a038e29db220dc6ff8c7b2ff7242bd2a3407f4b818cd5203a5dd5bbf6c3acc4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Wed, 08 Dec 2021 07:20:24 GMT
expires: Thu, 08 Dec 2022 07:20:24 GMT
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 22363
age: 255199
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B060 0
0 56ms
56ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C408NlkG0YcXADdazgAefwYP4DPmmkMJV8YWc7MIO3dkeEAEg3qG1TmC7vq6D0AqgAa3XgZsDyAEJqQK5Ko99wvyyPuACAKgDAcgDAqoExwJP0Jm3mJukcFVJAIZx3gB2CiGFkCOVP5jC8xDlH9EefQ7Gh_vmaqQaOQf9SeH9PtG95P1bVpT3aPgACcpkRC-iPSvdVYKoa8MB7FOhrjGtaSgGt8t-PPpZXrE--h7Cli4FTwCzv-0w_78HRPQJcxQIsLzb0ZYn0w2e2m7_rsAAKEisMG7BQkH3PI4BPuhnYWTZNZe3jNgM-C_8DQcL-xb05KtqHvhu0jRvEosOG9LpSqYC9ClFV5kGkMvdphWMuFQk1bAeQwANHqAVzRNtG6PP4QdL43OkAIFbhWUypVTOk7gmsTqIT3UbC9hZpO4n7ZCZFCxFAbwTzA61CvN-QZb8SBd5mF1Kt3BI5HABf8SXaVx1wTkD7eMoFNChPCmRCZ3dwmv1cjoGvq1AowC1d6eGkEc0vUhk_TrCwHlI04msQHN9RI2ps3rABI7zmPrOA-AEAZIFBAgEGAGSBQQIBRgEoAZdgAe7qP5kqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqbEV0ggJCIDhgBAQARgdgAoByAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTU4MjIyNDM2MTA4ODA1ODMYz9Rp&sigh=BodZ10Sqd7k&uach_m=[UACH]
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EC3 143 B
163 B 30ms
30ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 11 Dec 2021 06:04:34 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B060 2 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:57:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B060 119 KB
36 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B060 15 KB
6 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B060 0
0 39ms
38ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuGk24tdvdQYW2A6aMJN670va_jyfgKvbr6j62CInM6FHKzL0-RmTzKY5CmUIybWixEZNRh0XMvs_xnnQJv7emqTOK0Q
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 B26459005.313936552;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=531095041;ord=dqku4v;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDupElUG0YZHYAYqvgQeGk5SYCt6qm_Bmk67A38oOw... Show response
ad.doubleclick.net/ddm/adj/N8714.4053162MIQ_PUBLICIS_UK/ Frame E568 60 KB
25 KB 109ms
84ms Script
text/javascript 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N8714.4053162MIQ_PUBLICIS_UK/B26459005.313936552;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=531095041;ord=dqku4v;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDupElUG0YZHYAYqvgQeGk5SYCt6qm_Bmk67A38oOwI23ARABINbOt05gu76ug9AKoAGT36LOAcgBCakCQgxxayhFtj6oAwGqBJYCT9CDmfTDfpQDYiLGncDaTLURFz1vn-dydRBe9PgLOc4f7F44g_UDsF_0c9wfl5UoRQh-lGejv5Kn1g-VG3YU8R9ktqEp3j8HxFftKkRcAJ2Dn-tVIJ4TCj4RAw9vUV7WO-5rMd28r_zKAHSzEnw_cuinZxlxwMdG1fy-AKLukX0eNPUiNWu96iYQXV_6f5A5XNxW7_M65iNOSvK_aPtMIaFzo-O8GvfXWcnj69-_LI-Lav_PEqyofGltasj0k1Vy_tp9EFJCtQN47a6zhYS-MM-QBnI4EJ5mBlnRcjWJPMQwE8_tczQevda0TwdbnTz9mXFggoeqNfkAW51qAKCkg3wz2FuYm-_XHC5PtmfgD4ZNgn3HmDLABPagmpa1A-AEA5AGAaAGTYAH1aDdsQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkxMjM5NTAxNDAxMDg4NTaACgOYCwHICwGADAGwE838xg3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRohTedcxGQlTRToYd1_La1Ew%26sig%3DAOD64_3CN-gGRT-l8ubgpbSilZOYeqS07Q%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CiGdVbLMnmbIxP__2U_MIVx8hCg-CBWiEXTBL2L5BO76kRSMjbF4RGAGnavd5up08qezF9Vb3XoBx7X8O6A7m0NsToeC7sUu4y4GgR56QOHJKyA6iTKjhznuOvDsObvuX_GA_VNlwpqg5kcMtl0qtxeDSnHw%26cry%3D1%26dbm_d%3DAKAmf-A0YqB4gtqWbGIeqfJ9aLiWC8f5AxJH4-xwvdgOaG47QiigQogAvszPoO-iQKPyrKu1lGWmO6yXd8sR3DJKO9LQM-i9cR2DU4gR1L85LexlipkO-8XNoC65Vd3cGMbMGh2Opi166ox26adXeSR14J10uBLgAZwtxeSGlW7jvPL8z9T7wy8c646ZhzU1e45hgxla0TgC2LFhYz-g6kLDkRStvdt4mifiy_SD4zOPSJS52X7fWggXYk0PNhf1zlVNMgGnhelknoIACxJOR1X1hi67wTRYwQjmq2Z9N4Ormoc-8eTnC3FA1_eK8mdrRcHmfHQqDj-Vs5d9Jd1wfbSMEqZRrb7Zfk4R3d_fi-mPkPKEj7sGX1OPEeohheoJMGZ-cM74O8MBSZlQR2fb7o0CxCRQXKSDAwiUJR4QdUajv7b4jEbpIfBwTfdc_4Okx5CW6XaV1qaOocub3YbMtO7infnuKo0b68vksa0OQKX2NE8a3tK4CMzZ1qrztHBsEgt-SDJ7yYCcpQa6e5pv-5KDi_ls8ntxMw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F$0;xdt=1;crlt=xt0zilGvTH;sttr=296;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

49c9f0d4ea8cba9db3986069f04049501ad8245a53aacb01500572ae05fe9808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25185
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame EFBC 337 B
840 B 30ms
29ms Stylesheet
text/css 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3323314
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: gyR7wqWxa5Y6ZACeg4Ix_cvvC3YK6Xu0DtOqE4X5-op-Z4hzllMCqQ==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame F9FE 337 B
839 B 30ms
29ms Stylesheet
text/css 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: diariodocentrodomundo.disqus.com
URL: https://diariodocentrodomundo.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3323314
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: jj7UelRmYE62OlgdRarLeXKASGPePWNj9ZD5FRY_Nho3VA-cQ1E8ew==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame E624 13 KB
13 KB 32ms
32ms Image
image/svg+xml 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19582562
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: cSxEKOXVp1ux0jqDwagEAlNR_YTz1nrH-iMqTaFERvWvcGktECwV7w==
x-cache-hits: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C70 0
23 B 56ms
55ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame FFD3 7 KB
8 KB 197ms
197ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=diariodocentrodomundo&thread=ident%3A779049+https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0dd943366977aab5e9cf33c04e9845e649594962c91662c72436016d34d3dcc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=diariodocentrodomundo&t_i=779049%20https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%3Fpost_type%3Dessencial%26p%3D779049&t_u=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&t_e=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D&t_d=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%22atacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%22&t_t=%C3%81tila%20diz%20que%20invas%C3%A3o%20hacker%20foi%20para%20%E2%80%9Catacar%20a%20certid%C3%A3o%20de%20vacina%C3%A7%C3%A3o%E2%80%9D
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 7475
X-XSS-Protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0A74 1 KB
749 B 31ms
30ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 11 Dec 2021 05:53:44 GMT
expires: Sun, 12 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 1199
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E6D0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cbe2e87616514bda8169ef5cf597f1dcd7cf4518cd4d50c210f6b2a444ff170

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FAF4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

30ms
30ms

Document
text/html

104.96.5.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.5.77 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-5-77.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Dec 2021 06:13:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Sat, 11 Dec 2021 06:13:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5904
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

31ms
28ms

Document
text/html

104.96.5.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=undefined&cb=1639203223421&uv=3076&tms=1639203223421&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=2B618152492382799231451752896&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.5.77 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-5-77.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Dec 2021 06:13:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Sat, 11 Dec 2021 06:13:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E04 41 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:55:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EED2 1 KB
749 B 31ms
30ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 11 Dec 2021 05:53:44 GMT
expires: Sun, 12 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 1199
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8E04 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1686d80ce4c16690ee8edf25416ec8a72cc6ec2b841e4465bec37efc2928f43

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3472
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1

43 B
893 B

64ms
64ms

Image
image/gif

23.195.249.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhj-iK-9ATAB&v=APEucNUiOi3NdYNslRDxcnxa7BKcKCCIuWkXGgCiQtcrVE44Ek3zc8ykormlwtZfltz__dYdGCiu9YeiWbqT8LZioxQxq2FsSBb-3wRXt4Kr8K4mhm1VHCuyTrO7T3pB3zz8LNO9R6F1Q8SEV-eMqwDh2tnOV7YnNSMCf3Xcbq1ROzZ-rOeXwRc
Protocol: HTTP/1.1
Server: 23.195.249.2 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-2.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Dec 2021 06:13:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3472
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbRBlq0t.NalDpfGx2tW2wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2

43 B
1013 B

65ms
64ms

Image
image/gif

23.195.249.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhj-iK-9ATAB&v=APEucNUiOi3NdYNslRDxcnxa7BKcKCCIuWkXGgCiQtcrVE44Ek3zc8ykormlwtZfltz__dYdGCiu9YeiWbqT8LZioxQxq2FsSBb-3wRXt4Kr8K4mhm1VHCuyTrO7T3pB3zz8LNO9R6F1Q8SEV-eMqwDh2tnOV7YnNSMCf3Xcbq1ROzZ-rOeXwRc
Protocol: HTTP/1.1
Server: 23.195.249.2 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-2.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 11 Dec 2021 06:13:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJlBogN2JWABZjKnae5lJ6o&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3472
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK_WdWOht4M-ejFxKNhvcbI&google_cver=1

43 B
1006 B

47ms
46ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK_WdWOht4M-ejFxKNhvcbI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhj-iK-9ATAB&v=APEucNUiOi3NdYNslRDxcnxa7BKcKCCIuWkXGgCiQtcrVE44Ek3zc8ykormlwtZfltz__dYdGCiu9YeiWbqT8LZioxQxq2FsSBb-3wRXt4Kr8K4mhm1VHCuyTrO7T3pB3zz8LNO9R6F1Q8SEV-eMqwDh2tnOV7YnNSMCf3Xcbq1ROzZ-rOeXwRc

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:44 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6605000f-be81-4f9c-aa7e-bcb5a71b5c4f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK_WdWOht4M-ejFxKNhvcbI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3472
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

170 B
188 B

42ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:43 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d413192a-c591-4ba2-9e8d-f48cde92db3c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDIwNjk3NDUwMzYxNzcyMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E6D0 21 KB
21 KB 74ms
35ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:17:51 GMT
x-content-type-options: nosniff
age: 60952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:17:51 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E6D0 21 KB
21 KB 68ms
31ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 388337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 06 Dec 2022 18:21:26 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1C57 38 KB
14 KB 51ms
51ms Document
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C5278957349807421836187207783%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=116024
expires: Sun, 12 Dec 2021 14:27:27 GMT
date: Sat, 11 Dec 2021 06:13:43 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7EF8 38 KB
14 KB 47ms
46ms Script
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C5278957349807421836187207783%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=116024
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Sun, 12 Dec 2021 14:27:27 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A308 284 B
536 B 150ms
35ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H2 200 n.js Show response
geo.moatads.com/ 98 B
272 B 101ms
24ms Script
text/html 35.179.78.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1639203224132&de=25395037711&m=0&ar=cc97a930ec1-clean&iw=49d733b&q=2&cb=0&ym=0&cu=1639203224132&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2500%3A2500%3A0%3A2875&jm=-1&fs=195926&na=234238269&cs=0&ord=1639203224132&jv=512426590&callback=DOMlessLLDcallback_82847209
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.78.10 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-78-10.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 2f96e21a623a8e356580f31a58d117cd08aefcfc9d8448cf4dfc41f793e0dfde

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "0bed05f5643c611964f6e16c5db06f62a28feebe"
content-length: 98
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 51ms
42ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1639203224132&de=25395037711&m=0&ar=cc97a930ec1-clean&iw=49d733b&q=3&cb=0&ym=0&cu=1639203224132&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A2500%3A2500%3A0%3A2875&jm=-1&fs=195926&na=1898297016&cs=0
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6199 0
0 56ms
56ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1276719430509735&rc=
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js Show response
platform.twitter.com/embed/ Frame 9A4E 383 KB
94 KB 52ms
51ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE6) /
Resource Hash: 7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE6)
Age: 120329
Etag: "28a37f9b17808aa66f17b1c227be059e+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 96013

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js Show response
platform.twitter.com/embed/ Frame 9A4E 17 KB
6 KB 53ms
52ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE9) /
Resource Hash: 0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CE9)
Age: 121640
Etag: "c247e426d2ec154064a87aaff54defce+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5857

GET
H/1.1 200
OK embed.ondemand.Tweet.6e96324b79625228cf29.js Show response
platform.twitter.com/embed/ Frame 9A4E 65 KB
16 KB 51ms
50ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.6e96324b79625228cf29.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF0) /
Resource Hash: 131670c344a1c5951ebc2d33a634177924e089fcb43272238df6292846c698aa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CF0)
Age: 121641
Etag: "e5fb6dfbcdd3dbfd4df66eb8fb597873+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 15650

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B409 1 KB
749 B 30ms
30ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 11 Dec 2021 05:53:44 GMT
expires: Sun, 12 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 1199
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8C70 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad417c7a7dfac000adc8068e4abd1dde3fb20361579dcd00e1b07b570ce5b18d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 7FFA 236 KB
63 KB 212ms
64ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2691227766234564666/728x90/728x90-B.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:28:44 GMT

GET
H2 200 get
c.disquscdn.com/ Frame FFD3 15 KB
16 KB 34ms
34ms Image
image/webp 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fwp-content%2Fuploads%2F2021%2F12%2Fjulgamento-boate-reproducao.webp&key=h0__TbYR49fRCTYNcM-hxA&h=200

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

383b2b89c340373f983949d5bf4b24c938d183af0e7e8639d0ecada0f29de092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:40:28 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 33096
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
x-cache-hits: 0
content-length: 15484
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: g4AW2M_v4BY0exgAs1L_JEGB9XiA9hVl1EE2dsxmH1XpsFP1jky9eA==
expires: Sun, 09 Jan 2022 21:40:28 GMT

GET
H2 200 get
c.disquscdn.com/ Frame FFD3 7 KB
7 KB 33ms
33ms Image
image/jpeg 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fwp-content%2Fuploads%2F2021%2F10%2Fqueiroga.jpg&key=5R8_oaOY-uZ71UNOQooLig&h=200

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bbfcaf60464bfc0575986b6bc92fa3768fd3514e7325ec2bdc242c239a0952ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 02:58:45 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 13142
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 6906
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-hits: 0
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: hDNe05SrXElei2HnajgR96An_eoHNIHJlaVFPvXkdZalDSu8CfB3cA==
expires: Mon, 10 Jan 2022 02:58:45 GMT

GET
H2 200 get
c.disquscdn.com/ Frame FFD3 9 KB
10 KB 32ms
31ms Image
image/webp 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fwp-content%2Fuploads%2F2021%2F12%2Fbolsonaro-liberdade-imprensa.webp&key=KL5Loe4o0qfM73zjtYxEzg&h=200

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b4bf8c6d25f01ed4735edb48dcc958d3d89282797762297af97df2a46ca9b85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 23:53:13 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 628685
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 9698
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-hits: 0
content-type: image/webp
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: AWakuG0qW5w8gwmCsvVTCy6Wj1PQZLI5PF0s5f1egCq46Tezkznb_g==
expires: Sun, 02 Jan 2022 23:53:13 GMT

GET
H2 200 get
c.disquscdn.com/ Frame FFD3 5 KB
6 KB 36ms
35ms Image
image/webp 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fwp-content%2Fuploads%2F2021%2F12%2Fbolsonaro-boate-kiss.webp&key=-O8O8KwkjmFeH2xu3M3Diw&h=200

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e0c915dee9c0e95ca14579e9bed2d3b61345bd77e023a39319664da5f2622db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 00:59:37 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 18847
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 5454
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-hits: 0
content-type: image/webp
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: 26ZrgBdxJ8XvyOSJeHbafDMCWsHtKxPPuSLHPGnA4bjETi1Uh4FJtA==
expires: Mon, 10 Jan 2022 00:59:37 GMT

GET
H2 200 get
c.disquscdn.com/ Frame FFD3 130 KB
131 KB 41ms
40ms Image
image/png 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fwp-content%2Fuploads%2F2021%2F12%2Fdallagnol-assina-filiacao-reproducao.png&key=_ymn72byZcPPq0B0TClBXw&h=200

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

35317274fd4c9a20e50d08fe11de53b1047d9bb9c99c322a4dfea9478c8af5d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 21:23:30 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 34079
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 133092
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-hits: 0
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: NzjQWTQQF5wzA3Qd9gRhyBAo5Vfz6cXo2tw0b9KbHX1NCM06sNu4aA==
expires: Sun, 09 Jan 2022 21:23:30 GMT

GET
H2 200 get
c.disquscdn.com/ Frame FFD3 6 KB
7 KB 34ms
34ms Image
image/webp 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fwp-content%2Fuploads%2F2021%2F12%2Fpaulo-guedes-reforma.webp&key=YBeKIEb31Ls27Sxnj74cBA&h=200

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a24db8d022da4efece960931e4bd351484e3398a0cd006ef06a86c11f0bec38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 01:05:43 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19135
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
content-length: 6236
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-hits: 0
content-type: image/webp
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: Z9TrS8zxtFwr1IBUtSBJdAqfc1VdTw464W2vrMVLBnGDhVmXYXxpIg==
expires: Mon, 10 Jan 2022 01:05:43 GMT

GET
H2 200 get
c.disquscdn.com/ Frame FFD3 6 KB
6 KB 35ms
35ms Image
image/webp 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fwp-content%2Fuploads%2F2021%2F12%2Fbolsonaro-grito-mae.webp&key=qCJjbyOTMIWeXjPMpvDuKw&h=200

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5e1268e4f269a9771d7dc0c81528ec8842bd24c488352acbfa0ec757a4c52599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 00:57:13 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 22187
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
x-cache-hits: 0
content-length: 5808
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: PMNKJmDrCu0VuqI3lmtnq3YrpcaKBhqSSvW2rMWthOF0BW7lrsKuKQ==
expires: Mon, 10 Jan 2022 00:57:13 GMT

GET
H2 200 get
c.disquscdn.com/ Frame FFD3 11 KB
11 KB 34ms
34ms Image
image/jpeg 2600:9000:223e:8000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fwp-content%2Fuploads%2F2021%2F10%2F49941682313_f556fd5f08_c.jpg&key=5sgdI2-_fCFfvpCgZBSjFg&h=200

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0e83a9c5896ead450273408f24de5a2ba2f280153804ee33d89c0e74b2ec1225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 00:24:50 GMT
via: 1.1 88f858f045c3909fad9cebbada511aef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 20934
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
cross-origin-resource-policy: cross-origin, cross-origin, cross-origin
x-cache-hits: 0
content-length: 11025
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: mSTh3De4VEvBT7xP2r9Y0Dm32aR4zROMnoG0bdeIjgtQTwj8qyayHw==
expires: Mon, 10 Jan 2022 00:24:50 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame AF28 2 KB
1 KB 815ms
814ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211209-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 3573
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: DcwtOhqkJPBMn0QDS/bBkThXt5sS0ECRpcdU/GUWTyrU9uZNcJHG4xRA49ZTsSfQqm4CU39Mcx0=
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1639203224.025779,VS0,VE0
date: Sat, 11 Dec 2021 06:13:44 GMT
vary: Accept-Encoding
x-amz-request-id: DM4GJXK9EXG77GGP
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 98
x-cache-hits: 7489

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ Frame AF28 59 KB
17 KB 767ms
766ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 2063ee702f4d3bcc9a2d5c54fdebd6e6.cloudfront.net (CloudFront), 1.1 varnish
age: 2817544
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-lcy19223-LCY
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1639203224.079842,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: pLI6ExS5u6Gqmac40Oms6am1z07wkqTP_QXZq64H3fQd-zpDMUfN5A==
x-cache-hits: 537087

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame D8E5 93 KB
22 KB 31ms
30ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a038e29db220dc6ff8c7b2ff7242bd2a3407f4b818cd5203a5dd5bbf6c3acc4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Wed, 08 Dec 2021 07:20:24 GMT
expires: Thu, 08 Dec 2022 07:20:24 GMT
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 22363
age: 255200
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3E03 0
0 49ms
48ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtRLnlkG0Yf7KJK6wx_APhYKSmAv5ppDCVfGFnOzCDr_hHhABINbOt05gu76ug9AKoAGt14GbA8gBCakCuSqPfcL8sj7gAgCoAwHIAwKqBNQCT9DFsOnzCv5Yv0cI1jQZdd1VzvtNQj9ScNCOChPFbsQir9bGbOR2GhVua4T-ib7NN5_yEeaDLPQX7Yjw2uho_5etPy-D5hDGGLIsgna3vvHAXFYtgB7N8c-s9cOaseD8SZ0j6XGZ9PXDoNVUKjDky7XBxJ7VCoX0y5NPnat3zzhYj0G5MNmkZXqwSYbmrPK-_uyIyYQz6RPHxYYxU4XctSjWRtEpj0MqGhxuuaDy5ZZBHBJabUOLrg5wWuyF12GPkw3TQ6xuFIQ0xh4BVnxMZo64NDmuSrA52nL3q_nh9W9Fr5zgDBT4Mwu2SwT0d--hU7JVktlewj-4veacqHi_iUzx60homHMv3JyH_bqVdpkcCAjn-c0s1UAphhR2S5Q2edNz1vLdqqMc2WEJfX45PaJ405t693Ed6seZwfamBX82jWYK1Q0S4qA493ntBGdkNhrh4cAEjvOY-s4D4AQBkgUECAQYAZIFBAgFGASgBl2AB7uo_mSoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDy6QjSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkxMjM5NTAxNDAxMDg4NTaACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=yi3E7UO_z50&uach_m=[UACH]
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D4C3 143 B
163 B 31ms
29ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 11 Dec 2021 06:04:34 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3E03 2 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:57:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E03 119 KB
36 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3E03 15 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 06:06:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3E03 0
0 38ms
38ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOFXfTzAMnYHwrPdy9mA6nx-RQw3zkoI9aC_ZGihdqKERG_kQzR1O6BrT0jxuR94eZtsdmHnMeO4vfkM3gVeJgH2aFRw
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C3FA 22 KB
8 KB 30ms
30ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Dec 2021 12:55:11 GMT
expires: Fri, 09 Dec 2022 12:55:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 148713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 9628 8 KB
3 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N789069.3848558MATTERKIND2/B26709132.317133383;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=548554673;ord=6qlph3;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCr1jPlUG0YbSeEq6cx_APxeml4Az3rYqMZ8vDlveAD5fPor3AARABINbOt05gu76ug9AKoAHoxPDRAcgBCakCQgxxayhFtj6oAwGqBJ0CT9AhYkMRDXIH-vNf7Z6u_eNs23xqev_85RzYdOjQSx28WqxyhbonJ6qg7LmU4xOFTdY7S6hrb0TLUkKyR1uPP8U1pCSCOpZV0Hf1uY9W_AFf40EtBqT3SvLTUD9KHElVORVFFEaSPdArMnSfUCkUwcCJIlR8_c1LpPe4HL1zLg6O2xjzoRbmkZ-uMhARLSqmKIYmIbkXwi_TK2WqLnDjF0UpgY22gToaGhXdDhWfhpka_YsW0UyETsgI4nUCzkkpmDidGkhqNwhXNKkDraAk7Q9PXgT_TniNsFskl3pCwtM27hqOIg6yPVcwcV4oyCUKev3NW7IynnO-0arY8HvLlQDniShgPZMKq8X0tx-nzSGW-NChrAl-79wCG3AswATauuKJ4gPgBAOQBgGgBk2AB4C7j64CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MTIzOTUwMTQwMTA4ODU2gAoDmAsByAsBgAwBsBOdqswN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoQXeAzLtUgDRdug9JlPZmBA%26sig%3DAOD64_37X40v-NpB2coCfETuko5QfF48Pw%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-B2rR52Yzq3ZR7VPgql-HXVvuKafJkpZEk4KDxW-muLD69Z3PzCXJkHjr1agBBqIpsXkpPbZskaozKxy81MbCLyEgS2FCQumdfzbgzEnGF4iQTm9Bf8-ySwkF13pxA609sApfht47QRRjWfN9nE-I03PVDuUA%26cry%3D1%26dbm_d%3DAKAmf-BgudBtN_B5KyCgtMQSsThn-Kbbc5z3zH-4C7KZSxLuy-YMk9_XcLFrBHllnuf6kG2B9t7XHQ1VbDINKzWpjrr64p51-3IICwmv0Pe6ivnuuNlsg9UscsHzO_rPwrpaVF9yEmG5od5HYFNL-p29-sNus20EWenVZPIsSz0-sIRXiQszMhav2MALptFIthhz10PURRps1pzLZ579C7CDnZk4QbAwVvyzDan5by718sF2b_xPGq6GEfJ9bZOYvIPtbwqGOWzyQ9xOUh3SiXshGtEpfD0mAjN9l6YWpVIebmiJ6MpU-TKNQWLqkqAyAztS8gvOgInyh9St9awhs6izkcrqMN0orUy3KhKbIvpYaiX_edagsvRtK1iYQJsfP39AlVElDwTiIpgc6_LLcnhNqSIx9ffN1EDxNMjnWMnzO49JV-WoVBlmPpByhWDbEuw8jn_C6e7lZll2nlr2i0Lp5pdpNMpjeSo6EBhsGIxznIkU1EvPnQpLp_oUfsh0N4ZFOdxl4wZzI9LVDDbC5OB4JGYSocjwog%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F$0;xdt=1;crlt=xt0zilGvTH;sttr=346;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:58:51 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9628 0
23 B 54ms
54ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvH161QPMp9WmRASwBM2DEHtoiYj_3Uci7ArEJ53sHxSEfsgxCWHDExRwAOBDh-6XRKI8c74XoY_QYlv4uwvQ-IVlE46J578VfaQIPjDg503UJ-ya4X8UZfBTmMKaN-N7RzBu5XcMvYwyJ3ZbPlEiKjz8h4XkJEy-U0Ln0WyuMQ5QQMnA&sig=Cg0ArKJSzDzI-yv6rmBBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.20178&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9628 41 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:55:11 GMT

GET
H3 200 english_na_questionmarkexclusive_shopnow_masterbrand_always-on_728x90_supermario-questionmark.jpg
s0.2mdn.net/8344798/ Frame 9628 55 KB
55 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8344798/english_na_questionmarkexclusive_shopnow_masterbrand_always-on_728x90_supermario-questionmark.jpg

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a8d4d610ff8629f7c37e7e1864a8d7f7874ba2d4d17e08b0a94550915dc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 06:19:56 GMT
x-content-type-options: nosniff
age: 86028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56732
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 09:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 06:19:56 GMT

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame 9628 187 KB
60 KB 36ms
35ms Script
application/javascript 2600:9000:223f:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/878020/58502531/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:22 GMT
content-encoding: gzip
age: 44843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: N17t7lQzH-__YHa0XpV9DtlAtm-_x_tLyGeSfexTP80vio9ZdKRnxg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0725 1 KB
749 B 30ms
30ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 11 Dec 2021 05:53:44 GMT
expires: Sun, 12 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 1200
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9628 119 KB
36 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:44 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame E568 106 KB
37 KB 69ms
31ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
Origin: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Dec 2021 13:10:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame E568 8 KB
3 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N8714.4053162MIQ_PUBLICIS_UK/B26459005.313936552;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=531095041;ord=dqku4v;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDupElUG0YZHYAYqvgQeGk5SYCt6qm_Bmk67A38oOwI23ARABINbOt05gu76ug9AKoAGT36LOAcgBCakCQgxxayhFtj6oAwGqBJYCT9CDmfTDfpQDYiLGncDaTLURFz1vn-dydRBe9PgLOc4f7F44g_UDsF_0c9wfl5UoRQh-lGejv5Kn1g-VG3YU8R9ktqEp3j8HxFftKkRcAJ2Dn-tVIJ4TCj4RAw9vUV7WO-5rMd28r_zKAHSzEnw_cuinZxlxwMdG1fy-AKLukX0eNPUiNWu96iYQXV_6f5A5XNxW7_M65iNOSvK_aPtMIaFzo-O8GvfXWcnj69-_LI-Lav_PEqyofGltasj0k1Vy_tp9EFJCtQN47a6zhYS-MM-QBnI4EJ5mBlnRcjWJPMQwE8_tczQevda0TwdbnTz9mXFggoeqNfkAW51qAKCkg3wz2FuYm-_XHC5PtmfgD4ZNgn3HmDLABPagmpa1A-AEA5AGAaAGTYAH1aDdsQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkxMjM5NTAxNDAxMDg4NTaACgOYCwHICwGADAGwE838xg3QEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRohTedcxGQlTRToYd1_La1Ew%26sig%3DAOD64_3CN-gGRT-l8ubgpbSilZOYeqS07Q%26client%3Dca-pub-2845463438153782%26dbm_c%3DAKAmf-CiGdVbLMnmbIxP__2U_MIVx8hCg-CBWiEXTBL2L5BO76kRSMjbF4RGAGnavd5up08qezF9Vb3XoBx7X8O6A7m0NsToeC7sUu4y4GgR56QOHJKyA6iTKjhznuOvDsObvuX_GA_VNlwpqg5kcMtl0qtxeDSnHw%26cry%3D1%26dbm_d%3DAKAmf-A0YqB4gtqWbGIeqfJ9aLiWC8f5AxJH4-xwvdgOaG47QiigQogAvszPoO-iQKPyrKu1lGWmO6yXd8sR3DJKO9LQM-i9cR2DU4gR1L85LexlipkO-8XNoC65Vd3cGMbMGh2Opi166ox26adXeSR14J10uBLgAZwtxeSGlW7jvPL8z9T7wy8c646ZhzU1e45hgxla0TgC2LFhYz-g6kLDkRStvdt4mifiy_SD4zOPSJS52X7fWggXYk0PNhf1zlVNMgGnhelknoIACxJOR1X1hi67wTRYwQjmq2Z9N4Ormoc-8eTnC3FA1_eK8mdrRcHmfHQqDj-Vs5d9Jd1wfbSMEqZRrb7Zfk4R3d_fi-mPkPKEj7sGX1OPEeohheoJMGZ-cM74O8MBSZlQR2fb7o0CxCRQXKSDAwiUJR4QdUajv7b4jEbpIfBwTfdc_4Okx5CW6XaV1qaOocub3YbMtO7infnuKo0b68vksa0OQKX2NE8a3tK4CMzZ1qrztHBsEgt-SDJ7yYCcpQa6e5pv-5KDi_ls8ntxMw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F$0;xdt=1;crlt=xt0zilGvTH;sttr=296;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 05:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 05:58:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E568 41 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 12:55:11 GMT

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame E568 187 KB
60 KB 55ms
54ms Script
application/javascript 2600:9000:223f:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=18517273&campId=47474513&pubId=1&chanId=32204227674&placementId=381128391&dealId=&adsafe_par&impId=ABAjH0hB-PFP_YWLEN4IvaC_sraZ&bidurl=https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:22 GMT
content-encoding: gzip
age: 44843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: hvN1iViCAziVlO72x9AqbcXKRsnymFx-RQ9oDi-vdGtVT3VmleASUw==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D448 1 KB
749 B 31ms
30ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 11 Dec 2021 05:53:44 GMT
expires: Sun, 12 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 1200
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E568 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3db16e9a32f9a58a911f55292005020c612b2f1dc197921142ffc50e6d0f6603

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 78B2 2 KB
537 B 39ms
39ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 04:32:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 11 Dec 2021 06:13:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Dec 2021 06:13:44 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 78B2 16 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 78B2 26 KB
10 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 11 Dec 2021 16:13:39 GMT

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E0C0 35 KB
13 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 17:20:09 GMT

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E72D 35 KB
13 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 17:20:09 GMT

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
431 B 186ms
59ms Image
image/gif 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.8946784531141896
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 8
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6bbc9198f9393759-MXP
x-amz-request-id: R7D9ASRFMZ60HF6M
x-amz-id-2: Dt9Z8EAR5FnPMjTblh4TYlKxDc54v1E8j6SZdvcFbXH3xGU+JJPNX9dgQvxLk7joZhGwE6AIP2Y=

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
103 B 186ms
60ms Image
image/gif 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.8946784531141896
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 8
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6bbc9198f93a3759-MXP
x-amz-request-id: R7D9ASRFMZ60HF6M
x-amz-id-2: Dt9Z8EAR5FnPMjTblh4TYlKxDc54v1E8j6SZdvcFbXH3xGU+JJPNX9dgQvxLk7joZhGwE6AIP2Y=

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
215 B 187ms
186ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=829650&asId=819cbadb-fd53-9bd0-35dd-37e3ec439e08&tv=%7Bc:wsWTAJ,pingTime:-10,time:1612,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639203224752%7C%7Ca5e9904526aa9d276e6f3e55681a5712%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cde2d9856d0302b15ad4d9d3df28fa0da%7C%7C07abaa0113d4e2ba7bdbc91ab18a974f%7C%7C3ad0464491c2e08b2473716c71ed1ba3%7C%7C01d927e84ef3a2891b0de825ab2c5ba0%7C%7Cc2e5ceba46fadfb8414677fd9ac52983%7C%7C1629390669,im:%7Bimprf:%7Bttecl:970,ecd:31,tsecr:330%7D%7D%7D
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3714 22 KB
8 KB 31ms
30ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Dec 2021 12:55:11 GMT
expires: Fri, 09 Dec 2022 12:55:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 148713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FAF4 32 KB
10 KB 34ms
34ms Script
text/html 104.96.5.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.5.77 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-5-77.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 48ab57cb7771642f95f87f04f505937b8a54c3fe49758d9750c04948bcb87a3e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46767
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9507
Expires: Sat, 11 Dec 2021 19:13:11 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5904 32 KB
10 KB 38ms
38ms Script
text/html 104.96.5.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.5.77 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-5-77.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 48ab57cb7771642f95f87f04f505937b8a54c3fe49758d9750c04948bcb87a3e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46767
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9507
Expires: Sat, 11 Dec 2021 19:13:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BA12 1 KB
749 B 31ms
30ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 11 Dec 2021 05:53:44 GMT
expires: Sun, 12 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 1200
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6598 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dea99048a5f521ead45c333c8602ed243b3937e0907d6f1e7198839a485c3ddd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 6598 21 KB
21 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:17:51 GMT
x-content-type-options: nosniff
age: 60953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:17:51 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 6598 21 KB
21 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 388338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 06 Dec 2022 18:21:26 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 7EF8 27 B
563 B 149ms
75ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C5278957349807421836187207783%2C%2C&us_privacy=&cb=1639203224122&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-11%206:13:44&ranreq=0.3134152668592336&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C5278957349807421836187207783%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9628 0
23 B 55ms
54ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0D1D 0
0 42ms
42ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3893877200361406&rc=
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 _728x90.jpg
s0.2mdn.net/sadbundle/2691227766234564666/728x90/images/ Frame 7FFA 27 KB
27 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2691227766234564666/728x90/images/_728x90.jpg

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23315445b1687aa8503cb2c0a539669a2fd959821d10271d02e46b974e6aa091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2691227766234564666/728x90/728x90-B.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 13:10:29 GMT
x-content-type-options: nosniff
age: 147795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27239
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 09:52:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 13:10:29 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E04 0
23 B 57ms
57ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0wV4GVUsori_nCKqMrZBWjK2VRkfBdUIMZtzv4OGc6CLLGUEu3M8RqMV4nTm2SHVDeGp3ePLn__O5GjwUGoGCHX0fEPKAihL3AK7Ttc5-EGhOHDhvrZxZ1wrJgA7OLQWfThp9SGU3yVxLWG0RxvSLP7AzUCZEBjULRM3spCJW5ba4nx1IC892jWbqYl8ct09AUjmL44ccf052hPvOL4VKdI_xcoxN1wNBDSo-dtr8pj1eqRd7NbkXF24IHPHJxi6YCINGZ6Vkylc_kgqQDyMqnGc_32l_dR6xd4vFJ1b1L9zmH5P8fSS-gDr0XF76cbrrQg5soIFSzKgVdPiioZk21QC_q2gOGMmteviAt7KLe4vc786HD1FNIEjX6yED6ftUpC2Uvt8fG70gDEXMjDAOmByfd9VYIG3LImg_52WPUnb-6wW8bjoWMpucHw6-uT0ISmrXz7zyqbHen6dqY8cT8xFxbh_bxQpP_qpc23MVbeiXqos63HZCME43xI8QwvF3ERzpBQvDU4cUrcAWlYBrQ0ReARcrmrgbFu8hhMFriSO_fJvfLDbHisuUP_CchNPXxNxwqUR4CQEKjwJeZd9eIjihCHsg3Zy2Cx9WR-d9PK45KkVz1EvdRkdjAIvO0Xtrkc6CuO9uE5Df3h-nllaNKmtGZPmrSRY16IoJKBEpz1i5sICNV0pALkRvBy7sjRERXyseQmw2dSGDyBmx_Zl4Vl5NAiz4GWrVF7wgeBVyPsKQjDkXrODW1XI3wxEmpKR2YxUyNKcDQ-buEj8T2b9P1OEUBemLdjUulVGQaso53wtWldVkgHtZdlL8fGbUwqM29FcYrGqXUmXZ7KNqJc4GeNU0k2aF5OhMuF6J4hhsD4u_vgpMNZVUsAEkAa_xuAnd_rTkNDmbd0aoI_lYakMt4DrP6iffFryQxBHReZuuYyebQPisxN8ovJHw8_rlCbes-8zysTf5uZISvQzzd0sPeRVsNW3DAFZRbwLFTAdlutZ1zB9iwfiasfnUXThQuKy0lvJ9jDEN-ueHCZ3U5eTXG64IwfH_H2HZsg6PAnGXMvaebgXDxzerRdvwbK521vQGjDWhJep6jEUdHeLMr8Q6MSZxp1B6rfdPpySLDAg7brfmGj5wDJcdv7wEl6_6seepjVQ6LTiftLfAjyAGvw4Z5aJGPThf95V1fGAFE2h95wvznJsyab_Lv4kOMgw2UJTf0sPVjJurVIvOXwU-163SYGUV0waPpKzgXJRoJSYRJTPlx2gOP6HJAnZJzQ8bKJ9uOlIGAH_E06aik_GtOIyOIH2CiyHiUqcDMJc1anskzyYQJCAYInvPCkAjZjQxb3DGoMgqpw&sai=AMfl-YTYoQF6N-zelj3Uw_zuIZ2RonegdbLy0Y7FlLvPLSakGd9TggCJS0PfrlIwdkBCPPHJJUozuZlHk77BCUivNuljFVTxbx5yTuLRFf0b-cqhN3D8XyfBJtwVjxN2GNOFMB26NdieAjyo6M4GAbbZSATwFOd3Gw&sig=Cg0ArKJSzOSpWNE_QtQHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1637&vt=11&dtpt=1011&dett=3&cstd=623&cisv=r20211207.04961&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E7B1 35 KB
13 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 17:20:09 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1C57 2 KB
3 KB 80ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45691071&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f9d68ef5cb8c45c19f684228e2673fc376d8920df6e27c1eb5344a62ab6855d8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:43 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
DATA 200
OK truncated
/ Frame B060 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17ae0d10bda60d99133053ac904d1c8a98dd33a2708db7d5bf12c12f101a447d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame D8E5 2 KB
537 B 40ms
40ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 04:38:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 11 Dec 2021 06:13:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Dec 2021 06:13:44 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D8E5 16 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D8E5 26 KB
10 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 11 Dec 2021 16:13:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E568 119 KB
36 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:13:44 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 6 KB
2 KB 32ms
31ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdc7e77b96ccc21f84b4966faee31a47adf9eee97540aca839d56999478bff71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2321
date: Thu, 09 Dec 2021 11:26:44 GMT
expires: Fri, 09 Dec 2022 11:26:44 GMT
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 154020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E568 0
23 B 55ms
55ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6RNPryuxN9rEvBNXmBf9Rz0jWIUQu9S79qot-OazLDplYbCPvj3Woxs75vMwqoq3i-LaTQU2xvPCfMi0AC3VTQYH0Nw_GKzpPWj-nOuq_AT-k1W8-Dwy-TXAWDVTORpbtBdtH7HUxxwx6fj8Iyru6vsfQOUspp1T1hDylZXWefIvHbaKbIUJbDvN07HLGRxL7253vSzVXRrZg&sai=AMfl-YR5E4IPGJDpdJIA7sL47GN9ZRY6EFsLjdVFK3qjJWeSmPIFFw&sig=Cg0ArKJSzCfCvrgbJ193EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=412&cbvp=1&cstd=410&cisv=r20211207.56371&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0A74
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN6-dB2LE7v_cguRwdPSpMs&google_cver=1&google_push=AYg5qPLh1lis2TmSO7b8oLFq5WCyJUHqwtO3d-t4fNh3SQ4bN85_6-ZA4pHWlY4aOUl72C_uQVhHlgb18B4RNbopQtSdMxnqAYfepg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEwMDYxODI0ODYwMDQwMzUzOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDgrB6Qgwp4I-9aYv_6q5MM&google_cver=1

43 B
407 B

640ms
203ms

Image
image/gif

2620:112:f006:bbbb::12
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDgrB6Qgwp4I-9aYv_6q5MM&google_cver=1
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Server: 2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDgrB6Qgwp4I-9aYv_6q5MM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0A74 0
104 B 136ms
69ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEO0SZNubcjnY4RjU_UGNW2Y&google_cver=1&google_push=AYg5qPLIOW7r9hFkS9bkr8WwQ4NxyEsLsvpbeJCRMFjasPv6gkpGlln9AZvSZZ6VoKPWwoM-9DIOJhrv2ZH83q6RQe69scrtrECJZA
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 0A74
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESELygIyZyAM5yNzz8SjPdCgo&google_cver=1&google_push=AYg5qPLxquGJYH-YWwZRDv2yJWDaGc-ao0xKMiBVkK4UT93ikPkToBUmtDwlzbC8k2fvB6fHKXOcWkGl4M8I0wCQNZw5yZ5...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLxquGJYH-YWwZRDv2yJWDaGc-ao0xKMiBVkK4UT93ikPkToBUmtDwlzbC8k2fvB6fHKXOcWkGl4M8I0wCQNZw5yZ5-15jn&google_hm=NTY3NzQ5ODU...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
811 B

627ms
159ms

Image
image/gif

198.8.71.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: HTTP/1.1
Server: 198.8.71.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:46 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A74
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELPW4pF3v525GNI1sh7P70k&google_cver=1&google_push=AYg5qPIg0KsohBGwdGY08DiF1I1xhKftFmTz6DzIyLU0LlTZoDu4D9WyRkRigG28DUtutCUqFWPm8LNqpbEbwj1WeK5YI0-hZCW-UA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=140DAD53AA5B465DAF41E2F6DE600022&google_push=AYg5qPIg0KsohBGwdGY08DiF1I1xhKftFmTz6DzIyLU0LlTZoDu4D9WyRkRigG28DUtutCUqFWPm8LNqpbEbwj1...

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=140DAD53AA5B465DAF41E2F6DE600022&google_push=AYg5qPIg0KsohBGwdGY08DiF1I1xhKftFmTz6DzIyLU0LlTZoDu4D9WyRkRigG28DUtutCUqFWPm8LNqpbEbwj1WeK5YI0-hZCW-UA

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Dec 2021 06:13:44 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=140DAD53AA5B465DAF41E2F6DE600022&google_push=AYg5qPIg0KsohBGwdGY08DiF1I1xhKftFmTz6DzIyLU0LlTZoDu4D9WyRkRigG28DUtutCUqFWPm8LNqpbEbwj1WeK5YI0-hZCW-UA
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Fri, 10 Dec 2021 06:13:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A74
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA8DB71sliVegBRYIus7iwE&google_cver=1&google_push=AYg5qPIKxvxDWuoLTATOQEZM8P_esI2cBt-2c3RHKnGbaF3SsBNcjCG3AuzVozgJl--YblogbehROmWYy4OqfOBPZule...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIKxvxDWuoLTATOQEZM8P_esI2cBt-2c3RHKnGbaF3SsBNcjCG3AuzVozgJl--YblogbehROmWYy4OqfOBPZuleFOYDAcxrqA&google_hm=95wGn3VTTFqqwfwd-L2nxg==

170 B
188 B

42ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIKxvxDWuoLTATOQEZM8P_esI2cBt-2c3RHKnGbaF3SsBNcjCG3AuzVozgJl--YblogbehROmWYy4OqfOBPZuleFOYDAcxrqA&google_hm=95wGn3VTTFqqwfwd-L2nxg==

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIKxvxDWuoLTATOQEZM8P_esI2cBt-2c3RHKnGbaF3SsBNcjCG3AuzVozgJl--YblogbehROmWYy4OqfOBPZuleFOYDAcxrqA&google_hm=95wGn3VTTFqqwfwd-L2nxg==
Date: Sat, 11 Dec 2021 06:13:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A74
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENZssFncgn0sDOMPe29FZhU&google_cver=1&google_push=AYg5qPKUGFQmWQ0PSnMjDX70vBlK1ONAwSKKpDkAEZp8NFhdKkil9Oeg7B--6omk8FFysywmjj8olEv2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgzNTM5NTk2MDk4OTc0NTU3Nw&google_push=AYg5qPKUGFQmWQ0PSnMjDX70vBlK1ONAwSKKpDkAEZp8NFhdKkil9Oeg7B--6omk8FFysywmjj8olE...

170 B
188 B

43ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgzNTM5NTk2MDk4OTc0NTU3Nw&google_push=AYg5qPKUGFQmWQ0PSnMjDX70vBlK1ONAwSKKpDkAEZp8NFhdKkil9Oeg7B--6omk8FFysywmjj8olEv22I5qfUg-lUS6QPQPJwEnGQ

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgzNTM5NTk2MDk4OTc0NTU3Nw&google_push=AYg5qPKUGFQmWQ0PSnMjDX70vBlK1ONAwSKKpDkAEZp8NFhdKkil9Oeg7B--6omk8FFysywmjj8olEv22I5qfUg-lUS6QPQPJwEnGQ
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0A74
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBUm7v5zhVubpfUkEbBqNRg&google_cver=1&google_push=AYg5qPIufhIxNEBCFECBhmfGQZYH8MX52pgXbJw-zSqbgR4K5klseoWxq8-SnP35LjnNU_n3xuZ0UgWg6vEQ_353...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIufhIxNEBCFECBhmfGQZYH8MX52pgXbJw-zSqbgR4K5klseoWxq8-SnP35LjnNU_n3xuZ0UgWg6vEQ_353eyzv_MIDRtwYmw

170 B
188 B

44ms
44ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIufhIxNEBCFECBhmfGQZYH8MX52pgXbJw-zSqbgR4K5klseoWxq8-SnP35LjnNU_n3xuZ0UgWg6vEQ_353eyzv_MIDRtwYmw

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIufhIxNEBCFECBhmfGQZYH8MX52pgXbJw-zSqbgR4K5klseoWxq8-SnP35LjnNU_n3xuZ0UgWg6vEQ_353eyzv_MIDRtwYmw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: fw70jnc_zb0_oF-MabLMfAqTWzsv1JaK2WUwJzfyzUtHxaL2yQ-WjQ==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0A74 0
12 B 40ms
39ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxOjjQLsNuUtC7u_bM_xQWxZ2Wm8Y2Z0N0Ac-J6BzgRBYdRykhB1pu3Vkg7m_wXqQ32Dbi

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FAF4 284 B
536 B 37ms
37ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5904 284 B
536 B 35ms
35ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame 9628 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b06a8b9e98907af1562a40f22ab914a718becce0ef260ba61c6733f31d33b0a2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1EC3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

66ms
66ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 11 Dec 2021 06:13:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 11 Dec 2021 06:13:44 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 11 Dec 2021 06:13:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame EED2 0
191 B 23ms
22ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEE05rzY9wfHavh-fLkoOOA0&google_cver=1&google_push=AYg5qPK6lx-79FO4gjxlDaEV00ijCG6L-WKwLlflntF0eetdDzGkqZwxipyzAENom-Xg_im58Y0VClFRs6APzh1Dc_9UreQprwvr
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:43 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EED2
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBuGmWgC_2UGassfWAmo5eU&google_cver=1&google_push=AYg5qPImQ7TEoRpf_IOgiKFwqvI8aM0gnA7V8yXzq4MhjufwPGXmvz0i2eCAmfdsPeolUByrsJdgNWNMN_vYI8PBRwbEVFx...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBuGmWgC_2UGassfWAmo5eU&google_cver=1&google_push=AYg5qPImQ7TEoRpf_IOgiKFwqvI8aM0gnA7V8yXzq4MhjufwPGXmvz0i2eCAmfdsPeolUByrsJdgNWNMN_vYI8PBRwbEV...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPImQ7TEoRpf_IOgiKFwqvI8aM0gnA7V8yXzq4MhjufwPGXmvz0i2eCAmfdsPeolUByrsJdgNWNMN_vYI8PBRwbEVFxqGWQ

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPImQ7TEoRpf_IOgiKFwqvI8aM0gnA7V8yXzq4MhjufwPGXmvz0i2eCAmfdsPeolUByrsJdgNWNMN_vYI8PBRwbEVFxqGWQ

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPImQ7TEoRpf_IOgiKFwqvI8aM0gnA7V8yXzq4MhjufwPGXmvz0i2eCAmfdsPeolUByrsJdgNWNMN_vYI8PBRwbEVFxqGWQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame EED2 43 B
350 B 73ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHm7-KKugBXHLB-LTHi3Qsk&google_cver=1&google_push=AYg5qPKKm4pFtyaOFEgavmZoXrGYMTGuN6-hlPkv6zkJHDubdRzmSZS6jiluG-iCqcPRlYKF7CZ-ft3oWMCwhBZHhf0ukhpcJ4bl
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n5gd65dh4mckirl2cc81hrifuofl0env

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EED2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

89ms
89ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLT1hsySUbj5WrkYE979DfHzjD7v_th_YFzafg1BRO73wLdn07ZONKPrdVn5_43BM_6Qh694TxVp_5gJf1r8fyARaxVIyyX

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLT1hsySUbj5WrkYE979DfHzjD7v_th_YFzafg1BRO73wLdn07ZONKPrdVn5_43BM_6Qh694TxVp_5gJf1r8fyARaxVIyyX
date: Sat, 11 Dec 2021 06:13:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EED2
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMlhQnNDw1SR61fbooOs1Wo&google_cver=1&google_push=AYg5qPLgWMN9BLEWvpgGB6EoVfUTv622w_1LrljJDd_xEUJ8TjoWmatYXtKQiinebZDcFgYsS5PLMC10zTGHiKP2T...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMlhQnNDw1SR61fbooOs1Wo&google_cver=1&google_push=AYg5qPLgWMN9BLEWvpgGB6EoVfUTv622w_1LrljJDd_xEUJ8TjoWmatYXtKQiinebZDcFgYsS5PLMC10zTGHiKP2T...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLgWMN9BLEWvpgGB6EoVfUTv622w_1LrljJDd_xEUJ8TjoWmatYXtKQiinebZDcFgYsS5PLMC10zTGHiKP2TZcoHYtpHJ31&google_hm=ef1e6f44f3bfd60d999717d5

170 B
188 B

43ms
43ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLgWMN9BLEWvpgGB6EoVfUTv622w_1LrljJDd_xEUJ8TjoWmatYXtKQiinebZDcFgYsS5PLMC10zTGHiKP2TZcoHYtpHJ31&google_hm=ef1e6f44f3bfd60d999717d5

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 11 Dec 2021 06:13:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLgWMN9BLEWvpgGB6EoVfUTv622w_1LrljJDd_xEUJ8TjoWmatYXtKQiinebZDcFgYsS5PLMC10zTGHiKP2TZcoHYtpHJ31&google_hm=ef1e6f44f3bfd60d999717d5
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET

pixel
cm.g.doubleclick.net/ Frame EED2
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEITJ6muP5_dktf6-YbzwnRQ&google_cver=1&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL

0
0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame EED2 0
75 B 144ms
38ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKdlVAfXNCXhYK2NARutDTM&google_cver=1&google_push=AYg5qPL-bFcEmn5JKVvs-JNV_si_bH-KTr_-gvk44u4Dbam3LVJJO1eOf-u2GVzAu3OUW0EtbI4__22WKoLSLVYEFHEADTXLdcDn
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EED2 0
12 B 40ms
40ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgO3YZMVyy6BWPxtrEP-gm66KgzJerhs9ptj8PZd827qTNQZwfEThDJo2N7KbhTOfDFbsn

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 78B2 15 KB
15 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 59636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:39:48 GMT

GET
DATA 200
OK truncated
/ Frame 09D3 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame EF05 152 KB
36 KB 52ms
52ms Script
text/javascript 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C20272506155278957349807421836%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET track
aktrack.pubmatic.com/ Frame 7EF8 0
0

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame 9A4E 5 KB
2 KB 414ms
215ms XHR
application/json 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1469260104990138368&lang=pt

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

1da5d399253e65d85549a8d5653bb29e2f569441b68e1700d1f2d2780a225b1a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"156a-lRC/zcus69S4wHO6deOlMeSThos"
x-powered-by: Express
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-xss-protection: 0
x-response-time: 137
server: tsa_f
x-frame-options: SAMEORIGIN
date: Sat, 11 Dec 2021 06:13:45 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: 1a0f7044ed5e46c19ca315e679e0e0c2879a75685d04c68b952d644941d53ce5
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D667 22 KB
8 KB 31ms
30ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Dec 2021 12:55:11 GMT
expires: Fri, 09 Dec 2022 12:55:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 148713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BC45 22 KB
8 KB 31ms
31ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Dec 2021 12:55:11 GMT
expires: Fri, 09 Dec 2022 12:55:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 148713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4468 35 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 17:20:09 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame B409 35 B
463 B 550ms
176ms Image
image/gif 2600:1f1c:a99:832c:727c:8f29:6f04:aca5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDmDu2DRcq9fbHq5Ole_3G4&google_cver=1&google_push=AYg5qPKc8EuS_i_cACPMX8LE0IfV1RFy_lu7cbouRxwT_nv5tqvHYa8vAjuGR7GBdeDWacQ-wBlVuijFYM_a0G4DlYMrxZlbQw_a4Q

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f1c:a99:832c:727c:8f29:6f04:aca5 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B409 0
141 B 84ms
29ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBRUF22ccvxlRM-7DSt6ElU&google_cver=1&google_push=AYg5qPIPuYP5w6-NrpRSHoPCF44bUVp2oD8rqZ_2NMmluwtg3s-frl2iidoSB-UPkL6vaWl48F0qr0aFTjkkZ-knbmhgmPmcyxOC
Requested by: Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 google
alt-svc: clear

GET
H3 200 dot.gif
s0.2mdn.net/ Frame B409 43 B
65 B 41ms
40ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEGvDFe3SVKYN7uBrszdmKy4&google_cver=1&google_push=AYg5qPLvkdqzFI7uI7lSic6lEl1Z8XfEFaG2G0foHBHsvEF_E4XL9Ehw8YxF05xgQpXW_jT3Hf2numZ-f20NGbD29NGwSEoPsOznKw

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Dec 2021 06:13:44 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame B409 43 B
64 B 47ms
26ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEga8RsHBz8FFL1MVgwUQKI&google_cver=1&google_push=AYg5qPK_nK7Vg4x3XykBDw1um_pEWisSD-m64NUj-1f4j3GaENYlLM4Dqg3_UnuuW4epDFs84sPQBrXmZ_5D0YkoMP94OFdjrtc_
Requested by: Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ec4v2o0h6mbmqqbu0r3jv2iu801cf8h6

GET

pixel
cm.g.doubleclick.net/ Frame B409
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7r...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B409
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBUm7v5zhVubpfUkEbBqNRg&google_cver=1&google_push=AYg5qPI8QYQiwQBTC7pyt04QNhFDSeuJfw388uga4W4QOl4GSZeyZWWQDGWgl5d_XUAzUD2T7YImT0scE4adJsf-...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI8QYQiwQBTC7pyt04QNhFDSeuJfw388uga4W4QOl4GSZeyZWWQDGWgl5d_XUAzUD2T7YImT0scE4adJsf-kFgnxoE5iG-yNg

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI8QYQiwQBTC7pyt04QNhFDSeuJfw388uga4W4QOl4GSZeyZWWQDGWgl5d_XUAzUD2T7YImT0scE4adJsf-kFgnxoE5iG-yNg

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI8QYQiwQBTC7pyt04QNhFDSeuJfw388uga4W4QOl4GSZeyZWWQDGWgl5d_XUAzUD2T7YImT0scE4adJsf-kFgnxoE5iG-yNg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: NjZ36FDuU2cQG58bRCj-hj8o80H47UxPqh8IRW5qQyAUFifOag0LFg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B409
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.targeting.unrulymedia.com/csync/RX-431d7272-a3bd-4ace-a388-665ef4e9a503-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPL2E6NAv0WbOiPV_C1gF...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL2E6NAv0WbOiPV_C1gF2FeHAno2pqx-pQKd-z6JvK0RIH7tlvo3FzPjb6A-X17NU1b5z3skvjIo-g0SFt4JYAX7TzIKQYN&google_hm=A0MdcnKjvUrOo4hmXvTppQM

170 B
188 B

42ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL2E6NAv0WbOiPV_C1gF2FeHAno2pqx-pQKd-z6JvK0RIH7tlvo3FzPjb6A-X17NU1b5z3skvjIo-g0SFt4JYAX7TzIKQYN&google_hm=A0MdcnKjvUrOo4hmXvTppQM

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL2E6NAv0WbOiPV_C1gF2FeHAno2pqx-pQKd-z6JvK0RIH7tlvo3FzPjb6A-X17NU1b5z3skvjIo-g0SFt4JYAX7TzIKQYN&google_hm=A0MdcnKjvUrOo4hmXvTppQM
date: Sat, 11 Dec 2021 06:13:45 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX431d7272a3bd4acea388665ef4e9a503003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B409 0
12 B 41ms
40ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCcnvp5O89e6Li8XUNHQDpZBi5rE9iN1Iz-Zx6xt_UXuHB1GaXBHTgpLRZO4BXuVh57nz3

Requested by

Host: b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
URL: https://b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 3E03 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7a293a4f852efb882d0b95130fb997f6513c0e41a65007d43dbcf451709a129

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 t Show response
t.lkqd.net/ Frame FCB1 0
176 B 115ms
115ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:44 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 9628
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/878020/58502531/skeleton.js?adsafe_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb530...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

30ms
30ms

Script
application/javascript

2600:9000:223f:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
age: 13556269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: t_3nWtIeDbEBNRyHFcODy8u2adB7jt5ggA5t70zlshlaBUDBSvKMjw==

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame C59A 80 KB
21 KB 31ms
31ms Script
application/javascript 2600:9000:223f:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 6127514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: 8QMLoDbEoAyRFPRxMW3ShYy6ibyevo53hrbIVqTwos2bSzs7Lz7zGQ==

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame B03C 80 KB
21 KB 31ms
31ms Script
application/javascript 2600:9000:223f:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 6127514
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: 8vmjHCo3PpQOeBhHgT8ysVc-aDqbGcyGVl2U3w1d858UCZvg8AX0oA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame E568 43 B
216 B 38ms
37ms Image
image/gif 52.19.214.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=18517273&campId=47474513&pubId=1&chanId=32204227674&placementId=381128391&dealId=&adsafe_par&impId=ABAjH0hB-PFP_YWLEN4IvaC_sraZ&bidurl=https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/&adsafe_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:97568912-889a-426f-19c7-f18e2d1893d3,c:wsWTJJ,sl:na,em:true,fr:false,thd:1,mn:app32ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:786,fm:sRglG5H+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1n21%7C1n3%7C1n4%7C1n5%7C1o*.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:798,oid:7d5e0a09-5a49-11ec-9787-020ccbaa276d,v:19.8.273,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.214.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-214-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0725
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKXw8NowUblSvU_30vSvSeU&google_cver=1&google_push=AYg5qPKyocLE2HuxQPl_hJ0agBBntW6SIe8Db07jkqEMVNsmHI9jDlUrxXCNqIpHAtWS4gFpx58WFBZ6zIiCyNQi9gI1M02IUzk
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEwMDYxODI0ODYwMDQwMzUzOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDgrB6Qgwp4I-9aYv_6q5MM&google_cver=1

43 B
407 B

203ms
203ms

Image
image/gif

2620:112:f006:bbbb::12
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDgrB6Qgwp4I-9aYv_6q5MM&google_cver=1
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDgrB6Qgwp4I-9aYv_6q5MM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0725 70 B
264 B 32ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDIrpzqHiZMUulZiTuSPSBw&google_cver=1&google_push=AYg5qPIFdAS2ZUmTkqj2vB6B3-YxFh3Otlxht9yGdt_gqzbvzTyP102_POmuXdECk5ZMvaq0JOvmverpYmYPodphvHVdhnzhKGs
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0725
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELEuM8yCxnYj2Xwbqs3fVyc&google_cver=1&google_push=AYg5qPK_BNaqIvsla1hsagndEnepBOeG9OCtgobemRi5cwvH6s9ifBs0DVHBIovOB_H7MkAooQhpbkAmbxt3IkCX...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cz4UC5p1QsuDAVTVFLJ1Hg2&google_push=AYg5qPK_BNaqIvsla1hsagndEnepBOeG9OCtgobemRi5cwvH6s9ifBs0DVHBIovOB_H7MkAooQhpbkAmbxt3IkCX9me0W6iI-Q

170 B
188 B

43ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cz4UC5p1QsuDAVTVFLJ1Hg2&google_push=AYg5qPK_BNaqIvsla1hsagndEnepBOeG9OCtgobemRi5cwvH6s9ifBs0DVHBIovOB_H7MkAooQhpbkAmbxt3IkCX9me0W6iI-Q

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cz4UC5p1QsuDAVTVFLJ1Hg2&google_push=AYg5qPK_BNaqIvsla1hsagndEnepBOeG9OCtgobemRi5cwvH6s9ifBs0DVHBIovOB_H7MkAooQhpbkAmbxt3IkCX9me0W6iI-Q
x-host: tde-deliveryengine-production-8f87c885-x4lbs
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0725
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHwuGp5SE9FjXGCkSk-5aWg&google_cver=1&google_push=AYg5qPI-vh_5tO4qUVnXpCsgZdoIOiWRPjUwg1fE6RxcYY3AKzB-kQf6r5Ugqt8If7WNywX2tSKIaxvM0oez4yp5fdhGeaq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI-vh_5tO4qUVnXpCsgZdoIOiWRPjUwg1fE6RxcYY3AKzB-kQf6r5Ugqt8If7WNywX2tSKIaxvM0oez4yp5fdhGeaqOums&google_hm=NTUyNjUzNzAyMjQ0Njc3MjQ...

170 B
188 B

43ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI-vh_5tO4qUVnXpCsgZdoIOiWRPjUwg1fE6RxcYY3AKzB-kQf6r5Ugqt8If7WNywX2tSKIaxvM0oez4yp5fdhGeaqOums&google_hm=NTUyNjUzNzAyMjQ0Njc3MjQ3MQ%3D%3D

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Dec 2021 06:13:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI-vh_5tO4qUVnXpCsgZdoIOiWRPjUwg1fE6RxcYY3AKzB-kQf6r5Ugqt8If7WNywX2tSKIaxvM0oez4yp5fdhGeaqOums&google_hm=NTUyNjUzNzAyMjQ0Njc3MjQ3MQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 0725 43 B
65 B 40ms
38ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEAaXEYkyNr5PMGPHAMhAoWs&google_cver=1&google_push=AYg5qPJre29sE9Bh3NHtCc2jlaCEHo6fwhwMhRnwVkc9R3niYk_zK4sReZ3806ltiUCgMd26Ey-7OZVmHPWUP6Z9eITFr3X2S0g

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Dec 2021 06:13:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0725
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELs9EQQ5jEgAm7hUVq10Yik&google_cver=1&google_push=AYg5qPIfEF2Dj8d0T6jgO0vUR9Tuy0tkMdO3yp9fWIXwT6g-sHSxveLy2G6EdwNARwQxoQBpMouhSG-l_9IcB3vTh...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIfEF2Dj8d0T6jgO0vUR9Tuy0tkMdO3yp9fWIXwT6g-sHSxveLy2G6EdwNARwQxoQBpMouhSG-l_9IcB3vThj_OF60uoYg&google_hm=ef1e6f44f3bfd60d999717d5

170 B
188 B

44ms
43ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIfEF2Dj8d0T6jgO0vUR9Tuy0tkMdO3yp9fWIXwT6g-sHSxveLy2G6EdwNARwQxoQBpMouhSG-l_9IcB3vThj_OF60uoYg&google_hm=ef1e6f44f3bfd60d999717d5

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 11 Dec 2021 06:13:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIfEF2Dj8d0T6jgO0vUR9Tuy0tkMdO3yp9fWIXwT6g-sHSxveLy2G6EdwNARwQxoQBpMouhSG-l_9IcB3vThj_OF60uoYg&google_hm=ef1e6f44f3bfd60d999717d5
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0725
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMp9oudwUNWFgVU48BxfbEI&google_cver=1&google_push=AYg5qPILJEMLJyhSvjxL-YiEs7byufBuyoH8RVxASDpVuO9O3MfOwViSpWsXrVMEeE-ZYs1K3D1usmSdpzSpM4wR...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPILJEMLJyhSvjxL-YiEs7byufBuyoH8RVxASDpVuO9O3MfOwViSpWsXrVMEeE-ZYs1K3D1usmSdpzSpM4wR2ISmNjLSRqI

170 B
188 B

43ms
43ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPILJEMLJyhSvjxL-YiEs7byufBuyoH8RVxASDpVuO9O3MfOwViSpWsXrVMEeE-ZYs1K3D1usmSdpzSpM4wR2ISmNjLSRqI

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPILJEMLJyhSvjxL-YiEs7byufBuyoH8RVxASDpVuO9O3MfOwViSpWsXrVMEeE-ZYs1K3D1usmSdpzSpM4wR2ISmNjLSRqI
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: ict786yukXwg9jaBfBPN0aSza42pGQl0LICl25J8DClVfl-EdIOI-w==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0725 0
12 B 41ms
40ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlGqxfTh1dp9AjM_7mOrH-I7ORw6BgSK8RU-TiYD95mnRd4M55J4KkUjAvcIFk7TkiBlC-

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D448
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBsL0wjt9aGnFmE7vETTFgI&google_cver=1&google_push=AYg5qPJVT5I4Qu6rntcuT0oF6OJ54YsO-FZDMmHDri2Mi1hj5N-bfYFluZJkloiFEnJP78nXPQLlij25l-2MJr_NMCUdC8rA6xBTGg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=140DAD53AA5B465DAF41E2F6DE600022&google_push=AYg5qPJVT5I4Qu6rntcuT0oF6OJ54YsO-FZDMmHDri2Mi1hj5N-bfYFluZJkloiFEnJP78nXPQLlij25l-2MJr_...

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=140DAD53AA5B465DAF41E2F6DE600022&google_push=AYg5qPJVT5I4Qu6rntcuT0oF6OJ54YsO-FZDMmHDri2Mi1hj5N-bfYFluZJkloiFEnJP78nXPQLlij25l-2MJr_NMCUdC8rA6xBTGg

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 11 Dec 2021 06:13:44 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=140DAD53AA5B465DAF41E2F6DE600022&google_push=AYg5qPJVT5I4Qu6rntcuT0oF6OJ54YsO-FZDMmHDri2Mi1hj5N-bfYFluZJkloiFEnJP78nXPQLlij25l-2MJr_NMCUdC8rA6xBTGg
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Fri, 10 Dec 2021 06:13:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D448
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP_-Cpiu69jtcHvjwbevFwE&google_cver=1&google_push=AYg5qPKAnyEnIs87Kjt6mbHFs9YjBr04HenSzeMnzs1Ov5YmdryVP6Zu9ninn1QbhbT2NZd6wiyyiGWjVHBkCZ...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPKAnyEnIs87Kjt6mbHFs9YjBr04HenSzeMnzs1Ov5YmdryVP6Zu9ninn1QbhbT2NZd6wiyyiGWjVHBkCZZQfKI6vHxrlzZgwQ&google_hm=hmG0QZj9DoJRPuW...

170 B
188 B

43ms
43ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPKAnyEnIs87Kjt6mbHFs9YjBr04HenSzeMnzs1Ov5YmdryVP6Zu9ninn1QbhbT2NZd6wiyyiGWjVHBkCZZQfKI6vHxrlzZgwQ&google_hm=hmG0QZj9DoJRPuWitQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61B44198FD0E82513EE5A2B5BLIS

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPKAnyEnIs87Kjt6mbHFs9YjBr04HenSzeMnzs1Ov5YmdryVP6Zu9ninn1QbhbT2NZd6wiyyiGWjVHBkCZZQfKI6vHxrlzZgwQ&google_hm=hmG0QZj9DoJRPuWitQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61B44198FD0E82513EE5A2B5BLIS
date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D448
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMa0aObi3j-AgNZyJTDS5fg&google_cver=1&google_push=AYg5qPIIiiKqM9ivdJ7MOyZuTzii2X5zyYYZt1nXdd3i2YfslDpVpTzI_ddu6uXLglpJcUHGTBCA51W2HpSgrn...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDMyNDI0Mjg3NDQ5NzE3MQ%3D%3D&google_push=AYg5qPIIiiKqM9ivdJ7MOyZuTzii2X5zyYYZt1nXdd3i2YfslDpVpTzI_ddu6uXLglpJcUHGTBCA51W2HpSgrnugZW...

170 B
188 B

42ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDMyNDI0Mjg3NDQ5NzE3MQ%3D%3D&google_push=AYg5qPIIiiKqM9ivdJ7MOyZuTzii2X5zyYYZt1nXdd3i2YfslDpVpTzI_ddu6uXLglpJcUHGTBCA51W2HpSgrnugZWKNSkDpitgs

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDMyNDI0Mjg3NDQ5NzE3MQ%3D%3D&google_push=AYg5qPIIiiKqM9ivdJ7MOyZuTzii2X5zyYYZt1nXdd3i2YfslDpVpTzI_ddu6uXLglpJcUHGTBCA51W2HpSgrnugZWKNSkDpitgs
Date: Sat, 11 Dec 2021 06:13:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D448
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJmpjq8XtkCWgYXDzOt_Lcw&google_cver=1&google_push=AYg5qPJkaynyQCSqAl8PHconhK3t-PXi1EAVxe4ah-21_sNolEcJASbLl3GND184v9OQEHLSkZc3FLO9Tf-JK4nS1r0m...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJkaynyQCSqAl8PHconhK3t-PXi1EAVxe4ah-21_sNolEcJASbLl3GND184v9OQEHLSkZc3FLO9Tf-JK4nS1r0muF3LVnlzOg&google_hm=95wGn3VTTFqqwfwd-L2nxg==

170 B
188 B

43ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJkaynyQCSqAl8PHconhK3t-PXi1EAVxe4ah-21_sNolEcJASbLl3GND184v9OQEHLSkZc3FLO9Tf-JK4nS1r0muF3LVnlzOg&google_hm=95wGn3VTTFqqwfwd-L2nxg==

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJkaynyQCSqAl8PHconhK3t-PXi1EAVxe4ah-21_sNolEcJASbLl3GND184v9OQEHLSkZc3FLO9Tf-JK4nS1r0muF3LVnlzOg&google_hm=95wGn3VTTFqqwfwd-L2nxg==
Date: Sat, 11 Dec 2021 06:13:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame D448 43 B
64 B 24ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEA9m4RZCvVMR6kUs3Fn9xPU&google_cver=1&google_push=AYg5qPLlubEn4iUNi9Wj7Tx26v74pnqs8tL4HYi3g09HpKWygfYaKYMy6vAeZD-z1i0RJi8ecn_3prxeJPIHorWa4NypRe6Ry9SAww
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ql3495i99l1uj1d6t1pjhs7t4lkngf8s

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D448
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED9AOOtzVMXv2fi5Hf732BE&google_cver=1&google_push=AYg5qPKwwG_KdoXEJGdDm9zYfxqvIC1gcnnfv9q4E9Kk-RMhAlq6-I-bpga8bTgpIU8C489t0li32bgII1FPtyry_TMUChFnGT...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKwwG_KdoXEJGdDm9zYfxqvIC1gcnnfv9q4E9Kk-RMhAlq6-I-bpga8bTgpIU8C489t0li32bgII1FPtyry_TMUChFnGTUklg&go...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1ODc0NzgwMzQ1MzYyMTUzNjA%3D&google_push=AYg5qPKwwG_KdoXEJGdDm9zYfxqvIC1gcnnfv9q4E9Kk-RMhAlq6-I-bpga8bT...

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1ODc0NzgwMzQ1MzYyMTUzNjA%3D&google_push=AYg5qPKwwG_KdoXEJGdDm9zYfxqvIC1gcnnfv9q4E9Kk-RMhAlq6-I-bpga8bTgpIU8C489t0li32bgII1FPtyry_TMUChFnGTUklg

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1ODc0NzgwMzQ1MzYyMTUzNjA%3D&google_push=AYg5qPKwwG_KdoXEJGdDm9zYfxqvIC1gcnnfv9q4E9Kk-RMhAlq6-I-bpga8bTgpIU8C489t0li32bgII1FPtyry_TMUChFnGTUklg
date: Sat, 11 Dec 2021 06:13:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame D448 0
75 B 39ms
38ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECEqii6rVcEgTUe3eCzZsnM&google_cver=1&google_push=AYg5qPLsR3_Pm_dxnWBroE1xtVuLy8l_PKdV5AD4yGTiKVB3G_e3uDbDGQCXonwNKjHcGnj0fEfmsNOBFuGKENXOD4JHs5XToqXmpQ
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D448 0
12 B 41ms
40ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ij0SDT5avqF8_OR3OtWxuqFqZowfRJpwpL9A-_kdfRFFovSfK4ry1JkISbglbeL3a5OG6h

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 match
c1.adform.net/serving/cookie/ Frame 6422 0
0 47ms
46ms Document
image/gif 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:45 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET

Pug
image2.pubmatic.com/AdServer/ Frame 46CE
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7415519081315808593

0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 02A0 0
0

GET /
dsp.adfarm1.adition.com/cookie/ Frame 2DAB 0
0

GET pixel
cm.g.doubleclick.net/ Frame 1C57 0
0

GET img
sync.mathtag.com/sync/ Frame 1C57 0
0

GET /
pixel.onaudience.com/ Frame 1C57 0
0

GET pixel
cm.g.doubleclick.net/ Frame 1C57 0
0

GET pubmatic
um.simpli.fi/ Frame 1C57 0
0

GET img
sync.mathtag.com/sync/ Frame 1C57 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame 1C57 0
0

GET match
c1.adform.net/serving/cookie/ Frame 1C57 0
0

GET getuid
ib.adnxs.com/ Frame 1C57 0
0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame F86D 236 KB
63 KB 63ms
63ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 11 Dec 2021 06:28:45 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 72 KB
13 KB 32ms
32ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.js?1631020189024

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d91d208af4387b32a530c9063936044052c7e6ec6e50958fa12449677e252d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12836
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 14:26:54 GMT

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 317 B
767 B 77ms
35ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: cba004cbbdd8509c386f600fa42ec3a79d7d31375172ee621b367a826138f7ee

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:45 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 317
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 25ms
24ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=5&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=31579657&cb=1639203225431&uv=3076&tms=1639203225431&su=3&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vE&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
content-length: 0
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9628 43 B
215 B 186ms
186ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=8000db06-ed7f-f805-dee5-99893651b3cf&tv=%7Bc:wsWTMk,pingTime:-3,time:970,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:774%7D,%7Bpiv:100,vs:i,t:970%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:971,o:0,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:773,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B228~1%5D,as:%5B228~728.90%5D%7D%7D,%7Bsl:i,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRglG5w+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n*.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9628 43 B
215 B 186ms
186ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=8000db06-ed7f-f805-dee5-99893651b3cf&tv=%7Bc:wsWTMm,pingTime:-6,time:972,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:972,o:0,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:773,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B228~1%5D,as:%5B228~728.90%5D%7D%7D,%7Bsl:i,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRglG5w+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n*.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:www.diariodocentrodomundo.com.br*&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
215 B 186ms
186ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=829650&asId=819cbadb-fd53-9bd0-35dd-37e3ec439e08&tv=%7Bc:wsWTMs,pingTime:-2.1,time:2339,type:a,im:%7Bpci:%7Btdr:1657%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:2339,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2331~0%5D,as:%5B2331~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:453,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n.878020-58502531%7C1n1%7C1o*.829650-57301878%7C1o1%7C1p1%7C1q%7C1r%7C1s%7C1t%7C1u,idMap:1o.97568912-889a-426f-19c7-f18e2d1893d3.172_10933%7C1o*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:382,readyFired:false%7D&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
215 B 186ms
186ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=97568912-889a-426f-19c7-f18e2d1893d3&tv=%7Bc:wsWTMv,pingTime:-3,time:970,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:798%7D,%7Bpiv:0,vs:o,r:l,t:970%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:970,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:798,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B183~1,0~0%5D,as:%5B183~728.90%5D%7D%7D,%7Bsl:o,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRglG5w+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1n5%7C1o*.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
215 B 187ms
187ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=97568912-889a-426f-19c7-f18e2d1893d3&tv=%7Bc:wsWTMw,pingTime:-6,time:971,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:971,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:798,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B183~1,0~0%5D,as:%5B183~728.90%5D%7D%7D,%7Bsl:o,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRglG5w+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1n5%7C1o*.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.diariodocentrodomundo.com.br*&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D4C3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

47ms
47ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 11 Dec 2021 06:13:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 11 Dec 2021 06:13:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 11 Dec 2021 06:13:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame C3FA 35 KB
13 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 08:08:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 08:08:39 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D8E5 15 KB
15 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 59637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:39:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA12
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWJSQm1BQUxDZ0FHUEFBeg==&google_gid=CAESEHEAdda0bjWvswEwNrLKE2Y&google_cver=1&google_push=AYg5qPLSS_KTyoq8FyVPylqy90wB0YPKAI...

170 B
188 B

42ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWJSQm1BQUxDZ0FHUEFBeg==&google_gid=CAESEHEAdda0bjWvswEwNrLKE2Y&google_cver=1&google_push=AYg5qPLSS_KTyoq8FyVPylqy90wB0YPKAIW5M9HHao-YoiR_hbjp_1FWnwr_X__eJKO9H0YjcHurfj0YGGerwHQELplX8obC-lFmsg

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639203225.188880,VS0,VE0
x-served-by: cache-lcy19268-LCY
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WWJSQm1BQUxDZ0FHUEFBeg==&google_gid=CAESEHEAdda0bjWvswEwNrLKE2Y&google_cver=1&google_push=AYg5qPLSS_KTyoq8FyVPylqy90wB0YPKAIW5M9HHao-YoiR_hbjp_1FWnwr_X__eJKO9H0YjcHurfj0YGGerwHQELplX8obC-lFmsg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BA12 70 B
264 B 32ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE-8if5SLs5r_EbLSwbz64I&google_cver=1&google_push=AYg5qPLYU8MZjj2E6ae4x5Wci8fCNmrUspoYI4fwvvHaIQixHGShfHIv1W_WlQsx6cKH-zCNwpRqg_Lu2ublLi5jMMpc5temfjch
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA12
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC_HQX80JX3cGaV5sHV8M3A&google_cver=1&google_push=AYg5qPJWmHrPnOqT6Q0PXzCwGXscrtFdns0UnntijDQ5i9j5WJzuS1CDp3bds3B-0vDdrazryvA9cM9tnQ5aag...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDMyNDI0Mjg3NDQ5NzE3MQ%3D%3D&google_push=AYg5qPJWmHrPnOqT6Q0PXzCwGXscrtFdns0UnntijDQ5i9j5WJzuS1CDp3bds3B-0vDdrazryvA9cM9tnQ5aagLSOG...

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDMyNDI0Mjg3NDQ5NzE3MQ%3D%3D&google_push=AYg5qPJWmHrPnOqT6Q0PXzCwGXscrtFdns0UnntijDQ5i9j5WJzuS1CDp3bds3B-0vDdrazryvA9cM9tnQ5aagLSOGjpWi35G9ht

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0MDMyNDI0Mjg3NDQ5NzE3MQ%3D%3D&google_push=AYg5qPJWmHrPnOqT6Q0PXzCwGXscrtFdns0UnntijDQ5i9j5WJzuS1CDp3bds3B-0vDdrazryvA9cM9tnQ5aagLSOGjpWi35G9ht
Date: Sat, 11 Dec 2021 06:13:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA12
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ--5DP7KTkszjYTDdx1DIs&google_cver=1&google_push=AYg5qPKHtFBzULRGlReCDdjpgbexFsGaOBwmjrWEVQmOgUQmNE0Igw1X_uG3BoOcC-lWwD_CbGQxMAmrSLThX6WlKhof...
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=f79c069f-7553-4c5a-aac1-fc1df8bda7c6
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=f79c069f-7553-4c5a-aac1-fc1df8bda7c6
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=a63c3cff-d9d7-4510-850f-793312cdb77a&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKHtFBzULRGlReCDdjpgbexFsGaOBwmjrWEVQmOgUQmNE0Igw1X_uG3BoOcC-lWwD_CbGQxMAmrSLThX6WlKhof1tuoEKQV&google_hm=95wGn3VTTFqqwfwd-L2nxg==

170 B
188 B

42ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKHtFBzULRGlReCDdjpgbexFsGaOBwmjrWEVQmOgUQmNE0Igw1X_uG3BoOcC-lWwD_CbGQxMAmrSLThX6WlKhof1tuoEKQV&google_hm=95wGn3VTTFqqwfwd-L2nxg==

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKHtFBzULRGlReCDdjpgbexFsGaOBwmjrWEVQmOgUQmNE0Igw1X_uG3BoOcC-lWwD_CbGQxMAmrSLThX6WlKhof1tuoEKQV&google_hm=95wGn3VTTFqqwfwd-L2nxg==
Date: Sat, 11 Dec 2021 06:13:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA12
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIm6LwWn64iZ9c7CthJkIvok3-OxidH3YtolEBQCn6W12_cXYPNZQdK4Fkx_XEvPADGPthEqaYDPrc5dQNNkmlp3GjFDgst9Q

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIm6LwWn64iZ9c7CthJkIvok3-OxidH3YtolEBQCn6W12_cXYPNZQdK4Fkx_XEvPADGPthEqaYDPrc5dQNNkmlp3GjFDgst9Q
date: Sat, 11 Dec 2021 06:13:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame BA12 0
75 B 39ms
38ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIfDcdSIQ_3jnnC0C_Fz4hw&google_cver=1&google_push=AYg5qPLYpUinnhKNp2CM8XwiAKapQ3KqpoP1oNZ28n_Q6r_6NqR7m7xw6zV25cnSG5OQw9PDuCUTb-91ZVtSHQpwr7ADOsFIPB08Wg
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
content-length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame BA12 43 B
65 B 40ms
39ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMWkXi-SO_t5hMFKouMDdLk&google_cver=1&google_push=AYg5qPIVn_qzc077Z2TzEZ0WWFpm-G4lsNrBZm1-hEDj98UkGzdiOzJvtMgPk7AWNFg6SXfn1EKzrICLAlemeL7viuQ8Kdq3Nf2ixQU

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Dec 2021 06:13:45 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BA12 0
12 B 41ms
40ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-XkZwrXGmefbffIqOyH95hxzGEA8Cg-m55bQGA8P2RTuL4lEdkhikqLiFTri_Oja8QAL94Q

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 33ms
32ms Image
image/gif 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:45 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9628 43 B
215 B 186ms
185ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=8000db06-ed7f-f805-dee5-99893651b3cf&tv=%7Bc:wsWTOJ,pingTime:-2,time:1119,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:508,bdZ:612,beA:2274,beZ:2276,mfA:3011,cmA:3013,inA:3013,inZ:3018,prA:3018,prZ:3040,si:3049,poA:3050,poZ:3065,cmZ:3065,mfZ:3065,loA:3246,loZ:3249,ltA:3393,ltZ:3393%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:728.90,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:774%7D,%7Bpiv:100,vs:i,t:970%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1119,o:0,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:773,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B228~1%5D,as:%5B228~728.90%5D%7D%7D,%7Bsl:i,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B149~100%5D,as:%5B149~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n*.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1o.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1n*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:343,readyFired:true%7D&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
215 B 202ms
202ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=97568912-889a-426f-19c7-f18e2d1893d3&tv=%7Bc:wsWTOM,pingTime:-2,time:1111,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2280,beZ:2281,mfA:3067,cmA:3067,inA:3067,inZ:3068,prA:3068,prZ:3076,si:3078,poA:3079,poZ:3087,cmZ:3087,mfZ:3087,loA:3251,loZ:3252,ltA:3391,ltZ:3391,idA:3087,idZ:3125%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:798%7D,%7Bpiv:0,vs:o,r:l,t:970%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1111,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:798,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B183~1,0~0%5D,as:%5B183~728.90%5D%7D%7D,%7Bsl:o,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B141~0%5D,as:%5B141~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1n5%7C1o*.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1o.819cbadb-fd53-9bd0-35dd-37e3ec439e08.142_829650-57301878%7C1o*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:313,readyFired:true%7D&br=c
Requested by: Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK embed.ondemand.Card.70a39a312f5b21bcec66.js Show response
platform.twitter.com/embed/ Frame 9A4E 2 KB
1 KB 52ms
51ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Card.70a39a312f5b21bcec66.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.54a58eb5540918258367.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEA) /
Resource Hash: 8178b0d9aa78d28374d07cee76a30cbb537dd77ddacb6da7c61d824d9c2ef497

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1469260104990138368&lang=pt&origin=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&sessionId=05915c5192f965987dd6cc85acd98cc2eb855877&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 20:09:13 GMT
Server: ECS (mil/6CEA)
Age: 121643
Etag: "60938efb05ec0b8deffa41b79e0fa2e7+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 845

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9A4E 43 B
380 B 127ms
127ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1639203225680%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22860263f%3A1639072779848%22%2C%22item_ids%22%3A%5B%221469260104990138368%22%5D%2C%22item_details%22%3A%7B%221469260104990138368%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Sat, 11 Dec 2021 06:13:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c71d33279fd48633f17e9935c2e6c4cb3ebd7e2c5140667bae08e7157819a302
x-transaction: fe932f153c6598e8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 9F6C 38 KB
14 KB 48ms
48ms Document
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C20272506155278957349807421836%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=116022
expires: Sun, 12 Dec 2021 14:27:27 GMT
date: Sat, 11 Dec 2021 06:13:45 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EF05 38 KB
14 KB 44ms
44ms Script
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C20272506155278957349807421836%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=116022
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Sun, 12 Dec 2021 14:27:27 GMT

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3714 35 KB
13 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 17:20:09 GMT

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 20ms
19ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
etag: "11d8569a7da0739259e3ac0b0d666e94"
age: 100
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: gwcDDbFt8IklZ3xTZzC5FnuLtX4+CgTJaXjczlUikutpcxXDVmakHDmEZzFhNi6oidsFrxLW984=
x-served-by: cache-lcy19223-LCY
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1639203225.347098,VS0,VE0
date: Sat, 11 Dec 2021 06:13:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: BCRJEW25C2C2SFBJ
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 98
x-cache-hits: 32

POST
H2 200 OpportunityServlet
opps.taboola.com/ 1 B
127 B 34ms
27ms Ping
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://opps.taboola.com/OpportunityServlet?rst=32
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203225.362591,VS0,VE9
x-served-by: cache-lcy19223-LCY
x-cache: MISS
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1
x-cache-hits: 0

POST
H2 200 OpportunityServlet
opps.taboola.com/ 1 B
56 B 29ms
28ms Ping
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://opps.taboola.com/OpportunityServlet?rst=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203225.374549,VS0,VE10
x-served-by: cache-lcy19223-LCY
x-cache: MISS
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1
x-cache-hits: 0

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 20ms
19ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 5f8ce6fad85064c6a8d3486ad2c8e170.cloudfront.net (CloudFront), 1.1 varnish
age: 2837408
x-amz-meta-mtime: 1498646328
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-lcy19223-LCY
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1639203225.423631,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: *
x-amz-cf-id: u0lbpjcsIAL5GD_c9bfH612fC-o10Kzmsp4sUcc3DSKn_rNUBSBnXg==
x-cache-hits: 90716

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
1021 B 21ms
19ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 9c078cf62ea8987c07cb33f6c4e5cb5e.cloudfront.net (CloudFront), 1.1 varnish
age: 2824356
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 701
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1639203225.423939,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: I4d0XeCVdUhuKuwrKwdGeRsdFmJEEnXcxSQp0ajmqMx1kaGmUWZNeg==
x-cache-hits: 89544

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
1 KB 21ms
20ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 3bfef3b67836f5c4e0ad0bd80a8be8da.cloudfront.net (CloudFront), 1.1 varnish
age: 2841895
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 709
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1639203225.424099,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR61-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Dlzrl0W0BbZCx24H1n2LoejdFQveTOQepESMDBgzLCIyC_k5vJlbDw==
x-cache-hits: 84798

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
875 B 20ms
19ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 04dc9ebdebde1811f62e65be6d89b8c8.cloudfront.net (CloudFront), 1.1 varnish
age: 2267987
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 634
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1639203225.424309,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR61-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZpxVMEuE1y_zaPsiTc19C_2FKHCdptSSHn9N3lgjf34qeQIFsFP8hg==
x-cache-hits: 44052

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
980 B 21ms
20ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 10614187afbc9547b57f699efd196655.cloudfront.net (CloudFront), 1.1 varnish
age: 501404
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 660
x-served-by: cache-lcy19223-LCY
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1639203225.424406,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR61-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: h_FF1EZeagKoChQ9w1QUGIXFtBxlfeiWSE1kH9yHuv6YLJGVZZDapA==
x-cache-hits: 1155

GET
H2 204 unip
trc.taboola.com/1005612/log/3/ 0
253 B 27ms
26ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1005612/log/3/unip?en=VideoZEROAudienceImpression&1639203225761
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203225.424505,VS0,VE8
x-served-by: cache-lcy19223-LCY
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 42ms
42ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2F%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1600&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=1665&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=6540&le=1&lf=619&lg=1&lh=180&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2500%3A2500%3A0%3A2875&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1609&cd=0&ah=1609&am=0&dq=196&dr=0&ds=196&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=265897731&cs=0
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:45 GMT

GET
H2 200 / Show response
pips.taboola.com/ Frame AF28 4 B
61 B 19ms
19ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-lcy19258-LCY
access-control-allow-methods: GET
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ Frame AF28 37 KB
8 KB 19ms
19ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 d2428440ce503624f438381ac01a2c8d.cloudfront.net (CloudFront), 1.1 varnish
age: 2889821
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-lcy19223-LCY
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1639203225.481233,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR62-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9t1Rn74-0noDnbVCmB6Sb6mQkdD5T7FqaYfEoSarc1kBR8hHohWPHw==
x-cache-hits: 694801

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ Frame AF28 8 KB
2 KB 22ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 a1a4fa2aa1a6ec4964511a9d2ab566d4.cloudfront.net (CloudFront), 1.1 varnish
age: 1460832
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-lcy19223-LCY
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1639203225.486248,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: LHR62-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: a_kqlf4sYBO9XqGC8z3veSDwFE3DpWg6h96HmlkdbxxrBg7oFtlX2Q==
x-cache-hits: 364257

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/ Frame AF28 576 KB
118 KB 20ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a789216a5b5923f74870e5b02d4f3808cb246bdee2ba8ff232c8f6dde87875c5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
via: 1.1 varnish
age: 504717
x-amz-meta-mtime: 1638698456
x-cache: HIT
x-amz-meta-ctime: 1638698469
x-amz-meta-mode: 33188
content-encoding: br
content-length: 120176
x-amz-id-2: 0IQCTjZ87XN/+3NqQB72XZFYy8U9kxxSbXY2GVXSStsrf2eIM9m0gmcXtfxdkoL4kGLyqyLEd5I=
x-served-by: cache-lcy19223-LCY
accept-ranges: bytes
last-modified: Sun, 05 Dec 2021 10:01:10 GMT
server: AmazonS3-br
x-timer: S1639203225.498472,VS0,VE0
etag: "c9beaa76567541fe62f2ff79e69d2939"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: YJPFJ6KW5EPA39ZX
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 263343

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FA15 1 KB
1 KB 113ms
112ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 31a8ecce6d30c7bcc0193aecc2ee98cfa69f13d76b0beaf2365d8fae74816d1c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:45 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3404

GET
H2 200 st
am-vid-events.taboola.com/ Frame AF28 0
43 B 25ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8061395&crid=4711345&dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&cmcv=&pix=31589837&cb=1639203225862&uv=3076&tms=1639203225862&su=&abt=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!t45!ufm_vA&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1639203220763.8!ts:1639203225862&
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
content-length: 0
server: nginx

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 100 B
550 B 34ms
33ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 4d3455baf97f4f45bbca7c734d4d66f4459e1794b1cc63c0368028c05778e439

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:45 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.diariodocentrodomundo.com.br
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B060 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNEfHnCH_TW27k1iFNIQrowAvJFU2NtTSFuokXB357Uh9hRTZ4BFhQH_-gf4CGgPJI6Lsz5509M9KPHX-XgJYI6tT4ieI7HbUtco1C7Na6gWeEN-vPLm1hYPVBJpCupdLV5e2nQykMh6pn&sai=AMfl-YQVWNTH6xCHU9bLwWAoRv_H9IVePl8aCe5ulExJfLBsk9I1kw-kgYIPo5ezQMPulJUaYXJ-vi-CIvBn5gVen0yNph813glGRflxaY4DFebY--cBzOlm6BGK0n4&sig=Cg0ArKJSzCPxI0gkT2DJEAE&cid=CAASF-RoQHudFOslMQYWl_r_qx0WG98vOnVK&id=lidar2&mcvt=1243&p=174,315,264,1285&mtos=1243,1243,1243,1243,1243&tos=1243,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2610948703&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639203223264&rpt=1415&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 25ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=2&cisd=convusmp&cipid=8087865&crid=4918115&dast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&cmcv=&pix=31425418&cb=1639203225985&uv=3076&tms=1639203225985&su=3&abt=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vE&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
content-length: 0
server: nginx

GET
H2 200 k1X-0rsp_normal.jpg
pbs.twimg.com/profile_images/1450106341540904961/ Frame 9A4E 2 KB
2 KB 54ms
53ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1450106341540904961/k1X-0rsp_normal.jpg

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CE2) /

Resource Hash

1517e4daad78dee52f5e094d13faf2ad5a129391a1b178ba4121969d03829c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
x-content-type-options: nosniff
age: 402081
x-cache: HIT
content-length: 2035
x-response-time: 114
surrogate-key: profile_images profile_images/bucket/9 profile_images/1450106341540904961
last-modified: Mon, 18 Oct 2021 14:25:48 GMT
server: ECS (mil/6CE2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 571cffdb1e98a02fa91c6898af0a908ec41319e17510d0a02348730a37dc1e13
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ Frame AF28 0
155 B 311ms
104ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 11 Dec 2021 06:13:45 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9628 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMupmtnfmCyEr1SVu7_tYAJxskzzyXg96w92sE_fLAuRZgWulRzM5qLQka5WPpWZRssEYDrgvnL5sftYOFVkeKkmw6RJB8r1wJWj4rxlSypIHe_ZOFBQ&sai=AMfl-YTzDR6Lo4zcui_hb38dDGaw_PAASNug33lHmRoMm0loAiUASEmd_uJLkwMHbbasKZ-pm8d2ghMrEt6WW5UdMJ9gbw2mW9eNedytbXmJyunfslNhQJwjIzrnENk_&sig=Cg0ArKJSzDOt5moxanzwEAE&cid=CAASEuRoQXeAzLtUgDRdug9JlPZmBA&id=lidar2&mcvt=1192&p=1110,436,1204,1164&mtos=0,1192,1192,1192,1192&tos=0,1192,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3380540317&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639203222228&rpt=2594&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9628 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcxqzGHkRmgUQtwokt6Rx9WL1JPqO2g0spmkZOau68KyRzAX2sZNWlDXbQm3hC1pEHDqYsl4QJYpV5hh8KgiLFrPxI7rLXPn4&sig=Cg0ArKJSzIZbC7dDgGovEAE&id=lidar2&mcvt=1195&p=0,0,90,728&mtos=1195,1195,1195,1195,1195&tos=1195,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=548554673&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639203222228&rpt=2597&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Goalify_Modernized_Badge_no_border.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 78B2 25 KB
25 KB 32ms
31ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/Goalify_Modernized_Badge_no_border.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209ee5a4d514155febd8dceb1c6c15a3a3b232b4bc467493d0ce6f70089845a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 198317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25925
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Wed, 08 Dec 2021 23:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 23:08:28 GMT

GET
H3 200 learn-more-button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 78B2 4 KB
4 KB 35ms
35ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/learn-more-button.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

950e49306d9bef6a4c6200164d2b5161ca9d765e36627b54334038686891ca52

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 198317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3852
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Wed, 08 Dec 2021 23:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 23:08:28 GMT

GET
H3 200 goalify-professional-desktop-phone-mockup_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 78B2 60 KB
60 KB 36ms
35ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/goalify-professional-desktop-phone-mockup_1.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c685943bda625fc14293f09297b34ece4ac688a912bf8b677c230c4c43081919

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 283133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61664
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Tue, 07 Dec 2021 23:34:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 23:34:52 GMT

GET
H3 200 bande_Orange.png
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 2 KB
2 KB 31ms
31ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/bande_Orange.png?1631020188995

Requested by

Host: a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12d917e05a443130d6705d6b122650e039f76c5e4923eeb7cf6da9763a912a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:32:23 GMT
x-content-type-options: nosniff
age: 214882
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1623
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 18:32:23 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E568 0
23 B 54ms
54ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6RNPryuxN9rEvBNXmBf9Rz0jWIUQu9S79qot-OazLDplYbCPvj3Woxs75vMwqoq3i-LaTQU2xvPCfMi0AC3VTQYH0Nw_GKzpPWj-nOuq_AT-k1W8-Dwy-TXAWDVTORpbtBdtH7HUxxwx6fj8Iyru6vsfQOUspp1T1hDylZXWefIvHbaKbIUJbDvN07HLGRxL7253vSzVXRrZg&sai=AMfl-YR5E4IPGJDpdJIA7sL47GN9ZRY6EFsLjdVFK3qjJWeSmPIFFw&sig=Cg0ArKJSzCfCvrgbJ193EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1655&vt=11&dtpt=1243&dett=3&cstd=410&cisv=r20211207.56371&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 43ms
43ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1600&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=1667&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=6540&le=1&lf=619&lg=1&lh=180&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2500%3A2500%3A0%3A2875&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1609&cd=1609&ah=1609&am=1609&dq=196&dr=196&ds=196&dt=196&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=0&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=1766882674&cs=0
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:45 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:45 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame EF05 27 B
366 B 69ms
68ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C20272506155278957349807421836%2C%2C&us_privacy=&cb=1639203225686&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-11%206:13:46&ranreq=0.40169181255279574&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C20272506155278957349807421836%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:45 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame D667 35 KB
13 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 08:08:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 08:08:39 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame BC45 35 KB
13 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 08:08:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 08:08:39 GMT

GET
DATA 200
OK truncated
/ Frame 78B2 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 goalify-professional-desktop-phone-mockup_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 78B2 60 KB
60 KB 31ms
31ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/goalify-professional-desktop-phone-mockup_1.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c685943bda625fc14293f09297b34ece4ac688a912bf8b677c230c4c43081919

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 283133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61664
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Tue, 07 Dec 2021 23:34:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 23:34:52 GMT

GET
H3 200 learn-more-button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 78B2 4 KB
4 KB 35ms
35ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/learn-more-button.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

950e49306d9bef6a4c6200164d2b5161ca9d765e36627b54334038686891ca52

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 198317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3852
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Wed, 08 Dec 2021 23:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 23:08:28 GMT

GET
H3 200 Goalify_Modernized_Badge_no_border.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame 78B2 25 KB
25 KB 36ms
35ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/Goalify_Modernized_Badge_no_border.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209ee5a4d514155febd8dceb1c6c15a3a3b232b4bc467493d0ce6f70089845a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 198317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25925
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Wed, 08 Dec 2021 23:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 23:08:28 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9F6C 2 KB
2 KB 19ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6601484&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 654c5e0e2199723c4485bdea4d29d35279135d218b8708b04c00d427e4ee1ae3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1973
content-type: text/html; charset=UTF-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FA15 70 B
264 B 98ms
97ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame FA15 43 B
182 B 95ms
94ms Image
image/gif 2600:1f18:612b:4264:e8c6:2f28:702a:f217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:e8c6:2f28:702a:f217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame FA15 43 B
220 B 34ms
34ms Image
image/gif 18.196.195.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.195.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/ Show response
sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame FA15
Redirect Chain

https://bh.contextweb.com/bh/rtset?gdpr=1&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%25%25VGUID%25%2...
https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=9wMIZ9c27Rco&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1

0
97 B

28ms
28ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=9wMIZ9c27Rco&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9801

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-GB
location: https://sync.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?gdpr=1&taboola_hm=9wMIZ9c27Rco&orig=video&us_privacy=1---&ev=1&us_privacy=1---&pid=560382&gdpr=1
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7c99ddd9c5-wf592
expires: -1

GET
H3 200 Goalify_Modernized_Badge_no_border.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame D8E5 25 KB
25 KB 31ms
30ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/Goalify_Modernized_Badge_no_border.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209ee5a4d514155febd8dceb1c6c15a3a3b232b4bc467493d0ce6f70089845a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 198318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25925
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Wed, 08 Dec 2021 23:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 23:08:28 GMT

GET
H3 200 learn-more-button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame D8E5 4 KB
4 KB 34ms
33ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/learn-more-button.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

950e49306d9bef6a4c6200164d2b5161ca9d765e36627b54334038686891ca52

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 198318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3852
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Wed, 08 Dec 2021 23:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 23:08:28 GMT

GET
H3 200 goalify-professional-desktop-phone-mockup_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame D8E5 60 KB
60 KB 34ms
33ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/goalify-professional-desktop-phone-mockup_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c685943bda625fc14293f09297b34ece4ac688a912bf8b677c230c4c43081919

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 283134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61664
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Tue, 07 Dec 2021 23:34:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 23:34:52 GMT

GET
H3 200 Bg1.jpg
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 2 KB
2 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/Bg1.jpg?1631020188995

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf49cc272cd6eba5dbbec1b64f87ba80d99cc06e3997ebfc22bd497d4d52bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 05:21:24 GMT
x-content-type-options: nosniff
age: 89542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Dec 2022 05:21:24 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:46 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame FCB1 0
176 B 112ms
111ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:46 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 track
aktrack.pubmatic.com/ Frame EF05 0
61 B 34ms
33ms Image
text/html 23.200.212.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639203226&wa=0&e=95&vc=2
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.230 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
content-length: 0
content-type: text/html

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
1 KB 140ms
139ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4918115&noaop=5&sortOrderType=0&cb=1639203226434&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1308&pt=-1299135319&tz=0&viewable=true&ddast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1436175&dpubid=243785&abtst=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vE&mPre=0.033&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eb4006c2064019dddd5641310684f2789cb9c744617f133735bfd4ba514e2f14

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
content-encoding: gzip
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
machineid: 1440
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy19223-LCY
pragma: no-cache
server: nginx
x-timer: S1639203226.051912,VS0,VE119
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5236
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

29ms
28ms

Document
text/html

104.96.5.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.5.77 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-5-77.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Dec 2021 06:13:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Sat, 11 Dec 2021 06:13:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 XPRPxThI
pbs.twimg.com/card_img/1469209056065720322/ Frame 9A4E 22 KB
23 KB 54ms
53ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1469209056065720322/XPRPxThI?format=jpg&name=small

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEF) /

Resource Hash

a840e639aa809a9a693f3a9f0e16f7eff44818be13f1d74c23bd54845a6c114e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
age: 81458
x-cache: HIT
content-length: 22935
x-response-time: 237
surrogate-key: card_img card_img/bucket/7 card_img/1469209056065720322
last-modified: Fri, 10 Dec 2021 07:33:10 GMT
server: ECS (mil/6CEF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e052825a547fc717c13367226d85b50884d31608328751633f781f4464fa414d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
BLOB 206
Partial Content 6649cd10-115f-4bab-b547-bee0c002cbd9
https://www.diariodocentrodomundo.com.br/ Frame AF28 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.diariodocentrodomundo.com.br/6649cd10-115f-4bab-b547-bee0c002cbd9
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 28188694-c543-47da-b69d-ce327de49e74
https://www.diariodocentrodomundo.com.br/ Frame AF28 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.diariodocentrodomundo.com.br/28188694-c543-47da-b69d-ce327de49e74
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9628 43 B
215 B 187ms
186ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=8000db06-ed7f-f805-dee5-99893651b3cf&tv=%7Bc:wsWU3U,pingTime:1,time:2060,type:p,im:%7Bimprf:%7Bttecl:3339,ecd:30,tsecr:563%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:774%7D,%7Bpiv:100,vs:i,t:970%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2060,o:0,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:773,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B228~1%5D,as:%5B228~728.90%5D%7D%7D,%7Bsl:i,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1090~100%5D,as:%5B1090~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:534,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n*.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1o.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9628 43 B
215 B 189ms
189ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=8000db06-ed7f-f805-dee5-99893651b3cf&tv=%7Bc:wsWU3V,pingTime:1,time:2061,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:774%7D,%7Bpiv:100,vs:i,t:970%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:2061,o:0,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:773,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B228~1%5D,as:%5B228~728.90%5D%7D%7D,%7Bsl:i,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1091~100%5D,as:%5B1091~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:534,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n*.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1o.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
DATA 200
OK truncated
/ Frame D8E5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Image1.png
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 6 KB
6 KB 32ms
32ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/Image1.png?1631020188995

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c95653ec8f85b8b99dd0e47c0057ee24bdf5df38ce89d68c4e5762dc77e04d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:32:23 GMT
x-content-type-options: nosniff
age: 60083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5839
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Dec 2022 13:32:23 GMT

GET
H3 200 goalify-professional-desktop-phone-mockup_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame D8E5 60 KB
60 KB 32ms
31ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/goalify-professional-desktop-phone-mockup_1.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c685943bda625fc14293f09297b34ece4ac688a912bf8b677c230c4c43081919

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 283134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61664
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Tue, 07 Dec 2021 23:34:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 23:34:52 GMT

GET
H3 200 learn-more-button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame D8E5 4 KB
4 KB 35ms
35ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/learn-more-button.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

950e49306d9bef6a4c6200164d2b5161ca9d765e36627b54334038686891ca52

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 198318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3852
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Wed, 08 Dec 2021 23:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 23:08:28 GMT

GET
H3 200 Goalify_Modernized_Badge_no_border.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/ Frame D8E5 25 KB
25 KB 36ms
35ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17368370350617788416/Goalify_Modernized_Badge_no_border.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209ee5a4d514155febd8dceb1c6c15a3a3b232b4bc467493d0ce6f70089845a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 198318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25925
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:22:28 GMT
server: sffe
date: Wed, 08 Dec 2021 23:08:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 23:08:28 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 3A9E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbRBmAALCgAGPAAz&gdpr=0&gdpr_consent=

0
0

GET pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame CA09 0
0

GET pubmatic&gdpr=0&gdpr_consent=
sync.1rx.io/usersync2/ Frame D0C6 0
0

GET p.gif
visitor.fiftyt.com/ Frame 9F6C 0
0

GET info
uipglob.semasio.net/pubmatic/1/ Frame 9F6C 0
0

GET mw
mwzeom.zeotap.com/ Frame 9F6C 0
0

GET match
a.audrte.com/ Frame 9F6C 0
0

GET p-5aWVS_roA1dVM.gif
pixel.quantserve.com/pixel/ Frame 9F6C 0
0

GET sync
ups.analytics.yahoo.com/ups/58292/ Frame 9F6C 0
0

GET BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9F6C 0
0

GET sync
x.bidswitch.net/ Frame 9F6C 0
0

GET cs
ad.turn.com/r/ Frame 9F6C 0
0

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9F6C 0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame 9F6C 0
0

GET
H2 200 jot
syndication.twitter.com/i/ Frame 9A4E 43 B
170 B 127ms
127ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1639203226713%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22860263f%3A1639072779848%22%2C%22item_ids%22%3A%5B%221469260104990138368%22%5D%2C%22item_details%22%3A%7B%221469260104990138368%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A4054.099998474121%7D&dnt=1

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Sat, 11 Dec 2021 06:13:46 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c71d33279fd48633f17e9935c2e6c4cb3ebd7e2c5140667bae08e7157819a302
x-transaction: 6ffc19688c59c618
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5236 32 KB
10 KB 33ms
32ms Script
text/html 104.96.5.77
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.5.77 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-5-77.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 48ab57cb7771642f95f87f04f505937b8a54c3fe49758d9750c04948bcb87a3e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 17:06:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46765
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9507
Expires: Sat, 11 Dec 2021 19:13:11 GMT

GET
H3 200 Image2.jpg
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 11 KB
11 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/Image2.jpg?1631020188995

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c06fdc1bd99e18aa222f3fef4c45956c023f31785912dae163ab417b9deb4812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:04:14 GMT
x-content-type-options: nosniff
age: 338972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11475
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 08:04:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0C0 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqSBOlkG0YcjjGPXU7_UP99G4oAcAAAAAOAHgBAI&bg=!REelRwPNAAZKWFskSlg7ACkAdvg8WiePfn4Szh4jN9KKZlfWGxEY8nqH3QNhOnq7dtUrt-XZ6whE3gIAAAWkUgAAALVoAQcKAH0VKTHioAG6JDCQ15b3tn6fARTAN9XZduB6iEOFyA3GgqIC7ruwoaHJvYtTtUruqb7cll-wqJJUKxW11DoxFxJXD9ugHG71RJjE4PrYmOW9xSIuamYX3QBcGs-fVXMxxtm2hpzX6OaB_OEoGxA4ZGZ0hbNXTxU1B2ybB0zNW5kDHPAzsdeYN75KDObBHcADZqDJ-S2HUGPctNvM6syFz9gph5lKhNkeZ-K8H9_NVdsvTWSAaF9lxqD2-VfVAyGd8HkKEqDIshLDC01WPS3Iyl3T3YjqJj8mud5Cg5pzLPnGFz-l5-W6I-jTawKUq0d6fhWnRWNnal19rNPSlrFksa3WGFgiUoQbRy3o9duq3E9YaUC7Ur4nGJsg9kTfQ6mMK3RwQlLUyty5n09HbRVFMHSnoR6JK-BsFPAUsscGBRGjKaNQm0QFEtgPjrXjfyOtACeD1x3lPVHvH-Az9p2tOk8hDnYNjuXUXspjjfuHOAhyGYmcFXxTQ5oCnXLWv2VwV8M1HomFZhZSLssR7KpiuBxgRipijQorEZC-sYf0ndibMabKCiZU9aNT47G6A77F7feU6tlfikEJ81tMt9N9BXQtWj2TIRfFyuyxZiW7L6nr4ugjxwk5Yovjw1K3Q6wfby9Lv3OYn52rjT8moIohaK0_ioc4zoLX-xWd9RLbR-O9ZlssBT7ryQdO8IDxX8rBkVWsEoJ9szhZA_151nKt0eXgDp8s3ALKLaVAMsKUnurJ4Oe6YzUT6Zc6Gh4vj3nvOCfau0dqKFp9wK6cD0BjryV9wIhO48NacEATqGrAdT5DEEh6UjJCSVVHRYh9a1sd7RDAyGGlESM1l5YsbDROWB_DdaQzLEeIb2kUeeSXAA7D7mTNXKR_rdtEIJcDb6Xr-kJrt1LdVkrOSS5a-7h2tH4WlawYIhxGFFV04_brBU3coy0MCUb1-fMhgk58KRiV-PfmsmW0U80ZyHsDPrMFBi2z8c88JiQHB_O9Kwi79zNc5pG_HGnU58JZFT2rM5IwPnYZCpNKGWZVJZw6DqAKn74WSOx4Gm3Nci97WTvfb6qG2aLQ6GCz3q31-kk6wBYWSM1ssvgHp68C0cQ9P9FXA9B-_MyAfHgkazixF5X6NH2Sga8e7Vso_YQXd8DdT19M2xsA5xQtCxpbmLS-WWWg2MEwuNreO3A3Q1eEUkPL6jKH3c9cTCYQGlsZVarea_UtKJExejprFM2kq7moMoE

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6993 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1276719430509735&bg=!1Nel15PNAAZKWFskSlg7ACkAdvg8WtZ15pCvRjJ2KMRpmYxBKU03ANUq8JRrbPM_bENRPNEqSta7PwIAAAVUUgAAAL1oAQeZAwR9nIpPwJ9P6uwnw130tD5F2E5SJQHr3doY_v1l3oVIU-HvnV-ig8kAy-DfvaxirboU1GZyzXqniZLzyy7O06fzsJ3LhNtTO0WTva0Yhz2LKN8E4N0HFZRXy78-wbdmMKvMu0ZU5vqD5lwViBBxUPY7AlhXUpy7KKI9uHx_WQTvYdKjt2zG5xifPltUGRGd0r11a2moFQFsdIEElqJangYRPHillgBH5Ah1E53JZKIbZze4_sSxxw5S5ewuX2_1NplNNTDJl3u0VefBAb_sX_tqWAF2zEoNJGw5mGgdL4lKAaSp-UhAKC_8xTan0VDPF8Amg6XSgJSRQmKp491F82aTSHDDx8uI6A-A1wabSpKlGCAsQUgexwHD-gC3xLBoahrOZEd4cLY96iywohUlVfS8qbe47EkmmRlY3pw14u-a4ayshq6DXgIluT6Z1mQV4fJ77WIC55AI_4I_lddXdl_KA7fCrPMBderiBW-ueFieXb7vAr1rSLOfNizeSnAC8JoNmn1M7ImIEc9Up7pXlYz0e5U5tzHMaAKHAQRn-9lSVO7XjcAqKixlWXTEi0erx8FPt2T9rj7U2emIdQk9O52tfOU-xgGveXHF8hLYjQddMIC-bc3bDpaTmc_rOm59eMX3FRHnKAZAwpDb694EORVwxByTql50khmM0Qr1_ZGfOIUvaw4pNYKZwHZ2eX_ZSFxaUWZ3XVprb8_NuX-0kKWwW_mhhy0H8Xyye1pa9_UeT9LxbptO1S2Zlsx94fWQtGxKkFO-6RI8QPjb6jT5q2HOp-dDuQA_wl08Sw8c0iPUVlfYiTbt2S2bcvs_8KcCpdS-pIk9Yh38L_pT5iKszDrmmsfGfEFm_oodzEXTPCzLXQnlhNxPZsJd6qOFsNySQDxNpVqv-ReA9eq-OjIVTAZsa8QCKnv3qO54GGovatci_zc-MuamC5Mayoc5jLo0OnGvxLHuBRWrv497bhRvLuIHvviKF9_xldE59ISm1CXI57SHsf8okQiBsvCxCXLpqOn7D-Ui

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 42ms
42ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=1&tk=0&ni=1&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1200&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=2677&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=7126&le=1&lf=619&lg=1&lh=180&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2500%3A2500%3A0%3A2875&as=0&ag=685&an=0&gf=130&gg=0&ez=1&aj=0&pg=100&pf=0&ib=1&cc=0&bw=685&bx=0&dj=0&aa=0&ad=685&cn=0&gk=130&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2393&cd=1609&ah=2393&am=1609&dq=980&dr=196&ds=980&dt=196&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=15&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=8035&ef=0&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=549037007&cs=0
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7B1 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB_OolkG0YYHqGP2R7_UPou-S2A4AAAAAOAHgBAI&bg=!MzClMHTNAAZKWFskSlg7ACkAdvg8WiOCAP4nhY_lFQuSZFS5QbzI0i6ytmil77kttpO7cFyeV2ViNAIAAAVkUgAAAHVoAQcKACqfpqnM7KTwpAhfg7X2bQyOtvJ3fPWuKqd70YCI01vn35xaMkOGjBhfjBGZAyoeQiCrXbmmG9eDAKYSogm9VY_d9CS1un7N15KD2-z3vZ4FoAg2mMuYIxl76cuorHr6F0dgV-jEywUW5EE8FGbYXDorPG4JTzyBqv_15IH-_7NQEA6KbysS2aHeHGV0zrQBfddvcg57UBC-GPawcXcYtWV4EHyG7VnYsXj53F_8oKioJiCB1cdDtL9ZU9gyGMJKEggR7vN3VwbwP8C44Att00DQ2m90ru4M-Sz6LB-O54NHpRluqHcv9WROxCK2RNzPThKXu6f5pnQtpjDpoBwtEiOveq-CEw1xz1uSqWggXg-H0C7haQpE8PqX-8J4M5s4m9bVctFKfN55-QpaRJDzl_ORcM35nlwjAy_HiyX4Od4egX91Gn9wzvh5CdizI83FX18DJViQYUJKc4nwkytR6uMNL0JTu2rLcr1VoCYXA3qsaMOPVBw3w-tNtUd0_aELx24Eqo1Wizq62i1i5vlOYbxKQZongN2hBC6kaDAWmP0QHSkv-b-ExF--0fjoEvTbbmNwMuJWn-lgvrN6catb2zTrpvlokP2GmCIhQh302MevAQfuhW98YN3mn4YZ8TefBsOXbgBAUFgbNwpcURJLI3RGIZiRKJCI-jDnO90ad0uKURnvKVxFoYnjN59RudYGqiO3YNvOBqPJ_WA-mMlwvClAej3bR6tj9lghUTClWxz6pUIRopJxC6crfyC3Uko17DPV1e0drGsL1zeDtxf6BALMUWcCauBWVtPJM-5DfuAPWWug0ogEGMwhk6lzuuCvzXemBRlzdvAbTgZ2_aGhQ1KK7cd92loqnfucud5yGpI37sZ-Kkx0SIerRx2Ag7nQ2EesfSQxDzOD9toZEQONWSeOIDLtneXHZnaQq1__cbgNvcexsUjNmXR5yWi5sQ_BmelQf4ZULSBD6wn-OnzC3v_fmP3ehTRdupbW0XUJHm-1bfKEYtg-fU4TWamPOCJOvFiwdFjuJ-O7X5JSaSj2SEJDZXiV9QPd-AHvBCTNj--cc_zXPx_LxyLyupDpL-I54Wnp6I4xFdfyLIw7QGfs8FdcIh5ZZHTth7AZwUgEcQt9Ot5y4-MVHGg

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5236 284 B
536 B 38ms
38ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H3 200 image3.png
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 6 KB
6 KB 31ms
31ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/image3.png?1631020188995

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c540fe023bbbf187d8ea95dcb54e0e6d33ff3d7ee0ee17cdc0480a117511f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:13:21 GMT
x-content-type-options: nosniff
age: 316825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6487
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 14:13:21 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9628 43 B
215 B 186ms
186ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=8000db06-ed7f-f805-dee5-99893651b3cf&tv=%7Bc:wsWU9D,pingTime:-10,time:2415,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639203224752%7C%7Ca5e9904526aa9d276e6f3e55681a5712%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cde2d9856d0302b15ad4d9d3df28fa0da%7C%7C07abaa0113d4e2ba7bdbc91ab18a974f%7C%7C3ad0464491c2e08b2473716c71ed1ba3%7C%7C01d927e84ef3a2891b0de825ab2c5ba0%7C%7Cc2e5ceba46fadfb8414677fd9ac52983%7C%7C1629390669,sca:%7Bspg:819cbadb-fd53-9bd0-35dd-37e3ec439e08%7D%7D
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 image_tv_4.png
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 6 KB
6 KB 32ms
31ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/image_tv_4.png?1631020188995

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48107cb12c6e6d38bc0abc4a562a5630b31d751d6462133a15e38d537aef3060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:04:15 GMT
x-content-type-options: nosniff
age: 338971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5776
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 08:04:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E568 43 B
215 B 186ms
186ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=97568912-889a-426f-19c7-f18e2d1893d3&tv=%7Bc:wsWUaJ,pingTime:-10,time:2472,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639203224752%7C%7Ca5e9904526aa9d276e6f3e55681a5712%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cde2d9856d0302b15ad4d9d3df28fa0da%7C%7C07abaa0113d4e2ba7bdbc91ab18a974f%7C%7C3ad0464491c2e08b2473716c71ed1ba3%7C%7C01d927e84ef3a2891b0de825ab2c5ba0%7C%7Cc2e5ceba46fadfb8414677fd9ac52983%7C%7C1629390669,sca:%7Bspg:819cbadb-fd53-9bd0-35dd-37e3ec439e08%7D%7D
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ad Show response
v.lkqd.net/ Frame 1D5D 2 KB
2 KB 131ms
131ms XHR
application/xml 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=34520430&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5eb45f4b4af3c8248423311109376fc2a15232f5545eec02daa1f089bd1fe176

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1401

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D051 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3893877200361406&bg=!PT6lPnrNAAZKWFskSlg7ACkAdvg8WnIG5f6jW-_GQCofqwKlXVoNCSzrqNYdRfmjppxkfIdBqxdgaAIAAAR-UgAAAD1oAQeZAwqShZlawxR0bBpqoeOHC88tO_DPnNPKfKij7lP3ZwVNA4fAE2vl-2I9mrVFJ0nws_D6QegRPQUtGMvXFZn3bhmC-vSXKOU9PQzP_HhFb2ScvVexRDo8PJ14IbaDP9jQ2VIwn3-cdtFUp-zscBwXfzi7FuWbd25gpwDm64H4ugenD0XSIPzRYj85QBbvO-Ihf9FKZxrrP7A_Ql971pm_LegiTqqdvCCHH2lsfeFIy7TN2ZYzgkG8nLKUxiLlPToqCCk1PN4bHOmawIvr3YGDNFgeBCEKBgdYmQA3J2Ow9HwOPZ2rMFhDL5b7Y63shYfNMf7Fx6UDP7QgbufneQDiSrC9hzoJtrKA7vlQkb1RnlQyHr8_H0X5v1t7h3t-oM-bdavaHOfj6i1-Czhqs-ayaocqtSTAiCk8M5VD0dO4RKPe4PURtsuAdlv5SF-N0B8_dXtPTg-3NCdao1TorkRQ5WpIiu5SGmh0GUfWlN9Cd4SQUbZnHQKTw8TTwF-evEqP-SsZNMaSUxdPBtjFuBkAZ3WkMcItyJz_qw5VZmHNm3Dn8zwF5JGoBeOYb9f94ai3dxq-Yt3cCwmXVv8gdoPuoSsyBntemFZEyHRoUO4cD1Yg7uDKlfdp-RZE_DVPCksR9gIMzCqXGqBF5idAYWnZjpHrIyx27tWxTAWG1A6RfgSGjb8_Iyo3vTYe7l70nUI89RzdPHv-IcTzE7KyJ9oLyu2wBefYlLv1tvOJ-oMgeVRcPKZUe8sHQ9OUX9GRZzXnvnFxHv5fymb6hG46VTErD9NaIlhS_j4okbydGhwyQzCA_2ZOhIEEobeAcYLuEoO8RWzmx4in2bVtO1cAVuR3FPtu7xhiCgFwiihIxpUR_wzAHFGqg5rn7dPVOepsghLuURPmoD-zm41N59T0SUn-hJ5bL4QQIt5w_9t6p4L6Yanq_aQNfzKBZm4ZXqUDptcRpMnKacYx7Juyk6y8hR-MQIvlGkok5lTLVIt1XAgIqJgXEq_le-NACwI6syxjpZK6lx7AjRaI09Oly29g

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3FA 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWvPJlkG0YcLhE5mwx_APur-7-A8AAAAAOAHgBAI&bg=!5uWl5aHNAAZKWFskSlg7ACkAdvg8Wt-P_-xwE9EMa_4bB1FrpWjoOR13ZrCMZ-qbuqKKSH-4239piAIAAAMSUgAAAERoAQeZAzzFpCEBPvJ_6Oph0PK29t7xqt3ZKeQ-M5xuzPhBaBzQJMGCJxlzSe1p4zvgydPtrPY7USrwsXS04zsOLt58_306mf42zna1ZT2V_-4R9SpZ_Fo65KnmxHW7wIg9DgL54tKrUPuvHW-l6QWyt5ouDDPBcj7T_VRFFkxj5Nn3usEPhyKyca4BOBjwWHisPMsTtS5IZp-KCbT8h02o_UZYl0Zt_dUwYt77FsVFsO4WEmpasTdSVYHrtWHyG-ZZJ5s_0fyGLs_K1errRVpNLwj-g3pMzS4U0TgEwEQ_qNFDy9mzB4h5nLjwLoOk_69eF2ts54wMVOR5nY_l7sPa68h5tzwTXVhXiBJOhLijeeoLRluJDdzfeOJTbEymPdNGX-4a829J87gDtPtuRW-GmosdJGVZpM6v99QmW0vOjxE-j_TuWRcsv64cZCMkxhbk90h15OJ4GgyvQu8Xrb5gOdmCuTLofEyC1P9a8l5CSfN1XkDSHxRHMOhW4_ARbaPL6CeHduus1aSGKnvkORlHQk1d-Zogsc9STJkEEhrfnSbgCPVhahreNHceVAD92FpbLBtoW9xydkytm_CwcH891PZPWM84LOMzgSRVx0I6k29mJZzPqyzYv6aiV5a_GhO3payTyAu7v2hJBDvzrV7_XzkIhw07Lb5bD0XNGWIzxESyNchJ9icZbkn-GRas5Xc8emBcXSvimngo3b91_6bdB5U45QiwFWSRFpxdKCha5rlHjBCaMC51tzlWyCFAv8bB-xJeXQB3pfmlUSjtWSpGML-yjzQkcbINp47oeZpgctMUvUj_MxHXdvoSUCH1bHYIPvqYl3EzdB1eoAB3ftx5chgKcv7CNBButdTWv9t7FAt_3p1Rw0whBD0nzVlSGQenxCKCphfaJJuHdknd4NH5weHlHdyRrIzTe8a7_V7nT3Yw_ILH4NURxdD-m-mfFPXv5mA2IIkkTUoNoIubhtrdNF5AgD3o7orgqQD7dCUa5mxrRupa43OxK6qGdRMO1gbHRw6l95TqIfCK32QGDgSOsUsDwITMvT5GQgPFbuyD0kdrAAqlKbMCMP_6baPrAu2qk3pvoWzj3fotl-TLJR2vmjk

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 PRIX_50.png
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 5 KB
5 KB 31ms
31ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/PRIX_50.png?1631020188995

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbdffacc7d4d7406ea299e66e74dee720372b9bebc5b455d3f1d3a803fdbdc20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 10:55:15 GMT
x-content-type-options: nosniff
age: 242311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5070
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 10:55:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3714 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvFnQlkG0Yd_DJJ6K7_UPysuWkAEAAAAAOAHgBAI&bg=!Tk2lTQnNAAZKWFskSlg7ACkAdvg8WocBangIRTXviMw6iNzCz9eu5BkiqDkQMmXPRpAiS6WbGIobVQIAAAKmUgAAAFtoAQeZAy-qOPl9W0q8vGhLgbmxlj7ZcGa3-PujYzPIJ-mRtK-17ScSHhAenS5ciIJYGRLPNaw2btTd83Fn35Y5iHg-CFuTpgkQD2xcxshZRzFka_CD7Xl3wlKC-DVgYhiOM0-Slw8XFlJUwKuXPUJi7v_jW4xCQdWYZyvZJ6v2hwAIF-_kigdVkhpWJSZdyglXD0oDPnx8UPOABcy0w1aVJ9Yq7hGzjUfmW3iUNULEq3W4WTI2n6qTmu3lzDsB16bOfvLhqBnY-doTQeCq7ddUIkA2mGzu_oDxJ1B00_JtEA4fLKpsF-0sIWW123PI7rs9jbsevpq2iDN5NSzAzUsC73RzEl2AtwsJ-RkAXnSHibk-U8ZhPM3ppesVMUr-Qcvs_t7wwV6rvW27g0V4-LWU2wUS3I5dlDFD-Zp2ybemSnn2j7jXB6u9Jr68ThcfxYEVgbF2nlqprUvgsgCcLEWsKMmQjGcUNi0_stzqB9fumPYkKSQlyFFn_qh45LG4k9gQK1tbD06tLDlBFl_9ObaFPcdmJVCbJXkX1lfMKG7_s2UAdoPO-lYyZ4-kemyKeimL9z-sP7Q4E6XunbVcHylo6miooFPGJzPdCh6c9yk_lmkkygGRGFKFdwhso3chw2ZUyRjUkUYgVdt3_wei8rTv6putt2QY__CmDiUe6kn_ePbOCRNkxmJuIsTOFWb-SaWNojDk50ifc3Ynm_vsZXW7Qft-r9-ZgZst6hhx952511iaqArUg8GKIL0dLkIYKMrtKdRfxO_rXR2YHmghX0xNgsWm4k8EnnLysMIsvJpelvnLOhU35CbotlBlPJNd3piiiPCjbqrjOa1qDzDldRocFY25GTKXX5XNk9Fx2GM0JvNGq9yT3__b7YG-14o7-qcxoOe7uGAqIzatodiXoMRTl01hsmNvgAMw95AVafVN2UgjMKzDykifKtBrfs-nmWA5M3KAW_0V2z_vSqQtpIfIIp-ZsnqJCx5aPM93Q8iLxrT4_GVbs0nN1oI37VaihrSyBeVJ1cqbkv7fwfKEbMuBRSJvMZir-uzJMoJSe_sbTudeGO2zGoj5z1QmcLDOiRdXj8fGlg

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D667 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpIRFl0G0YbqgJtHs3wPZwJ6QAwAAAAA4AeAEAg&bg=!np2lndnNAAZKWFskSlg7ACkAdvg8WkVrhcIFBvvFx8m_sZ6L1NXM3fTUvQDlDUOZqcL7HS43ImfIAwIAAAHEUgAAAAxoAQcKAA6N8_vYB0zLyKnUSUAGbpkDCnyZDcQl5LKrneHVeKs4FZmTpHV-HYRdDDKD6I7OP9q2gn5Vo6PFFgQ_H9fnSARHKbrWO4Roe6tpRMUu1_fXi7YF1R4D8JK98sdwO1P3h_EGQ7wYjj5swi3a0sqFFfisQaoo-zwe2vt8wAGstHAdw3wSvt5gpEZNkzybF8IRkCEYO5b4oGe7ucvSYyeEX3ZC__SR4ZwWGB-J6cc329fmAUHuu-eixPnOLK1v-dJy6ltyuZWF3oB8WGPuc--xBplKaRL4GQrNT-GAR-hKyi_2fAIP-WDwczx_PnftqxYG24LPBTbPLb1wz9esbLlZZzcHJ3qJXXY4mLfY4MXagVwuRYGrG1A-AZWFcPFEEiQIrl-5l9efCjF_h--dnFLxhstGwQe50_--uARDqviTsRHVPVkHrhoI8I_Ro-N7MqDrg59a8G3shaw6t-UlyRq3FXwMOEk4_ZadktnHmmCOnmL5snrdq_CN1HpFlLEv3_AQ9QnNxkZcG-qXqWL7btRwAQ8N5gk9UDTvKKQnYHYjSPZN2IKglEl5uWqjUh8o3KgKuvcWjTFlj7iGBhXMNCLeRium6Rv09pcuvLR2G_zlCysrCIqa4lWXAS2T5njw4YjZCiZgYhzw8c1Pb3_AhQ1fpMCQVGBfeHNI9mHMS6eYnnM_5ftPfhWsXDwtXjay9P-W5XVNMG8xGBqc0rXMaW3SVv0NbwVuH6X3FopvFJaAm843hlUsnIHIVtTNJy-K7K6K_0v6cwlInnkA5X_OwiKvfqG8YPLmUHdteruUmdIBBW3JcF2wpy28nxAIwMLWmO6X_g3nA-ZobfhN7K6PsGd-f4A3WZKGtwPvq3wxspmR8BMdOEPs3UiAbDjcKu7inMyimL1RNtm3y60jb2fr5lF7UXdc1Muq-sCGzrm8JPSSt0bCJRQXqOZWMd-jJwVRm9eGJfdruJR1D2vqlrkkus4ICwYzUs_p7AxdtOzQstl-BJOmWl3JBTAjfsl8BTxt1acK78t1tcDyaaolWrELWot-M1MpOxSl2SuB3f0rHT8

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC45 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvcwCl0G0YeqiJvPH7_UPhJ6LqA0AAAAAOAHgBAI&bg=!h4SlhMDNAAZKWFskSlg7ACkAdvg8WgQgdQQCGJy1DQmFyPT_-c9C89wyaM0QHQKWZGx9SdXO22n7nwIAAAG7UgAAAAxoAQeZAyKiQOaYGCSr0x8qXN0hs_1RqFlKZIJofOGye7_gJ1vu3sk4e8Q6P2zHmpbv5pL32rLtUuclT10urztzUuZ4LdhJxMQKru7B6MsReNqfJThnVCg4zI4dQKRA_-Qv7wVp1FAMvF87i0V8Vnq8GscNxIGz_AiEmSP_d8kclWGqp5AmdBeykTBM_tq6pOYE9Rz_oQaUyygh7-C2I4o5xy4v0WgEa7xYaq4Is_v9GcWGKMKMveKLpz_fRHPkyMqC6ua3YXoRZENwwzf-ZVKabJ_PGEJDQApOr4-A-3v5o2suCHt7t5t_8WBLJUXfew0kzVHuHk7RpX5MRtDDIQqYsCdEZSbKhFhL_rvs8RxsSGY4g20XfYQhMo5njjcpnfajWat4LiMOLGxrwR8mDgKTcZrlYl1qxglpZelUGh7AxtbinhLmDTfMhkmwXoX2Asmidgq3yJ2KEhmN3Tc_uDd2PQOkfizGmx95R_7rFuNIC53X32dWSrQ58pbPAK8SdmWuixd34ZE_2bW5MQckkZ-fRWwTM7SmAkpirJlrDeLBvD4EtmFxlIcD25GCLBanMhKsC7D8TjQR5pMqnPWggUGrUDlYzqAOf864UsMlJDi03FpI8ZUKiqhGtgPg2PXxWpPfwyxpX7lI0le6Q4gWq4XZyRPiux4k0MFMgg19Lihbq_NpAmxV6ekdXY6EPcgh2mMgYItPvAq0aKwFg4VSyTlyCqVXZMN9RQvczM7noF24zssiyCMRkFt3cb0p7QtRX3pqEx8Mz7LvwLd9MWbGoM38hC46xXf-et_Ydw39TZbjuzkh34Wcy5oZT10ykrMN4HB0q5vwBBEg6noQbUXEFltES2C9I_bKK49yv9NHOuzhhvSne30hIKpb0KeS4m78WnnIUW-osscECKhL8OMS_UJd_OI0G1GsMoP05_dzLb39gD0Yb0yLDsh3ynQp7Sc1nGu2IoTJycpYptCzXoSmlxuKxSrN9IdP_JByR6FZeff5WnSrBimGRkY43mnfGnlll9-FtNwbeG_ZmNSu2OpJwmpUyhPeW7NI21CR6U_p0CinFCeOnER_9AnL

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SHINE.png
s0.2mdn.net/sadbundle/11762666145489434432/html/ Frame F86D 6 KB
6 KB 31ms
31ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11762666145489434432/html/SHINE.png?1631020188995

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd8088042323328c0ab329a44288949cd7be0b5fdecc97a4aae92cbd7e0b26f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11762666145489434432/html/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 08:08:17 GMT
x-content-type-options: nosniff
age: 338729
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6510
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 11:43:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Dec 2022 08:08:17 GMT

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 90E8 230 KB
61 KB 23ms
23ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639203226.cds065.lo4.hn,1639203226.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 57ms
57ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1183
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6bbc91a7adfc3754-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 14 Dec 2021 06:13:46 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 7491 5 KB
2 KB 22ms
22ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639203226.cds065.lo4.hn,1639203226.cds074.lo4.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 117ms
116ms Preflight 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=34520430&m=&rtv=1&thost=www.diariodocentrodomundo.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:46 GMT
content-length: 0
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame 90E8 79 KB
5 KB 546ms
545ms XHR
application/json 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=34520430&m=&rtv=1&thost=www.diariodocentrodomundo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 41cc3dda60590ed64ade500977090a4a7ff8a6d77b8e2e6bee68c8ae4d0cf436

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5267

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 43ms
43ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=1&tk=0&ni=1&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1200&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=3136&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=7126&le=1&lf=619&lg=1&lh=180&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2500%3A2500%3A0%3A2875&as=1&ag=1145&an=685&gf=590&gg=130&ez=1&kw=2887&aj=0&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1145&bx=685&jz=2887&dj=0&dx=1&aa=1&ad=1145&cn=685&gk=590&gl=130&cp=2887&cq=0&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2887&cd=2393&ah=2887&am=2393&dq=1474&dr=980&ds=1474&dt=980&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=15&vt=25&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=8035&ef=0&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=1674920745&cs=0
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:46 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame 7491 43 B
308 B 108ms
107ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7491 43 B
308 B 109ms
108ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7491 43 B
308 B 117ms
117ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7491 43 B
308 B 109ms
109ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 7491
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538

43 B
308 B

110ms
110ms

Image
image/gif

146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/0150d19a-6edc-47ef-8a9e-748418205bcb/ 202 B
621 B 412ms
358ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/0150d19a-6edc-47ef-8a9e-748418205bcb/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11e50d643a892a86a349e85587255b4a723c9837088605cb647e03b4e48d1aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1c0a74dd-c2a6-4e3e-84ca-5d4d586fdddb
x-runtime: 0.008014
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"11e50d643a892a86a349e85587255b4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6bbc91a8bf7e375c-MXP
access-control-allow-headers: SDK-Version

POST
H2 200 t Show response
t.lkqd.net/ Frame 1A67 0
176 B 109ms
108ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:47 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

GET
H3 200 dcm_192-1.png
www.diariodocentrodomundo.com.br/wp-content/uploads/2018/02/ 7 KB
8 KB 469ms
468ms Image
image/webp 2606:4700::6812:170e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diariodocentrodomundo.com.br/wp-content/uploads/2018/02/dcm_192-1.png

Requested by

Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:170e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

438ab71c93631fb6e1d823b39b0e219349c08453cbc954d8423c89a72aa5035f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=13552
content-disposition: inline; filename="dcm_192-1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7582
x-xss-protection: 1; mode=block
expires: Sun, 10 Apr 2022 06:13:47 GMT
last-modified: Mon, 19 Feb 2018 16:37:18 GMT
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3153600
content-type: image/webp
vary: Accept
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 6bbc91aafb9159a7-MXP
cf-bgj: imgq:85,h2pri

POST
H2 200 OpportunityServlet
opps.taboola.com/ 1 B
80 B 30ms
29ms Ping
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://opps.taboola.com/OpportunityServlet?rst=30
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203227.424775,VS0,VE10
x-served-by: cache-lcy19223-LCY
x-cache: MISS
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1
x-cache-hits: 0

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
132 B 62ms
61ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 43ms
43ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=1&tk=0&ni=1&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1200&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=3745&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=7126&le=1&lf=619&lg=1&lh=180&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2500%3A2500%3A0%3A2875&as=1&ag=1754&an=1145&gi=1&gf=1199&gg=590&ez=1&kw=2887&aj=0&pg=100&pf=100&ib=1&dw=1&cc=1&bw=1754&bx=1145&jz=2887&dj=0&dx=1&aa=1&ad=1754&cn=1145&gn=1&gk=1199&gl=590&cp=2887&cq=0&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3517&cd=2887&ah=3517&am=2887&dq=2104&dr=1474&ds=2104&dt=1474&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=25&vt=38&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=8035&ef=0&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=2127924118&cs=0
Requested by: Host: www.diariodocentrodomundo.com.br
URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:47 GMT

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ 0
153 B 211ms
211ms XHR
text/plain 52.58.61.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=340150001&w=400&h=225&skip=1&req_type=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&l=EN&dt=2&c=GB&pid=52453&sid=&sname=&d=diariodocentrodomundo.com.br&sp=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:47 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
477 B 207ms
206ms XHR
text/xml 2600:1f18:612b:4200:8560:f9d7:993:6d2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1682501559731731496375373817%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8560:f9d7:993:6d2d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 598ms
597ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=250624230&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 53ms
53ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&cb=1739100865&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C7317314963753738171203942644%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:47 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000285
X-SpotX-Timing-SpotMarket: 0.007362
X-SpotX-Timing-Page-Mux: 0.001528
X-SpotX-Timing-Page-Require: 0.000314
X-fe: 074
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
Content-Length: 77
X-SpotX-Timing-Page: 0.012468
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000276
Last-Modified: Sat, 11 Dec 2021 06:13:47 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.007362
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diariodocentrodomundo.com.br
X-SpotX-Timing-Page-Misc: 0.002670
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 594ms
594ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1985730058&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 588ms
588ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=38250012&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ= Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 586ms
585ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=254420267&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
920 B 49ms
49ms XHR
application/xml 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C731731496375373817416410295%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9fd5675a585df4b308f18d51a2e215f5e8213f9b8ad4c403c404bd5226a6e180

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 650
expires: Sat, 11 Dec 2021 06:13:47 GMT

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ 0
153 B 206ms
206ms XHR
text/plain 52.58.61.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=1636906399&w=400&h=225&skip=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&l=EN&dt=2&c=GB&pid=52453&sid=&sname=&d=diariodocentrodomundo.com.br&sp=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:47 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
920 B 48ms
48ms XHR
application/xml 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1986138870731731496375373817%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4d4cdf10e7bb2dc5f02bd7eaa0d566a920ce87f27020163d8dd283b0f238d28b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 650
expires: Sat, 11 Dec 2021 06:13:47 GMT

GET
H2 200 ac6e0de49ebf999ed16adfb2a3995048176da9a20fe1eba93b715604b93dd758.js Show response
web.webformscr.com/formstore/ 4 KB
3 KB 21ms
21ms Script
application/javascript 151.139.244.12
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webformscr.com/formstore/ac6e0de49ebf999ed16adfb2a3995048176da9a20fe1eba93b715604b93dd758.js

Requested by

Host: web.webformscr.com
URL: https://web.webformscr.com/apps/fc3/build/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.244.12 , United States, ASN33438 (HIGHWINDS2, US),

Reverse DNS

Software

nginx /

Resource Hash

85563c7c1fe02750c071af9ea15ca886facc373394cdce2039c0931990ea4a1f

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 data.sendpulse.com .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com .googleoptimize.com .privatbank.ua .cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
x-xss-protection: 1; mode=block
x-sp-ma: sp-ma-1
last-modified: Mon, 04 Oct 2021 13:54:30 GMT
server: nginx
etag: W/"eff-5cd8740814530"
vary: Accept-Encoding, Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *, *
x-sp-pr: lpr9
cache-control: max-age=86400
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
accept-ranges: bytes
expires: Sun, 12 Dec 2021 06:13:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 43ms
42ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

834a2f4d116aa3162084634e39f181a58950fc9a5da6456c5663a8a69b01771f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8451
x-xss-protection: 0

GET
H2 200 default-handler.js Show response
web.webformscr.com/apps/fc3/build/ 19 KB
7 KB 22ms
22ms Script
application/javascript 151.139.244.12
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://web.webformscr.com/apps/fc3/build/default-handler.js
Requested by: Host: web.webformscr.com
URL: https://web.webformscr.com/apps/fc3/build/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.12 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b1d04efcbd2664c9f89e3c37bebb8a6dab4ddc04382c986639b487eb418736b2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 08:08:48 GMT
server: nginx
etag: W/"61921590-4cb9"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-sp-pr: lpr8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6789
expires: Sun, 12 Dec 2021 06:13:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Sat, 11 Dec 2021 06:13:47 GMT

GET
H2 200 mobile-detect.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/ 37 KB
14 KB 163ms
57ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/mobile-detect.min.js

Requested by

Host: web.webformscr.com
URL: https://web.webformscr.com/apps/fc3/build/default-handler.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 705134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13328
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f25-9341"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdHWw%2BOmxMBtl8HWgkSeJSn384n76VXXKaX4imcw9pddmYtKIsZuuxRp0VHU1BWoY7Luds90KiSAd8gmVthvGOexlSmYi6oqcYvviI3Uwme5PpXQrRV%2Bv0rZ923Z9KuGCTCzG3dRduM1LjtjklEb0D%2BT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bbc91aefda059dd-MXP
expires: Thu, 01 Dec 2022 06:13:47 GMT

GET
H2 200 form-defaults.css
web.webformscr.com/apps/fc3/build/ 53 KB
22 KB 26ms
26ms Stylesheet
text/css 151.139.244.12
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://web.webformscr.com/apps/fc3/build/form-defaults.css?1636961134827
Requested by: Host: web.webformscr.com
URL: https://web.webformscr.com/apps/fc3/build/default-handler.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.244.12 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 090b1952df7896a377876338f639f0d1df0fb7379a9ab41a512b46cc0174b927

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:47 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 08:08:52 GMT
server: nginx
etag: W/"61921594-d4ff"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-sp-pr: lpr9
cache-control: max-age=86400
accept-ranges: bytes
content-length: 22158
expires: Sun, 12 Dec 2021 06:12:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 43ms
43ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=1&tk=0&ni=1&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1200&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=4182&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=7126&le=1&lf=619&lg=1&lh=180&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2500%3A2500%3A10442%3A2875&as=1&ag=2192&an=1754&gi=1&gf=1637&gg=1199&ez=1&ck=2192&kw=2887&aj=0&pg=100&pf=100&ib=1&dw=1&ka=1&cc=1&bw=2192&bx=1754&ci=2192&jz=2887&dj=0&dx=1&undefined=1&aa=1&ad=2192&cn=1754&gn=1&gk=1637&gl=1199&co=2192&cp=2887&cq=0&cr=1&ew=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3924&cd=3517&ah=3924&am=3517&dq=2511&dr=2104&ds=2511&dt=2104&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=38&vt=48&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=8035&ef=0&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=696611996&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5C4 13 KB
5 KB 31ms
30ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sat, 11 Dec 2021 06:06:36 GMT
expires: Sun, 11 Dec 2022 06:06:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 13F6 783 B
535 B 42ms
41ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

852875ce4ec7d157f1ee8194dd6156c6025dd18c81862642a880d67ddf763622

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YcwUKE4FpsrA/KzzOswDjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 11 Dec 2021 06:13:47 GMT
date: Sat, 11 Dec 2021 06:13:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-YcwUKE4FpsrA/KzzOswDjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 13F6 0
0 55ms
55ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=1251004319598717&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E5C4 35 KB
13 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Dec 2022 17:20:09 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 1A67 0
176 B 197ms
197ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 90E8 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame AA2B 152 KB
36 KB 50ms
49ms Script
text/javascript 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C731731496375373817416410295%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1FE1 38 KB
14 KB 48ms
48ms Document
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C731731496375373817416410295%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=116019
expires: Sun, 12 Dec 2021 14:27:27 GMT
date: Sat, 11 Dec 2021 06:13:48 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AA2B 38 KB
14 KB 44ms
44ms Script
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C731731496375373817416410295%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=116019
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Sun, 12 Dec 2021 14:27:27 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 1A67 0
176 B 114ms
114ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
21 B 66ms
66ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=1251004319598717&bg=!7e6l7qrNAAZKWFskSlg7ACkAdvg8WujIePTVbk7v8DICfUvWgd1fJV_b19fd0NQvb2tMkm0ziD7X_wIAAADFUgAAAA9oAQeZAto3SmN_wk2soDRP6qsY_kZBdn24mvJ-coL2R7xSK79SEGXd88K-E7X_JPjB69mKMnBcjKAMUgI4mZpefTB-79dEiPBIYp0GZdhnEMKe2_Kgrqg_k-XGZwN9s_AxllYGGabgmTm5hcuxe8xhdxdGYhz01qPXt-4raeoS_VHv1sOti-kr2Q-eahr6cX7wbvPxqmffTPkVZYQvLf8Dw7dRduVzYE3e8sW7dWWJ9LBthgnhswvDEDk4DofBnEz4ij2LaTzL_Ha_1YfvUPV7-dss7G20kSgo0ktni2XuhVf5wEFIgEQ5-bdm2Jmk8He6THmgyStCgqEfGELTO_P5_btv4hWNC1JqYppUhn_01Xo2LbM2enLKflMe8f6RCSEx3owWSHhL2UdMUjt0c8Gt5PyDnP7t9Og3brJJFSf8xKZbR1E1X5RdV_FP1dG5Ew5NfTSEZSIil_zztFjngWzUtZb7GOPE_gOA46qDspJbQ1YfJIMXzerne3z67_6H0tHm2BgreB5md3ot7MDGdLPQb7B-AQOrKNc9OAwpATSQphwNSmmZ1W2Uj52G-zQRopwMhCjvOxvP3CJkbF2IgcQDty1eqTr75MD8Y2djttvzmrlrx9mI3cIebLcPVemmnnc7aZeyZ0N4gjC6Kb0yDW7N0-i9fdCoCwVkvZwleKWpbyDFFbRxeCYNX6vwk4nhp_YoAnXS4z2E6jP84BUJv6GMAUViL0ijOuGfkNvH94H9mo7Fwfn_SzfWnMMSQG-bZipbXWdbqYqLul8de-YNNadT32_UJCGg0HDUN5s_MxL_icUeOWpdBC3JVNVieuJ0cUuyfXEfUvU6wnEcix11wxuqW4-rwiMq_iuTBko1a0Rsr2QCSEZDOYoQsa-ZGNYgKlTWPkLiT1m2AbF47XanHH0RZeri82ofO4BDJYNPg-87W8fus255hQ2n8Rhx-Xi683ExWCmH8BhMN3HxO5KTnOmi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1FE1 2 KB
2 KB 19ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95295274&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f3f20c973746f8c46e687631274d7d12ea6f92b83def552d85a4dfae1111db1e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1687
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 662F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CR2QDSQDSipCyTGN5xqJZ8IkbqU

42 B
376 B

25ms
24ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CR2QDSQDSipCyTGN5xqJZ8IkbqU
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:47 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug005:0:403
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Sat, 11 Dec 2021 06:13:48 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CR2QDSQDSipCyTGN5xqJZ8IkbqU
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7546
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
107 B

24ms
24ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:48 GMT
content-type: text/html; charset=utf-8
x-lat: amspug006:2:264
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Sat, 11 Dec 2021 06:13:48 GMT
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8584
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rxa6YwO0qO4vAM2IMgzaX9m1

42 B
526 B

25ms
24ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rxa6YwO0qO4vAM2IMgzaX9m1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:47 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug015:0:378
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Sat, 11 Dec 2021 06:13:48 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Rxa6YwO0qO4vAM2IMgzaX9m1
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame AB76 43 B
408 B 102ms
24ms Document
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Sat, 11 Dec 2021 06:13:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-3
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 00CA 15 B
915 B 194ms
75ms Document
text/plain 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bbc91b20c5559e3-MXP

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 24E7
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=718034e3-8936-4546-881a-c434330eb603-tuct8adc716&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
62 B

28ms
27ms

Document
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=718034e3-8936-4546-881a-c434330eb603-tuct8adc716&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Sat, 11 Dec 2021 06:13:48 GMT
via: 1.1 varnish
x-served-by: cache-lcy19223-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1639203228.384092,VS0,VE9
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=718034e3-8936-4546-881a-c434330eb603-tuct8adc716&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Sat, 11 Dec 2021 06:13:48 GMT
via: 1.1 varnish
x-served-by: cache-lcy19223-LCY
x-cache: MISS
x-cache-hits: 0
x-timer: S1639203228.354725,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 9DF8 43 B
281 B 209ms
53ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: ragnarok-5b4b03e37a04@version_1.362v2
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 0ms
Date: Sat, 11 Dec 2021 06:13:48 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 1FE1
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3824068872
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E

0
268 B

69ms
26ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:48 GMT
via: 1.1 google
last-modified: Sat, 11 Dec 2021 06:13:48 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E
date: Sat, 11 Dec 2021 06:13:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1FE1
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6ca12f74-645a-4368-b125-b49f6d5619ee&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
341 B

25ms
24ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6ca12f74-645a-4368-b125-b49f6d5619ee&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:389
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:6ca12f74-645a-4368-b125-b49f6d5619ee&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sat, 11 Dec 2021 06:13:48 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1FE1
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3404206974503617722

42 B
110 B

24ms
24ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3404206974503617722
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug018:0:301
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:48 GMT
X-Proxy-Origin: 194.36.110.165; 194.36.110.165; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f9bd662f-3cb9-43b0-98ef-8f6faa55b239
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3404206974503617722
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame 1FE1 35 B
238 B 313ms
100ms Image
image/gif 50.19.62.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.62.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-62-27.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:48 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 42ms
42ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=1&tk=0&ni=1&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1200&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=4615&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=7355&le=1&lf=619&lg=1&lh=180&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2500%3A2500%3A10442%3A2875&as=1&ag=2625&an=2192&gi=1&gf=2070&gg=1637&ez=1&ck=2192&kw=2887&aj=0&pg=100&pf=100&ib=1&dw=1&ka=1&cc=1&bw=2625&bx=2192&ci=2192&jz=2887&dj=0&dx=1&undefined=1&aa=1&ad=2625&cn=2192&gn=1&gk=2070&gl=1637&co=2192&cp=2887&cq=0&cr=1&ew=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4388&cd=3924&ah=4388&am=3924&dq=2975&dr=2511&ds=2975&dt=2511&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=48&vt=57&vd=0&zMoatSRE=0.046875&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=8035&ef=0&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=482658898&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:48 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame AF28 2 KB
1 KB 140ms
140ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=462&height=259&pubid=169497&tagid=953497&crid=4711345&noaop=3&sortOrderType=0&cb=1639203228775&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1308&pt=485516089&tz=0&viewable=true&ddast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&dtagid=1682865&dpubid=224845&abtst=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 04b55e93a58888caabc82afad517da9836e7301ccf9edc09dfd7809849df8de2

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
content-encoding: gzip
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
machineid: 1473
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lcy19223-LCY
pragma: no-cache
server: nginx
x-timer: S1639203228.389143,VS0,VE122
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame AA2B 27 B
366 B 88ms
87ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C731731496375373817416410295%2C%2C&us_privacy=&cb=1639203228610&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-11%206:13:49&ranreq=0.4523813395509848&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C731731496375373817416410295%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame D67F 152 KB
36 KB 49ms
49ms Script
text/javascript 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1986138870731731496375373817%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 track
aktrack.pubmatic.com/ Frame AA2B 0
61 B 34ms
33ms Image
text/html 23.200.212.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639203229&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.230 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
content-length: 0
content-type: text/html

POST
H2 200 t Show response
t.lkqd.net/ Frame 1A67 0
176 B 109ms
108ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 555C 38 KB
14 KB 47ms
46ms Document
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1986138870731731496375373817%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=116019
expires: Sun, 12 Dec 2021 14:27:27 GMT
date: Sat, 11 Dec 2021 06:13:48 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D67F 38 KB
14 KB 44ms
43ms Script
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1986138870731731496375373817%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=116019
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Sun, 12 Dec 2021 14:27:27 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 555C 1 KB
2 KB 19ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60148168&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1e055bff06cdf3e1bf729d3a1e3a391b280510c0cf7081fd44e00753ee33f2bf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1236
content-type: text/html; charset=UTF-8

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 29DA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
422 B

229ms
220ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 11 Dec 2021 06:13:49 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bbc91b7788e83b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sat, 11 Dec 2021 06:13:49 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 2497
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bbc91b60e9a83b5-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame FFF6 0
44 B 284ms
91ms Document
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Sat, 11 Dec 2021 06:13:49 GMT
server: b

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3386
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:PAmdXcfL1MVVDL5&gdpr=0&gdpr_consent=

42 B
290 B

24ms
24ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:PAmdXcfL1MVVDL5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:48 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug009:0:479
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Sat, 11 Dec 2021 06:13:48 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:PAmdXcfL1MVVDL5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0f57142fe7121e10b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame E21F 0
114 B 286ms
91ms Document
text/plain 38.27.122.158
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.158 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 11 Dec 2021 06:13:49 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4C69
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:140DAD53AA5B465DAF41E2F6DE600022

1 B
68 B

24ms
24ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:140DAD53AA5B465DAF41E2F6DE600022
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:47 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug008:0:373
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Sat, 11 Dec 2021 06:13:49 GMT
content-type: text/html
content-length: 138
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:140DAD53AA5B465DAF41E2F6DE600022
expires: Fri, 10 Dec 2021 06:13:49 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 555C
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=81821182-5a49-11ec-8bc6-55815776808c&gdpr=0&gdpr_consent=

1 B
216 B

25ms
24ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=81821182-5a49-11ec-8bc6-55815776808c&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:48 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:465
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=81821182-5a49-11ec-8bc6-55815776808c&gdpr=0&gdpr_consent=
Date: Sat, 11 Dec 2021 06:13:48 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 81821183-5a49-11ec-8bc6-55815776808c

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 121ms
109ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4918115&noaop=5&sortOrderType=0&cb=1639203229438&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1308&pt=-1299135319&tz=0&viewable=true&ddast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1436175&dpubid=243785&abtst=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vE&mPre=0.033&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 76aeb87fcae71f4f03a5ae6271efcff60d9b273ca232f50b51ea961815ca8cbf

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:49 GMT
content-encoding: gzip
server: nginx
machineid: 1423
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame D67F 27 B
366 B 74ms
74ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1986138870731731496375373817%2C%2C&us_privacy=&cb=1639203229301&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-11%206:13:49&ranreq=0.849354219830986&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C1986138870731731496375373817%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:49 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 1A67 0
176 B 109ms
109ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 track
aktrack.pubmatic.com/ Frame D67F 0
61 B 34ms
33ms Image
text/html 23.200.212.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639203230&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.230 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:49 GMT
content-length: 0
content-type: text/html

GET
H2 200 ad Show response
v.lkqd.net/ Frame 1D5D 2 KB
2 KB 112ms
112ms XHR
application/xml 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=87618505&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e22048c4ca1a89c3bb893fa360ac7a0d49a8417cd05b7d90238a3e255a508207

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1399

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 7598 230 KB
61 KB 35ms
35ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639203230.cds065.lo4.hn,1639203230.cds059.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9628 43 B
215 B 186ms
185ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=8000db06-ed7f-f805-dee5-99893651b3cf&tv=%7Bc:wsWV6z,pingTime:5,time:6069,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:774%7D,%7Bpiv:100,vs:i,t:970%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:6069,o:0,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:773,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B228~1%5D,as:%5B228~728.90%5D%7D%7D,%7Bsl:i,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5099~100%5D,as:%5B5099~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:249,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n*.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1o.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:50 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9628 43 B
215 B 189ms
189ms Image
image/gif 52.41.240.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=878020&asId=8000db06-ed7f-f805-dee5-99893651b3cf&tv=%7Bc:wsWV6A,pingTime:5,time:6070,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:774%7D,%7Bpiv:100,vs:i,t:970%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:6070,o:0,n:970,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:773,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B228~1%5D,as:%5B228~728.90%5D%7D%7D,%7Bsl:i,t:970,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5100~100%5D,as:%5B5100~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:249,fm:sRglFJz+111%7C112%7C121%7C13%7C14%7C15%7C161%7C162%7C17%7C1811%7C1821%7C183%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f11%7C1f12%7C1f13%7C1f21%7C1f3%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n*.878020-58502531%7C1n1%7C1n21%7C1n3%7C1n4%7C1o.10933%7C1o1%7C1o2%7C1o31%7C1o4%7C1o5%7C1o6%7C1p1%7C1p2%7C1p3%7C1p4%7C1q%7C1r1%7C1s%7C1t1%7C1u1%7C1v1%7C1v2%7C1v3%7C1w1%7C1x1%7C1x2%7C1x3%7C1y%7C1z%7C110,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.240.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-240-77.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:50 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 2575 5 KB
2 KB 48ms
48ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639203230.cds065.lo4.hn,1639203230.cds074.lo4.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=87618505&m=&rtv=1&thost=www.diariodocentrodomundo.com.br
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:50 GMT
content-length: 0
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame 7598 118 KB
8 KB 547ms
547ms XHR
application/json 146.20.128.139
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1091476&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c5=&c6=52453&rnd=87618505&m=&rtv=1&thost=www.diariodocentrodomundo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.139 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4045a92e92266200040134dab4db3207df9b1564ac4c1f24b766e0dc0b01337b

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 7468

GET
H2 200 cs
cs.lkqd.net/ Frame 2575 43 B
308 B 107ms
106ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2575 43 B
308 B 108ms
107ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2575 43 B
308 B 109ms
108ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2575 43 B
308 B 113ms
112ms Image
image/gif 146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 2575
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538

43 B
308 B

109ms
108ms

Image
image/gif

146.20.132.103
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.103 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3100618248600403538
pragma: no-cache
date: Sat, 11 Dec 2021 06:13:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame ADA9 0
176 B 108ms
108ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:50 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST
H2 200 OpportunityServlet
opps.taboola.com/ 1 B
80 B 32ms
31ms Ping
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://opps.taboola.com/OpportunityServlet?rst=21
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 11 Dec 2021 06:13:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639203231.629585,VS0,VE13
x-served-by: cache-lcy19223-LCY
x-cache: MISS
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1
x-cache-hits: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 43ms
43ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=1&tk=0&ni=1&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=7&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1200&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=6878&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=7355&le=1&lf=619&lg=1&lh=180&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2500%3A2500%3A10442%3A2875&as=1&ag=4860&an=2625&gi=1&gf=4305&gg=2070&ez=1&ck=2192&kw=2887&aj=0&pg=100&pf=100&ib=1&dw=1&ka=1&cc=1&bw=4860&bx=2625&ci=2192&jz=2887&dj=0&dx=1&undefined=1&aa=1&ad=4860&cn=2625&gn=1&gk=4305&gl=2070&co=2192&cp=2887&cq=0&cr=1&ew=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6827&cd=4388&ah=6827&am=4388&dq=5414&dr=2975&ds=5414&dt=2975&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=57&vt=76&vd=0&zMoatSRE=0.046875&zMoatVSD=20.872&dh=20104&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=8035&fh=4860&fi=4860&fj=0&ef=0&eg=1&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=1927852873&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:50 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 43ms
43ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=1&tk=0&ni=1&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=8&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1200&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=6880&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=7355&le=1&lf=619&lg=1&lh=180&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2500%3A2500%3A10442%3A2875&as=1&ag=4860&an=4860&gi=1&gf=4305&gg=4305&ez=1&ck=2192&kw=2887&aj=0&pg=100&pf=100&ib=1&dw=1&ka=1&cc=1&bw=4860&bx=4860&ci=2192&jz=2887&dj=0&dx=1&undefined=1&aa=1&ad=4860&cn=4860&gn=1&gk=4305&gl=4305&co=2192&cp=2887&cq=0&cr=1&ew=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6827&cd=6827&ah=6827&am=6827&dq=5414&dr=5414&ds=5414&dt=5414&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=76&vt=76&vd=0&zMoatSRE=0.046875&zMoatVSD=20.872&dh=20104&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=8035&fh=4860&fi=4860&fj=4860&ef=0&eg=1&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=1856190514&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:50 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 42ms
42ms Image
image/gif 23.195.249.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=8&kq=1&lo=0&tr=1&uk=null&pk=0&wk=1&rk=1&tk=0&ni=1&ak=-&i=TABOOLAJSVIDEO1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24GTK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XArw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-0g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=9&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=225&w=400&fy=1200&gp=957&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&id=1&ii=4&f=0&j=&t=1639203224132&de=25395037711&cu=1639203224132&m=7052&ar=cc97a930ec1-clean&iw=49d733b&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=957&lb=7355&le=1&lf=619&lg=1&lh=180&gm=1&io=1&ch=1&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2500%3A2500%3A10442%3A2875&as=1&ag=5061&an=4860&gi=1&gf=4506&gg=4305&ez=1&ck=2192&kw=2887&aj=0&pg=100&pf=100&ib=1&dw=1&ka=1&cc=1&bw=5061&bx=4860&ci=2192&jz=2887&dj=0&dx=1&undefined=1&aa=1&ad=5061&cn=4860&gn=1&gk=4506&gl=4305&co=2192&cp=2887&cq=0&cr=1&ew=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7028&cd=6827&ah=7028&am=6827&dq=5615&dr=5414&ds=5615&dt=5414&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=76&vt=80&vd=0&zMoatSRE=0.046875&zMoatVSD=20.872&dh=20104&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=8035&ek=1&fh=4860&fi=5061&fj=4860&ef=0&eg=1&rf=0&re=0&cl=0&at=0&d=FEED_MANAGER%3A203735%3A67003865%3Awww.diariodocentrodomundo.com.br&gw=taboolajsvideo2446883476&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F228385%2Ffn998gys9pdce4zltby8_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=diariodocentrodomundo.com.br&zMoatSubdomain=diariodocentrodomundo.com.br&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tc=0&fs=195926&na=256674&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.249.162 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-249-162.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:50 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 11 Dec 2021 06:13:50 GMT

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ 0
153 B 198ms
197ms XHR
text/plain 52.58.61.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=789590675&w=400&h=225&skip=1&req_type=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&l=EN&dt=2&c=GB&pid=52453&sid=&sname=&d=diariodocentrodomundo.com.br&sp=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
477 B 209ms
208ms XHR
text/xml 2600:1f18:612b:4200:8560:f9d7:993:6d2d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C14861248123388636950343562420%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8560:f9d7:993:6d2d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:51 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 589ms
588ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=855887419&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 43ms
43ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&cb=930907967&player_width=400&player_height=225&regs[gdpr]=&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C3388636950343562420587639996%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:50 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000323
X-SpotX-Timing-SpotMarket: 0.005966
X-SpotX-Timing-Page-Mux: 0.000803
X-SpotX-Timing-Page-Require: 0.000310
X-fe: 122
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 77
X-SpotX-Timing-Page: 0.010032
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000316
Last-Modified: Sat, 11 Dec 2021 06:13:50 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005966
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.diariodocentrodomundo.com.br
X-SpotX-Timing-Page-Misc: 0.002277
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 590ms
589ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2117604214&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 587ms
585ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=2105344048&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 586ms
585ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=599167470&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ= Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 919ms
581ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=94111568&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
921 B 45ms
44ms XHR
application/xml 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C33886369503435624201954518190%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 967ea8e40fc36dbdd3566b37632808effa8696c7c6167cea116c8d561834a667

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:50 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 651
expires: Sat, 11 Dec 2021 06:13:50 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY= Show response
ads.adaptv.advertising.com/a/h/ 249 B
562 B 939ms
588ms XHR
text/xml 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1030824187&pageUrl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&pet=preroll&gdpr=&gdpr_consent=&scpid=52453&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-9-24-155.us-west-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 204 rtb Show response
a.vidoomy.com/api/rtbserver/ 0
153 B 189ms
189ms XHR
text/plain 52.58.61.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=420330252&w=400&h=225&skip=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&l=EN&dt=2&c=GB&pid=52453&sid=&sname=&d=diariodocentrodomundo.com.br&sp=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&coppa=&gdpr=&gdprcs=&vpaid=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.61.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-61-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-expose-headers: X-Vd-C

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
348 B 509ms
213ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&maxduration=119&skip=0&site.domain=diariodocentrodomundo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F96.0.4664.93%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 06:13:51 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.diariodocentrodomundo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
920 B 45ms
44ms XHR
application/xml 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C7130112903388636950343562420%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ac9ecc45664bb3d6d216d0cd7bb869c4c844a167e53a62ee84f5d2313d7d211

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:50 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 650
expires: Sat, 11 Dec 2021 06:13:50 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 36ms
36ms XHR
application/xml 23.200.213.172
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?_fw_gdpr=&_fw_us_privacy=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C33886369503435624201516945293,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.213.172 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-213-172.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0dcc5c6d41ea9292f557d96d41623ee28863281f25b3a953cdd392f182945920

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.diariodocentrodomundo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 06:13:50 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.diariodocentrodomundo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1246
x-sticky-vk: 1639203230532055-368
Expires: Sat, 11 Dec 2021 06:13:50 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame ADA9 0
176 B 144ms
143ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 7598 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 1856 152 KB
36 KB 50ms
50ms Script
text/javascript 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C33886369503435624201954518190%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:51 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 09FE 38 KB
14 KB 48ms
48ms Document
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C33886369503435624201954518190%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=116016
expires: Sun, 12 Dec 2021 14:27:27 GMT
date: Sat, 11 Dec 2021 06:13:51 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 1856 38 KB
14 KB 44ms
44ms Script
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C33886369503435624201954518190%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:51 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=116016
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Sun, 12 Dec 2021 14:27:27 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 09FE 47 B
167 B 19ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24569841&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 47
content-type: text/html; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame ADA9 0
176 B 112ms
111ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
1 KB 130ms
130ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4918115&noaop=5&sortOrderType=0&cb=1639203232438&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1308&pt=-1299135319&tz=0&viewable=true&ddast=V7N3ICFgOkSW_714CtTgSkSW_714CtTgUAAAAGBvQHGzSibGaDFXM32SyHm81qshyOhqvNYrZbDGGDRpTNbLBi7iab5XCzWU2Go81yMVgsloMpfBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPW-wQtPp8Lnu9brf7y5yOixPv8nvcdlNl7_J73bdTX67xu-2Syx_lefzsnucDrNfYXqaHW6hw-N1Wd4al-X0NDn8bpHLLXt4nHaHx-H3ywEAAADgAWBpYQziBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAPAYOdaA0CcAwEdppvTZTb5AwDgQQEEAEAAgwRgADepBKBC_eEEAAAAAAAAAIDl____PwZgLy1HBiBDuLEH4MEH4IGoALWIEQAAAIAwiVvp0aROqCyqAAAI0q0ArgAAAvpQQVi0wgAAAATEBvOWk56lUb7HFuhh8fvNDrvG73YZAAAAAAAAAIDZ_9k_mtATAECab53wo9ovIADA2i8gAACbugEAvAnAhZwVmk6Hz3Wv1_1-d5HTYXn6TX6Py266_E1-t-tu8ts1frddYvmrPJ-X3eN0mP0K09PscAsdHq_L8ta4LKenyeF3i1xu2cPjtDs8Dr9fdAStGAxWZ0DLzW41mB0AAADA3f___z_eYN5y0rM0yrceiIyMC-PEM5wsZsuZb-OYbUarjWHhcA5Xq81s5tke4Pm0ynu2ZUNfiLDMft9BQTk9PWaXQVR0vS12h9PsOYgPGoblZBDMb8IWo9VkslkOZ8vFZDAcDUej_QnkbIATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDC1ms1cw-FyrZi4jGvRyOVaK0yzmVu3Wc1Mg5lns1su3KLXx3RcmDy-xWiLggFDexFcpBOR02F5-k1-j8tuuvxNfrfrbvJbxBLNySKdyC77ysi4ME48w8litpz5No7ZZrTaGBYO53C12sxmnn1rNZu5hsPlWjFxGdeikcu1VphmM7dus5qZBjPPZrdcuEWvj-m4MHl8i9G-MdssJ4PNZDLYN2ab5WSwmUwG-w6T6Zn6nI3G4lrikanWnpvIMDMfFC6DxTuVmnbjzrEgLnuPTpVXpizojNqZ1fw1KDwHj-kgfFlOq5t1OpvovAeDIpYIThfpRPQyni5iieRpkU5EFttssrENlsuRceWc2TwTx8TlWI4ms9VkYpg4LGKJ0nSRTvQqz-dl9zgdZr_C9DQ73EKHx-uyvDUuy-lpcvjdIpdb9vA47Q6Pw29R_9EhlqO5ZjZXLAZzxWy1SgAAAAAAAAAAS5gzbwIAAABwGshosxuulgsAMW2lCwwCAAAAAACwe1IX_yoz0ahV3PhxBTkdlqff5Pe47KbL3-R3u-4mv5UBJES6mTd7Joi1Wi1rAAAAAWwAAIAAbt28B5BSKjk!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1436175&dpubid=243785&abtst=adh5c-1_vA!lotc_vA!rvf1_vB!smbs!spa2_vA!ufm_vE&mPre=0.033&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 76aeb87fcae71f4f03a5ae6271efcff60d9b273ca232f50b51ea961815ca8cbf

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:52 GMT
content-encoding: gzip
server: nginx
machineid: 1440
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 1856 27 B
365 B 70ms
70ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C33886369503435624201954518190%2C%2C&us_privacy=&cb=1639203232344&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-11%206:13:52&ranreq=0.7410429120138831&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0%2C1%21vidoomy.com%2C52453%2C1%2C33886369503435624201954518190%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:52 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
132 B 50ms
50ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_7_6/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame 6793 495 KB
87 KB 360ms
39ms Script
application/javascript 2600:9000:2240:4c00:15:6f6c:b180:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4c00:15:6f6c:b180:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 1856524
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 67vI-Av9kfLISLwssjAVtKj-P1dxzU5JtriJHFhizER1XaYiGOCIcQ==

GET
H2 200 track
aktrack.pubmatic.com/ Frame 1856 0
61 B 34ms
34ms Image
text/html 23.200.212.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639203233&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.212.230 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-212-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:52 GMT
content-length: 0
content-type: text/html

POST
H2 200 t Show response
t.lkqd.net/ Frame ADA9 0
176 B 111ms
111ms XHR
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
date: Sat, 11 Dec 2021 06:13:52 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.128.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.diariodocentrodomundo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Dec 2021 06:13:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.diariodocentrodomundo.com.br

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 6793 1 KB
901 B 45ms
44ms XHR
application/xml 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0,1!vidoomy.com,52453,1,1639203230416,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a480aee2e5cb9b240be447dd8659a05ff10fbadd18a0142bf43f6b527e434095

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:53 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 631
expires: Sat, 11 Dec 2021 06:13:53 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 6793 0
233 B 396ms
395ms XHR
application/json 52.9.24.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.24.155 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-24-155.us-west-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.diariodocentrodomundo.com.br
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 06C5 152 KB
36 KB 49ms
49ms Script
text/javascript 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0,1!vidoomy.com,52453,1,1639203230416,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:53 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 718A 38 KB
14 KB 44ms
44ms Document
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0,1!vidoomy.com,52453,1,1639203230416,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=116014
expires: Sun, 12 Dec 2021 14:27:27 GMT
date: Sat, 11 Dec 2021 06:13:53 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 06C5 38 KB
14 KB 49ms
48ms Script
text/html 23.195.248.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0,1!vidoomy.com,52453,1,1639203230416,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.248.208 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-248-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 06:13:53 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=116014
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Sun, 12 Dec 2021 14:27:27 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ Frame AF28 2 KB
1 KB 115ms
115ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=462&height=259&pubid=169497&tagid=953497&crid=4711345&noaop=3&sortOrderType=0&cb=1639203233776&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1308&pt=485516089&tz=0&viewable=true&ddast=V7aT4CFgOkSW_714CtTgSkSW_714CtTgUAAAAGBuIHHTKhLYaL1WS0nGyGk91yOdksRqvFbjUZLmdD0JAJbTFcrCaj5WQznOyWy8lkt5uNNrvlFAJV9yLyux1Ou0U6kAhNp8Pnutfrfr-7yOmwPP0mv8dlN13-Jr_bdTf57Rq_2y6xXMQCicp4eFmebpfddJEOJHKX6fe3fP0ll83hOpsuYoFE8Pc8TU-_3SIdSER_w0UskGiOfsvp7nC7LNKBROR0WJ5-k9_jspsuf5Pf7bqb_BaxQCJ7WJ4Ou-kiHUhkDrPZdLT8XT-jRf0GKzSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8TyV3k-L7vH6TD7Faan2eEWOjxel-WtcVlOT5PD7xa53LKHx2l3eBx-vxwAAAAAHgCOxmMhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAAClKPNADEORDQYbo5XWaTPwAAHhRAAAAEMEgABtyaSgAyWmNPAAAAAAAAAABY_v___2MA9gKmZQAuAMd6AB58AB6IClSLGAEAAAAIk7iVHk3qhMqiCgCAIN0K4AoAIKAPFSSmLgwAAEBAbDBvOelZGuV7bIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owk9AQCk-dYJP6r9AgIArP0CAgCwqRsAwJsAXMiloOl0-Fz3et3vdxc5HZan3-T3uOymy9_kd7vuJr9d43fbJZa_6AhaMRisTiF2w9lit9kNR7MDAAAAuPv____HG8xbTnqWRvnWA4mFazRxrRYz03C53O1mttFoMPPYTBvTbDYYLkfby4OaQe7StdHvC1Tdi8jvdjjtFulAIjSdDp_rXq_7_e4ip8Py9Jv8HpfddPmb_G7X3eS3a_xuu8RyEQskKuPhZXm6XXbTRTqQyF2m39_y9ZdcNofrbLqIBRLB3_M0Pf12i3QgEf0NF7FAojn6Lae7w-2ySAcSkdNhefpNfo_Lbrr8TX63627yW8QCiexheTrspot0IJE5zGbT0fJ3_YwW9f0mbDFaTSab5XC2XEwGw9FwNNqfQM4GOBGD5XIyWUx2q9FqtBnuRrPBAgViMEGKFg0mq9FospgMV6PJarZc7HYbpGjVajbaDIar2WS2262Gg-FyNMIJW4xWk8lmOZwtF5PBcDQcjYYIU6vZzDUcLteKicu4Fo1crrXCNJu5dZvVzDSYeTa75cIten1Mx4XJ41uMtigYwLQXwUU6Ud29dr_v7tY8TS-33u4WOT2P1-ctd5l-f8vXIpZoThbpRHbZNxau0cS1WsxMw-Vyt5vZRqPBzGMzbUyz2WC4HO1bq9nMNRwu14qJy7gWjVyutcI0m7l1m9XMNJh5Nrvlwi16fUzHhcnjW4z2jdlmORlsJpPFvjHbLCeDzWSy2HeYTM_U52z0XBMmj0y19txEhpn5oHAZjN6p1LQbd44Fcdl7dKq8MmVBZ9TOrOavQeE5eEwH4ctyWt2s09lE5z0YFLFEcLpIJ6KX8XQRSyRPi3Qisgwmhs3ENdu4jMuFxzCYmIaT5Wy13E0sltlyNRFLlKaLdKJXeT4vu8fpMPsVpqfZ4RY6PF6X5a1xWU5Pk8PvFrncsofHaXd4HH6L-o8OsRzNNbO5YjGYK2arVQIAAAAAAAAAWMKceRMAAACA00Amo-FotVwACYQBXWAQAAAAAACA3RY4UC-PAx2T4saPPerutft9d7fmaXq59Xa3yOl5vD5vucv0-1u-VgZ4cFpk3uyZINZqtawBAAAIsAEAAAK4dfMeQEqp5AA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&dtagid=1682865&dpubid=224845&abtst=adh5c-1_vA!adh5c_vA!lotc_vA!rvf1_vB!spa2_vA!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.diariodocentrodomundo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.0.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 62f235b2328ba7663b364421bf49cccda7632a9ae1a306d0413ab933a82be48b

Request headers

Referer: https://www.diariodocentrodomundo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 06:13:53 GMT
content-encoding: gzip
server: nginx
machineid: 1435
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.diariodocentrodomundo.com.br
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET AdServerServlet
vid.pubmatic.com/AdServer/ Frame 06C5 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YbRBmAALCgAGPAAz&_test=YbRBmAALCgAGPAAz

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639203225&wa=0&e=95&vc=2

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7415519081315808593

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=9

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vc6fDPohTvCT8Bb3qbHgXg%3D%3D

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=214&mapped=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkRDRTlGMEMtRkEyMS00RUYwLTkzRjAtMTZGN0E5QjFFMDVF&gdpr=0&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: sync.mathtag.com
URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbRBmAALCgAGPAAz&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=

Domain: visitor.fiftyt.com
URL: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E&gdpr=

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E&sInitiator=external&gdpr=0&gdpr_consent=

Domain: mwzeom.zeotap.com
URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E

Domain: pixel.quantserve.com
URL: https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E&redir=true&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E?gdpr=0&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

Domain: pixel-sync.sitescout.com
URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E&gdpr=0&gdpr_consent=

Domain: vid.pubmatic.com
URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.diariodocentrodomundo.com.br%2Fessencial%2Fatila-hacker-certidao-de-vacinacao%2F&schain=1.0,1!vidoomy.com,52453,1,1639203230416,,&us_privacy=&cb=1639203233529&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.diariodocentrodomundo.com.br%252Fessencial%252Fatila-hacker-certidao-de-vacinacao%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-11%206:13:54&ranreq=0.22537519377798998&timezone=0&depth=0

Verdicts & Comments Add Verdict or Comment

416 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ads.stickyadstv.com/	1970-01-20 00:03:15	Name: UID Value: 2bdfb6348d15a8807c3330ed9eff31
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 4c9c8ab9e6805bab6c52754b932797bb
.diariodocentrodomundo.com.br/	1970-01-20 01:29:39	Name: _fbp Value: fb.2.1639203220576.1608615402
.diariodocentrodomundo.com.br/	1970-01-20 16:51:15	Name: _ga Value: GA1.3.409617009.1639203221
.diariodocentrodomundo.com.br/	1970-01-19 23:21:29	Name: _gid Value: GA1.3.1886940742.1639203221
.diariodocentrodomundo.com.br/	1970-01-19 23:20:03	Name: _gat_gtag_UA_33507983_1 Value: 1
.scorecardresearch.com/	1970-01-20 16:36:51	Name: UID Value: 1WNNQR8CBEYYSRGNYLLL9Bg1639203220
.turn.com/	1970-01-20 03:39:15	Name: uid Value: 3100618248600403538
.bidswitch.net/	1970-01-20 08:05:39	Name: tuuid Value: f79c069f-7553-4c5a-aac1-fc1df8bda7c6
.bidswitch.net/	1970-01-20 08:05:39	Name: c Value: 1639203220
.bidswitch.net/	1970-01-20 08:05:39	Name: tuuid_lu Value: 1639203220
.diariodocentrodomundo.com.br/	1970-01-19 23:20:03	Name: _gat_gtag_UA_175164381_48 Value: 1
www.diariodocentrodomundo.com.br/	1970-01-20 08:05:39	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D556f5889-1be8-4de5-a46f-735f40f3379a-tuct8adc714
.fwmrm.net/	1970-01-20 03:39:15	Name: _uid Value: "h803a_7040324225692894405"
.vidoomy.com/	1970-01-20 08:05:39	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImY3OWMwNjlmLTc1NTMtNGM1YS1hYWMxLWZjMWRmOGJkYTdjNiIsImV4cGlyZXMiOjE2NDE3OTUyMjF9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2NDE3OTUyMjB9fX0=
ads.stickyadstv.com/	1970-01-20 00:46:27	Name: uid-bp-36033 Value: h803a_7040324225692894405
ads.stickyadstv.com/	1970-01-20 00:46:27	Name: MRM_UID Value: h803a_7040324225692894405
www.diariodocentrodomundo.com.br/	1970-01-20 00:03:15	Name: _pbjs_userid_consent_data Value: 3524755945110770
ads.stickyadstv.com/	1970-01-20 00:46:27	Name: uid-bp-159 Value: CAESEL_s9sbWPFG43aEqPu9hpNc
.adsrvr.org/	1970-01-20 08:05:39	Name: TDID Value: 527b78df-fa9f-47e4-9d24-91f4d3763c41
www.diariodocentrodomundo.com.br/	1970-01-20 08:41:39	Name: cto_bidid Value: hpiSol9xRDVsRDNNd1FrUmVrMGVIbTdFeUxPWWF5RmVSQWVXalRIcnZ6WjNVOEpZNGhNNVdvR0UlMkZoaUEyd2x2JTJGQUZLa2NnMUdCNHVTWmh1c1N0UXVIdjlrNGw1ZEk2V3oxa28lMkZ0cVo2S0doSGJhZyUzRA
www.diariodocentrodomundo.com.br/	1970-01-20 08:41:39	Name: cto_bundle Value: Xws0yV9RdlVNOFdlTFBlTjclMkI1aGFjeUZZMFpjT1MwWXVXZHFNVG9NZzNwc1NNMVYzTFFFTHkwJTJCaVJVcWVEN1lkREhZeXhlaUZDUTVWcnhJUVhmd1pDU3FDTEZhRlUyaWxZJTJCQUEwd2dubDRpb3FRMlpxWkJNTnNLUnFOeGxZeDhLbFM2TjJoSVlOdjdvOVB2eThjeDJ1S1hqakElM0QlM0Q
.spotxchange.com/	1970-01-20 08:05:39	Name: audience Value: 7d2865bc-5a49-11ec-aef5-1d66682b0006
ads.stickyadstv.com/	1970-01-20 00:46:27	Name: uid-bp-892 Value: 527b78df-fa9f-47e4-9d24-91f4d3763c41
.taboola.com/	1970-01-20 08:05:39	Name: t_gid Value: 718034e3-8936-4546-881a-c434330eb603-tuct8adc716
.yahoo.com/	1970-01-20 08:06:00	Name: A3 Value: d=AQABBJZBtGECEAKjtLILmQ-uC8j6XlG_IQkFEgEBAQGTtWG-YQAAAAAA_eMAAA&S=AQAAAr4lw851Xi5y3ui90vywSzc
ads.stickyadstv.com/	1970-01-20 00:03:15	Name: uid-bp-717 Value: y-qCjsm71E2oMA4QCg19Rzhx1UJyj6hL0DacSqXWZj~A
.doubleclick.net/	1970-01-20 08:41:39	Name: IDE Value: AHWqTUnQ1b2NhjryUXF3HGvhGSZsRNSlL4jWDnXabhzoCoyn1jVXOC_gKcAqgXxdjRo
.adnxs.com/	1970-01-20 01:29:39	Name: uuid2 Value: 3404206974503617722
.casalemedia.com/	1970-01-20 01:29:39	Name: CMPS Value: 1852
.diariodocentrodomundo.com.br/	1970-01-20 08:41:39	Name: __gads Value: ID=04eee0e08e0162d7:T=1639203220:S=ALNI_MZq4B5yqYtc6iHMGNvbcfCJXbfl4g
ads.stickyadstv.com/	1970-01-20 00:46:27	Name: uid-bp-951 Value: 3404206974503617722
.casalemedia.com/	1970-01-20 08:05:39	Name: CMID Value: YbRBlq0t.NalDpfGx2tW2wAA
.casalemedia.com/	1970-01-20 01:29:39	Name: CMPRO Value: 698
www.diariodocentrodomundo.com.br/	1970-01-19 23:20:06	Name: _lr_retry_request Value: true
www.diariodocentrodomundo.com.br/	1970-01-20 00:03:15	Name: _lr_env_src_ats Value: false
.mathtag.com/	1970-01-20 08:45:58	Name: uuid Value: e0ae61b4-4196-4700-a0e4-b2c93d47c88e
.disqus.com/	1970-01-20 08:05:39	Name: disqus_unique Value: 8gr39pv1egf9hk
disqus.com/	1970-01-19 23:20:05	Name: __jid Value: 8gsudhf5sbntn
ads.stickyadstv.com/	1970-01-20 00:46:27	Name: uid-bp-529 Value: e0ae61b4-4196-4700-a0e4-b2c93d47c88e
.analytics.yahoo.com/	1970-01-20 08:07:05	Name: IDSYNC Value: "195y~220u:195x~220u"
.diariodocentrodomundo.com.br/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1639289623639
.adform.net/	1970-01-20 00:04:41	Name: C Value: 1
.emxdgt.com/	1970-01-20 01:29:39	Name: uid Value: 66781639203223984226ba
.adform.net/	1970-01-20 00:46:27	Name: uid Value: 4835395960989745577
.adnxs.com/	1970-01-20 01:29:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUcH>-2D!A#En.TOKKnyW<U1`VROYQM-:KG7]0a>9z+Q9Gk6U@X)TCYj4AT/L-Wp+9tm(j#iP(Md+>)fy)JlH*m5
.casalemedia.com/	1970-01-20 08:05:39	Name: CMRUM3 Value: 2d61b441982760CAESEJlBogN2JWABZjKnae5lJ6o
.casalemedia.com/	1970-01-19 23:21:29	Name: CMST Value: YbRBl2G0QZgA
ads.stickyadstv.com/	1970-01-20 00:46:27	Name: uid-bp-617 Value: 4835395960989745577
.emxdgt.com/	1970-01-20 01:29:39	Name: apn_id Value: 3404206974503617722
.pubmatic.com/	1970-01-20 01:29:39	Name: KADUSERCOOKIE Value: BDCE9F0C-FA21-4EF0-93F0-16F7A9B1E05E
.pubmatic.com/	1970-01-20 01:29:39	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 01:29:39	Name: pp Value: 156498
.pubmatic.com/	1970-01-19 23:21:29	Name: PMDTSHR Value: cat:
.simpli.fi/	1970-01-20 08:07:05	Name: suid Value: 140DAD53AA5B465DAF41E2F6DE600022
.everesttech.net/	1970-01-20 08:05:39	Name: everest_g_v2 Value: g_surferid~YbRBmAALCgAGPAAz
.lijit.com/	1970-01-20 08:05:39	Name: ljt_reader Value: ef1e6f44f3bfd60d999717d5
.de17a.com/	1970-01-20 07:58:27	Name: guid2 Value: 1.7415519081315808593
.doubleclick.net/	1970-01-19 23:20:06	Name: DSID Value: NO_DATA
.blismedia.com/	1970-01-20 08:05:43	Name: b Value: 61B44198FD0E82513EE5A2B5BLIS
.1rx.io/	1970-01-20 08:05:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-431d7272-a3bd-4ace-a388-665ef4e9a503-003%22%7D
.travelaudience.com/	1970-01-20 08:50:17	Name: _tracker Value: %7B%22UUID%22%3A%22733E140B-9A75-42CB-8301-54D514B2751E%22%7D
.adsrvr.org/	1970-01-20 08:05:39	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwim4bi27Z2eOhAFGAEgASgCMgsIptm744OenjoQBTgBWghwdWJtYXRpY2AC
.3lift.com/	1970-01-20 01:29:39	Name: tluid Value: 16587478034536215360
.adfarm1.adition.com/	1970-01-20 01:29:39	Name: UserID1 Value: 7040324242874497171
.targeting.unrulymedia.com/	1970-01-20 08:05:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-431d7272-a3bd-4ace-a388-665ef4e9a503-003%22%7D
ads.stickyadstv.com/	1970-01-20 00:46:27	Name: uid-bp-45 Value: YbRBmAALCgAGPAAz
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjUzNzextDA1NTQzNDY2NLY0MhfiM9TNT_QP8MnxNgovctQFAGtcB1IlAAAA
.rfihub.com/	1970-01-20 08:41:39	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129alM96yMqnT0Na30q6qyCM4KSHFOzw_iNTQztjQyMDYyMjU0NHrFiMoHAOdt1b09AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129alM96yMqnT0Na30q6qyCM4KSHFOzwcAwU5aMh4AAAA
.rfihub.com/	1970-01-20 08:41:39	Name: rud Value: H4sIAAAAAAAAAOMSNjUzNzextDA1NTQzNDY2NLY0MhfiM9TNT_QP8MnxNgovctSV4jU0A4obGBsZmRoaGgEAglHSGTQAAAA
.quantserve.com/	1970-01-20 01:29:39	Name: d Value: EEsBCQH3JIEA
.quantserve.com/	1970-01-20 08:50:17	Name: mc Value: 61b44199-3a80d-2a37c-1fa61
.volvelle.tech/	1970-01-20 08:05:39	Name: ouuid Value: a63c3cff-d9d7-4510-850f-793312cdb77a
.volvelle.tech/	1970-01-20 08:05:39	Name: c Value: 1639203225
.volvelle.tech/	1970-01-20 08:05:39	Name: ouuid_lu Value: 1639203225
.contextweb.com/	1970-01-20 00:03:15	Name: ccpa Value: 1---
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 00b5b52e17cb3a0b
.pubmatic.com/	1970-01-20 01:29:39	Name: DPSync3 Value: 1640390400%3A235_226_241_227_201_197_219_221%7C1639267200%3A174
.weborama.fr/	1970-01-20 08:51:44	Name: AFFICHE_W Value: V-t8DraOsthX38
ads.playground.xyz/	1970-01-19 23:28:35	Name: connect.sid Value: s%3Asy2J1EXMADFyREALuZ6vKupLnofqCYBa.A7FDQyDvyt566C7Lu55C6YOgWChHgotDPyxF3KfgSJA
.erne.co/	1970-01-20 08:05:39	Name: u Value: Rxa6YwO0qO4vAM2IMgzaX9m1
.adsby.bidtheatre.com/	1970-01-19 23:30:08	Name: __kuid Value: 6ca12f74-645a-4368-b125-b49f6d5619ee.408417228
.pubmatic.com/	1970-01-20 00:03:15	Name: KRTBCOOKIE_409 Value: 22966-Rxa6YwO0qO4vAM2IMgzaX9m1
sync.srv.stackadapt.com/	1970-01-20 08:05:39	Name: sa-user-id Value: s%3A0-091d900d-2403-4a2a-42c9-318de71a8967.DjdPaPQa9VOzCPBJwaXbP0ZVSLOU%2FcFg8cK4SW0v6qE
.srv.stackadapt.com/	1970-01-20 08:05:39	Name: sa-user-id-v2 Value: s%3A0-091d900d-2403-4a2a-42c9-318de71a8967%24ip%24194.36.110.165.1lBqCIFB7fGKr27yzEJ0UU%2F5zVqqzPPWEa%2BxepWagYY
.pubmatic.com/	1970-01-20 00:03:15	Name: KRTBCOOKIE_860 Value: 16335-CR2QDSQDSipCyTGN5xqJZ8IkbqU
.pubmatic.com/	1970-01-20 01:29:39	Name: SyncRTB3 Value: 1640390400%3A54_231_99_234_55_230_13_22_5_238_161_56_204_104_166_21_233_3_8_189_220_81_71_88_176_57_165_222_7%7C1639785600%3A2_223_15%7C1641772800%3A203%7C1640476800%3A35%7C1640044800%3A63%7C1644364800%3A69
.w55c.net/	1970-01-20 08:50:17	Name: wfivefivec Value: PAmdXcfL1MVVDL5
.w55c.net/	1970-01-20 00:03:15	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 00:03:15	Name: KRTBCOOKIE_107 Value: 1471-uid:PAmdXcfL1MVVDL5
.pubmatic.com/	1970-01-20 00:03:15	Name: PugT Value: 1639203228
.ipredictive.com/	1970-01-20 08:05:39	Name: cu Value: 81821182-5a49-11ec-8bc6-55815776808c\|1639203229354
.pubmatic.com/	1970-01-20 00:03:15	Name: KRTBCOOKIE_279 Value: 22890-81821182-5a49-11ec-8bc6-55815776808c&KRTB&23011-81821182-5a49-11ec-8bc6-55815776808c
.tribalfusion.com/	1970-01-20 01:29:39	Name: ANON_ID Value: aVnseFpyXagbqiVREF6O14odMyBgG797slZaHFGYEQITyZb2sKZceTd6ByJZavFmG3HwJuxSUZcULxQ1W39ZdDv0vg
.ads.pubmatic.com/	1970-01-19 23:21:29	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 01:29:39	Name: chkChromeAb67Sec Value: 5
.pubmatic.com/	1970-01-19 23:21:29	Name: pi Value: 156498:3
.ads.pubmatic.com/	1970-01-19 23:21:29	Name: pubsyncexp Value: 1639224832432

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/(Line 753) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.juicebarads.com/js/diariodocentrodomundo.js?v=98, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.diariodocentrodomundo.com.br/essencial/atila-hacker-certidao-de-vacinacao/(Line 753) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.juicebarads.com/js/diariodocentrodomundo.js?v=98, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17368370350617788416/index.html".
security	error	URL: https://a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17368370350617788416/index.html".
network	error	URL: https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YbRBmAALCgAGPAAz&_test=YbRBmAALCgAGPAAz Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK16l1sA0EVYQqzPaMhgoXk2pbP8m8WHT5sVSjqcyhN9LYDrSlHb0UMSssFM57Gq3R2QVZhF7ThY_eqqYYl3SpraZPtAUeL Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbRBlq0t-NalDpfGx2tW2wAAAroAAAIB&google_push=AYg5qPJ6ID9DgM1GbMFvIkfR705v2KAgn-GY4ccowz4GXidiXXh9Gg4yc67zMjFe0UEaWyT3HbnyQ2H6WxUo5qTd7rprEyERIZAl&google_cver=1&google_gid=CAESEGoT57hlmh3yOdr1D54rV8s Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
4cywq-eqnre.ads.tremorhub.com
640b8f6ac9713c4187d50d6eb844be94.safeframe.googlesyndication.com
a.audrte.com
a.disquscdn.com
a.rfihub.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
a.volvelle.tech
a7afee20dd78ac8c6cee315fb53007ad.safeframe.googlesyndication.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ad4m.at
ads.adaptv.advertising.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.vidoomy.com
adservice.google.co.uk
adservice.google.com
aktrack.pubmatic.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
api.rlcdn.com
b0b2fb4f4d530f774904c931019d14ff.safeframe.googlesyndication.com
bh.contextweb.com
c.disquscdn.com
c1.adform.net
c3.taboola.com
cdn.onesignal.com
cdn.syndication.twimg.com
cdn.taboola.com
cdn.viglink.com
cdnjs.cloudflare.com
cds.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
cs.emxdgt.com
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
diariodocentrodomundo.disqus.com
dis.criteo.com
disqus.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
impr.taboola.com
imprammp.taboola.com
links.services.disqus.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
onesignal.com
opps.taboola.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.twimg.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.moatads.com
r.turn.com
referrer.disqus.com
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
static.adsafeprotected.com
stats.g.doubleclick.net
stg.vidoomy.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
t.lkqd.net
t.teads.tv
taboola-supply-partners.tremorhub.com
tags.juicebarads.com
tempest.services.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
vast.emxdgt.com
vid.pubmatic.com
vidstat.taboola.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
web.webformscr.com
wf.taboola.com
www.diariodocentrodomundo.com.br
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
a.audrte.com
ad.turn.com
ads.stickyadstv.com
aktrack.pubmatic.com
c1.adform.net
cm.g.doubleclick.net
dis.criteo.com
dsp.adfarm1.adition.com
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
simage2.pubmatic.com
sync.1rx.io
sync.mathtag.com
t.lkqd.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
vid.pubmatic.com
visitor.fiftyt.com
x.bidswitch.net
104.244.42.72
104.96.5.77
13.248.245.213
13.32.99.105
141.226.224.32
141.226.228.48
142.250.184.198
142.250.184.226
142.250.74.194
146.20.128.139
146.20.128.205
146.20.132.103
151.101.0.134
151.101.1.44
151.101.194.49
151.139.128.11
151.139.244.12
159.65.196.12
169.197.150.8
169.50.137.184
172.217.16.130
173.231.181.122
178.250.0.157
18.196.195.54
18.196.197.61
18.235.138.170
185.33.221.11
185.33.221.13
185.64.189.110
185.64.190.75
185.64.190.78
185.86.139.103
185.94.180.123
185.94.180.126
195.5.165.20
198.148.27.139
198.8.71.128
199.232.196.134
199.232.196.64
199.232.198.49
2.22.77.98
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.45
23.195.248.208
23.195.249.162
23.195.249.2
23.195.249.65
23.200.212.230
23.200.213.172
23.200.213.98
23.23.88.115
23.88.75.188
2600:1f18:612b:4200:8560:f9d7:993:6d2d
2600:1f18:612b:4264:e8c6:2f28:702a:f217
2600:1f1c:a99:832c:727c:8f29:6f04:aca5
2600:9000:223e:8000:6:8656:f5c0:93a1
2600:9000:223f:6e00:8:48e:53c0:93a1
2600:9000:223f:b200:1b:5138:8a40:93a1
2600:9000:2240:4c00:15:6f6c:b180:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3032::6815:3f4f
2606:4700:3039::6815:c03b
2606:4700::6810:125e
2606:4700::6810:a30d
2606:4700::6812:170e
2606:4700::6812:d05
2606:4700::6812:e134
2606:4700::6812:e234
2620:112:f006:bbbb::12
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2001
2a00:1450:4001:811::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:26f0:6c00:191::26e5
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:13::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d018:d29:3605:7ea4:f1cc:2176:cd9d
3.129.250.65
3.218.90.66
3.228.133.61
3.33.220.150
34.102.253.54
34.120.155.137
34.96.105.8
35.179.78.10
35.190.0.66
35.201.81.244
35.210.178.101
35.227.208.19
35.227.252.103
37.157.6.242
38.27.122.158
50.19.62.27
51.75.146.199
52.19.214.88
52.41.240.77
52.58.61.12
52.73.153.177
52.9.24.155
54.159.94.231
54.194.39.62
66.155.71.25
69.173.144.139
72.251.249.9
75.2.29.42
85.114.159.93
87.98.228.78
00758b991750c5ee485ccbaef81986492e0d27da84a985ac588ea00cbf5f1ae2
00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f
014bdcd85899b1e128d977bbb8f899d6c9623e68cfb63b3a637d39f61ff01ff5
01b1844125589a15317239014be029ba024bc0d6e059222bc99bd913a82ecb88
020a358dd2294ed0656577aa904a333e70d37b581cc20044b8ae7ed91d4758d2
02244c0ba63616b451424382305ca5b9f9ca354be5608d40747ad53a67b95da3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02c56a663727032f8dc2f2b710b19f1aacbf5746e9db756857a84124484d2f92
02cd1afe25bd6950ef39a98a7be2348b7445cba2c979e3b161c01b0b6f14d922
0376879a45be95f1d718c2a90d0b35986973e87d6f4c790b4c7046343464b72a
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
04b55e93a58888caabc82afad517da9836e7301ccf9edc09dfd7809849df8de2
090b1952df7896a377876338f639f0d1df0fb7379a9ab41a512b46cc0174b927
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0991cc07e6c1beef865b3f0fa3c16c370a929c575aded5fd42e2b5433fd6b090
0a9094ce5f18a9e36476ef2be0c657a0d969cf42e5cdf39b6938607182f9e2ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b992fa74ae2d898f78561af205e3b8c8badc801ea764ccf36cadb13ed78d5d8
0c95653ec8f85b8b99dd0e47c0057ee24bdf5df38ce89d68c4e5762dc77e04d2
0dcc5c6d41ea9292f557d96d41623ee28863281f25b3a953cdd392f182945920
0dd943366977aab5e9cf33c04e9845e649594962c91662c72436016d34d3dcc6
0e83a9c5896ead450273408f24de5a2ba2f280153804ee33d89c0e74b2ec1225
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
108b212a0f6a3d2d4efd35f1f9ea615ca76baa406b806064e4dcb42ce5b15f1d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e50d643a892a86a349e85587255b4a723c9837088605cb647e03b4e48d1aa9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ac101818b7d196f584bb2d54b79e99fec0957b4073eb21912a2453c47b99d1
12c748318ff42d318458ecde073d66441c47dfa28d941be5f42694fc4e02a0ac
12d917e05a443130d6705d6b122650e039f76c5e4923eeb7cf6da9763a912a44
131670c344a1c5951ebc2d33a634177924e089fcb43272238df6292846c698aa
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1517e4daad78dee52f5e094d13faf2ad5a129391a1b178ba4121969d03829c57
151e52cb24cf872678ae4ff655994a2f5190f29faaa88215c438e9b5bb5712d1
15ba21410b6cae567c186f83ebb068c26b3f95aa5f7a9f2813e87ca512d28d12
161b6f6ab06a0b8fe1d5071f7e4a96807c13f77488be9722a420246766bcbc73
16d2c8f30d65c537a5259a8a96346daceb60f28a64f8b4092caac03e0255d98a
17ae0d10bda60d99133053ac904d1c8a98dd33a2708db7d5bf12c12f101a447d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1ba8af402252121053142c8336bd580caacf674770b9e5af7e4ab4ae7eb44f83
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1da5d399253e65d85549a8d5653bb29e2f569441b68e1700d1f2d2780a225b1a
1dc60b7d6cbf47b6e9ded6bebf35d14d85e824bd5c031a6cde0d8b0086a6b691
1e055bff06cdf3e1bf729d3a1e3a391b280510c0cf7081fd44e00753ee33f2bf
1f3eb04cb25c17fed8e1653749f3f6235d758151987c9f2b567bfb4dfe65be00
1f77beacdfdc953ac02ad4da4b3dbe715f94b7e3368ccbf0a6735436da65218a
1f840b419e0b8cec7b58cffdb09369247ee64513cb4c0cb94bb7ce2a03e78267
209ee5a4d514155febd8dceb1c6c15a3a3b232b4bc467493d0ce6f70089845a6
223fd57264cad1aca2a6b1eca88c7504f6290a997a892f6a18f5620771016037
23315445b1687aa8503cb2c0a539669a2fd959821d10271d02e46b974e6aa091
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23bdd105b4c1234a15fa1a7621040ce0cfea24f8379360381e500ca436a4504f
260793b5b3e987f4debd6a3f6a17de01af1ef6aeaa48077bd5cd0229db0f6653
26bb50500bfdfa32376bca2911e642ee1c3f01a917646ab6cb3bc6df4d25d097
2743a9a9945a81f0a8e21752b96d97da93249b51c4385d1c4781a2260b927eaf
28c52b7fcda3451fc47a45ec9ebe995f2dacfce3bc0ed13594b7f31801cd183d
299b5acb9faf9948c3454c9742f39365caee104519702ff86ec8bf852ba340b8
29a5d7315757963c3803bc358f2bf5a83bdd2fa6dc3b364fac3361f1cdc5e8e0
2bb08b87c3d0fb1a970cd16168c430a8b5bff33e80fbc96126c0b4d13c4763dc
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
2cb7e2198ca07763689e295dc46cdd511dbe067d8013513d1644554b0d6b2236
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3b2ee82464d00cb6cd9585b6c8f13b95e0488bb865675e6b88968badef01bd
2f96e21a623a8e356580f31a58d117cd08aefcfc9d8448cf4dfc41f793e0dfde
31a8ecce6d30c7bcc0193aecc2ee98cfa69f13d76b0beaf2365d8fae74816d1c
31d1364a7f81d75264d336e2f91a35c13e04ac46cb11f75c6d2de3f814edc1d3
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
332e83c786065b0bccef2bc3176bda606ade377da143d6c5c41ff81f30429db5
3330f5c2a6380d346b4046607480f7abd23d09ca6b2c2214ce30a0a39463313b
336a8d4d610ff8629f7c37e7e1864a8d7f7874ba2d4d17e08b0a94550915dc0c
3435bb7a03a55632cb2540112a71344e6d679e6a1657943d50e30a1f5c35cd5b
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35317274fd4c9a20e50d08fe11de53b1047d9bb9c99c322a4dfea9478c8af5d6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
383b2b89c340373f983949d5bf4b24c938d183af0e7e8639d0ecada0f29de092
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39ee9414c40aa4506e8048730385e2d1161c1c847ceb5f9edf885ab0c94a08c0
3bfd43fe65c30b9107e12e0973e030eac779beb7640ccfe2a9c6cebd73f16df6
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d992ec5207e67306f72d5337209b23d447a17be84fba157680ddedbbb298848
3db16e9a32f9a58a911f55292005020c612b2f1dc197921142ffc50e6d0f6603
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4045a92e92266200040134dab4db3207df9b1564ac4c1f24b766e0dc0b01337b
41a51f139721f4304c9753a51b667ee4779f68f8f1e841e926c9a12c1d298ff9
41cc3dda60590ed64ade500977090a4a7ff8a6d77b8e2e6bee68c8ae4d0cf436
41feba12c9f235b4123d7e276203047126b02af299062fa03bf7a56943f2b775
42ba8b487196edceafd99e96c31f43b35d8880a1ca3f0caf7ca34d0b00504424
438ab71c93631fb6e1d823b39b0e219349c08453cbc954d8423c89a72aa5035f
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48107cb12c6e6d38bc0abc4a562a5630b31d751d6462133a15e38d537aef3060
4874ca76a7cd1c5b8f5832fd19004e78a2e5d84bbeb04dac99a5c6a04ed8a1ab
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ab57cb7771642f95f87f04f505937b8a54c3fe49758d9750c04948bcb87a3e
48dfd3ffcd284d5d6c48be7d7edac4c8d67f778180746ccfb17b5c964cf7fac8
492a6f12ee73ea4e9855654d796f5ac25c62b62603848f783f2806879e5506ec
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49c9f0d4ea8cba9db3986069f04049501ad8245a53aacb01500572ae05fe9808
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c9f42955b87deca2742deed59fad3cf34c9ca8bab6a21dbc1eb5ac74b5ec4b9
4cbe2e87616514bda8169ef5cf597f1dcd7cf4518cd4d50c210f6b2a444ff170
4d3455baf97f4f45bbca7c734d4d66f4459e1794b1cc63c0368028c05778e439
4d4cdf10e7bb2dc5f02bd7eaa0d566a920ce87f27020163d8dd283b0f238d28b
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
501ca1acb5b5c0bd0ce8aa0a2a98f309be642643fc8b68f7fbecab0745dade3f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ef231f46c660f56c02937a4817d6ec1721a85322722416749f7723c57e66a8
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55acdc956076cc955a9b8319896fc84534f0d6e169561a1f8ef47fbcca7952d9
55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
56c30800cfcb0714e035d195b222c7de83744c1d465c0e50a02a971e6e97b6fd
5751b2f0f25d096f046ebde12533cb99798c5622bd1d101e315254f4705d5bbc
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5db6ca44792eadaa613ebabd75bdf0fdc249d5c1535944062cdabefd2ec9140b
5e0a898937be1b856713227ff94add695d672d04b8ea2aafb8864beb240b255b
5e1268e4f269a9771d7dc0c81528ec8842bd24c488352acbfa0ec757a4c52599
5e4faa7e7f95eebf7005010873ba46be7b9436bc756fbc4fbb5b6ebc59de8f1e
5eb45f4b4af3c8248423311109376fc2a15232f5545eec02daa1f089bd1fe176
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb
5fc16c04e026fd6dff0b09181784a4cefe5403da4324f2c650faf49408aea15d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61683fd91e24ec32467a8731b074889bbb8b7b81552fcfb382e77171eed6c3f4
619fc5f463c4d57f09fcda55bacd247603c486871c5da40ee61d96dad64fc508
61a71d0750b6bf10cccbb9e1ce422612bf9343452b28424e16115f497b274121
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e367f4704eff6580b659b74e28cf3b92b5d89ac6f366c0a69fa6a45636af08
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
62f235b2328ba7663b364421bf49cccda7632a9ae1a306d0413ab933a82be48b
652f42bc2c68823343233b0c24a6a8062e3fe3718258ef715951beae1c9e5598
654c5e0e2199723c4485bdea4d29d35279135d218b8708b04c00d427e4ee1ae3
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0
6a24db8d022da4efece960931e4bd351484e3398a0cd006ef06a86c11f0bec38
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
718bbdabb39de503d2bd89ad6af1a942877c9373c3d4268251a32a9d22f53f14
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
753d4b88e18f157d5c87361d030d34b2a3a8b1674204ae0749024e4976e83527
76aeb87fcae71f4f03a5ae6271efcff60d9b273ca232f50b51ea961815ca8cbf
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
770e67122c5eb3870de2ed06adbb455a043fe69b7906dcbc197aca6ffa0fbf13
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a791b91c688a37d8be245817757717b7217b1df53123b9d9d90f804775d9948
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7ac9ecc45664bb3d6d216d0cd7bb869c4c844a167e53a62ee84f5d2313d7d211
7c946aa71f663be5b0f8705ba7db07ec1bbf0cb6141dbb01cbb6772741a8e608
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e99cae469202590f2a4c1afb6fb984d8a842cabebc849559c3659e1c93bd5f8
7f231390e8c4841ee4f90181ffb22327c18a2f5e87b4e76244ba99851b8d95ed
7fa8e50198a194eee55bc24fe0d3b6f256f2db774048a33267badda9454f6dd5
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
8061c17ad6d7b8805745d8f136437acc8abe498fed1a01cec4d142b55def3c55
8178b0d9aa78d28374d07cee76a30cbb537dd77ddacb6da7c61d824d9c2ef497
81e8f8a1f94dc0aac72dc723a422f7f13e29a684672d4390dc4288d40cd35d24
829fbd93b6a305f09be3a48659e33a960bbdaf8c4ee80ecf68893e1feb234cf5
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
834a2f4d116aa3162084634e39f181a58950fc9a5da6456c5663a8a69b01771f
8374acce1808e3c1002bcd02782240471ca154d79227c8dedfd32c02074d38dc
852875ce4ec7d157f1ee8194dd6156c6025dd18c81862642a880d67ddf763622
85563c7c1fe02750c071af9ea15ca886facc373394cdce2039c0931990ea4a1f
86e07b354a82b7597058f2f470c03c12ea700b4654a49f29a550b41f4525c43d
87495a7a77a04d779d2dbf1510e80786186c6d33840a7a5f669bbc4865fd982a
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
890aefc340c1b2efe49d71cad4618a6c13ac793d2ce7e4d51d301c96393836c4
890fdf47e484671989bdf43a80416d4386ea3114ef7e75aa5522e954f3996cfb
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd
8cf25c21afaad77a4907cafa9ee00ad8a95a0979fb15df0fd09985593de8833e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
8e74ffce485d7f721bb94b623087c910341ebf59a10b0f7a125786b6edba84be
8fb5b9465fe08d0c7818c13251ad7c59293abfd5feb1ab92d432ba0eca57138c
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
905f3e832a6c227b693ee7e42699059758f879ae187977ab22f8e185da6cbdfd
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91bb9babf9b922d9670efbad516ad7b026cc8bf763e1b5aaccb2e58c451e060a
92bdf9f823923f06008184ad2f19dbdc092a1cde89906a222fbd346a4976083c
93feb602a34f6308f7be31051c1fdc482b37a46f85b0b77de667fe482da44799
950e49306d9bef6a4c6200164d2b5161ca9d765e36627b54334038686891ca52
95b1d0c6503ee3f9c89b47407a7cd94d1b3d67fb773df010465b590391e18cd4
967ea8e40fc36dbdd3566b37632808effa8696c7c6167cea116c8d561834a667
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9840d10e6c057d489416711b47e985daabb00a9211e9e78a84a8ac2675a56312
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a038e29db220dc6ff8c7b2ff7242bd2a3407f4b818cd5203a5dd5bbf6c3acc4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e623a26c2d2e1864745e53c1773c1af3da805f0a6252dd04de407a430a32e07
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e
9fd5675a585df4b308f18d51a2e215f5e8213f9b8ad4c403c404bd5226a6e180
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01a36b8b8d11408dc8a46ed765e0e08f2c44711adca177f7c7cd8c320af195f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a351fd92e5702efce917edb3a5fa5e15b0c2c01b05c72004d183ea3cd0ac8cc4
a480aee2e5cb9b240be447dd8659a05ff10fbadd18a0142bf43f6b527e434095
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d35d9ef274a979b27a5ea543942b1e4d7826a242bf4a3474578446ed4b96c1
a63e53abfd30cc5be7558678f3137aaa45dfe79e3577299ad027f259b81d50f5
a6d5721de079d2edfa07da28e19a19f5710dc0ecd3ad982f870fe706733bddcf
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a789216a5b5923f74870e5b02d4f3808cb246bdee2ba8ff232c8f6dde87875c5
a813db0ebfaa78ea76648ec27b7ae3a2e26b6a88740b89d598d1985ca3a4c1b0
a8240580e874bf1ef555d5ee49371d10f7dd004c21a0e64d9d173a315c2fc5cd
a840e639aa809a9a693f3a9f0e16f7eff44818be13f1d74c23bd54845a6c114e
a8ae87a3984a2643eab54e6b257f7ad959ff437f5398a5f34289c991e0fbb30a
a9561368972781e4bce76170f22b8d009e4be64d622afb3421cb86983d403ba8
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
a9d5646624e1a4ac467fe0e1a664007bd8b0b48035445211052b55e0beb865ea
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac0b312f9cb9d890f38d50965cac80da09e0157a74877d144cf9db089963e1ea
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad20a16e21bffbef8a2a6827a865e2c8c419e2ccfd0c49d0c3d2b3cd10e4b21b
ad417c7a7dfac000adc8068e4abd1dde3fb20361579dcd00e1b07b570ce5b18d
aed25060a18e332a994cf95a1e73507390f2557c5a09ec8aebdd96447e3357e6
af826959e3b915ae25f936e25e0384e389fbaa98574273c18e54abf57883c723
b06a8b9e98907af1562a40f22ab914a718becce0ef260ba61c6733f31d33b0a2
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d04efcbd2664c9f89e3c37bebb8a6dab4ddc04382c986639b487eb418736b2
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b4bf8c6d25f01ed4735edb48dcc958d3d89282797762297af97df2a46ca9b85d
b5a2f1c24adedd5e1793e6b1de6f11819f6529e0b68dd83e1bbfbcfce918dcb2
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b8b814cefc8fe9d1ea891eba850f93f66a1332b8f754b30334dff1018a5fcefb
b9982238ba586f833d40d0b929dab219d1c93301e35dac609f246aadc3ccf464
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb456e31c6f9b199040d9a50c6dd63faf5323a8f470ebca13fe715941d27147c
bb5eb269f7e3a3c7feae054946e627ae1ac878d54e33a624aedceb4f36033665
bbdffacc7d4d7406ea299e66e74dee720372b9bebc5b455d3f1d3a803fdbdc20
bbfcaf60464bfc0575986b6bc92fa3768fd3514e7325ec2bdc242c239a0952ec
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c06fdc1bd99e18aa222f3fef4c45956c023f31785912dae163ab417b9deb4812
c1686d80ce4c16690ee8edf25416ec8a72cc6ec2b841e4465bec37efc2928f43
c1954b13c71de8cdb2c0bcf29fe2b3979eaf1b1b88ad96b15b639cc3b1145bdc
c215277d06755175fc5022df97d0282917263f811745c969a0954890b30fc344
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2fac3c3d6d6d5dff814dec41443db2b8bbff672b68e1442a39b83142c007d5c
c32de543e55cdf6a2c7f0e63f9cb69eaef4c68377a3650f7149fb5f9ec43fcf1
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c4d964f9876dbb52b2663d53dea929f745579bcf7a3931741fa9b1911439f39d
c4f5e2784f2836b197a6ca66251124511552dad2313a41fadd4e99e5d28c34c2
c540fe023bbbf187d8ea95dcb54e0e6d33ff3d7ee0ee17cdc0480a117511f2ff
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c685943bda625fc14293f09297b34ece4ac688a912bf8b677c230c4c43081919
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7bfaed9109d332d38ecf90b9717072a23d78ea48905cf903469fdcc1a0e9e5f
ca7ff9a3f6c2e9567b5e0304318ebb79c3ab5608dc39a8dfec3a42b2ca024bfa
cb30a0062f2212374679ae04654d7eae07c153b058d56d74f98ea4c7e2bdc496
cba004cbbdd8509c386f600fa42ec3a79d7d31375172ee621b367a826138f7ee
cbbfc283deb98751e5105f5912f22b7fd5fb0dec833a5075e3a4397347a3daa1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccdf5c04f38cba61a77325c5f3b93dc83a448ee616014c7d000dfc7154b725f7
cdc7e77b96ccc21f84b4966faee31a47adf9eee97540aca839d56999478bff71
ce0df99e01bf7ee46cfb12fdf8873ac4d9b17e3f6b0ba92ed6d19491a1084152
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf49cc272cd6eba5dbbec1b64f87ba80d99cc06e3997ebfc22bd497d4d52bef3
cfc6194ec89056736bd357173afcaf5aeb41de6bdc24795d57b8cae0ff1a9921
d3e5bb05fb467fe9d3022bc27b67dda46a645df439c19d112f1c0e94324b3082
d7a293a4f852efb882d0b95130fb997f6513c0e41a65007d43dbcf451709a129
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d91d208af4387b32a530c9063936044052c7e6ec6e50958fa12449677e252d79
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
d9ae1ff6b8447f4b9b72cd9d7ba7314cbe92d581519187472d49e5538e359559
d9af9bfaf1bc32e633b9e96bb687fe3f0989202fd586d056824f0110282ec495
dab0c8a7c7cc6d355c62f78ac1265c825df7cf511dfd5ce524982b2c57d0a8a7
db297c129a9aa0c906961921eb64e6e07f2c48ae6da83b715e7298c5ff7b3d76
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
dda112be1f5cc80885bd0ac9d73056debf9ba2b60297cf5759885834228207d4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea99048a5f521ead45c333c8602ed243b3937e0907d6f1e7198839a485c3ddd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df2df7ab27ecdbd3544c33a84ca2581c534ffc23048e8edd1dc9006e83507523
df863cb90f32a052467223f4f435c369802334669615b9cf814e5adb0643e68e
df946b6dcd5cc0e10dee91ac7550349110a9cb95faef4211df970ac46acbbb53
e0c915dee9c0e95ca14579e9bed2d3b61345bd77e023a39319664da5f2622db2
e22048c4ca1a89c3bb893fa360ac7a0d49a8417cd05b7d90238a3e255a508207
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40cf12f53823be2946db860a9e5948d5784edc4eb2ef669ecc7f6688533fabe
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e48098e2976ae69faabeff044573dfa865a02283a1a02f4044f7e17fad51d8f7
e50dda78673211ebdeaaa5a17ca9744138b67f9d1c5e265daa0df6db8bf2ad82
e5a65fbe0e10c6a10d22c0cb3f8aae1d7532d7c70c1aa0a4a845f1e1e7b0748b
e712cd0ab0eb3faf1a5a03e4533af305fd8e3e48d733b4f368590d8c491c87b4
e811e414f4376d969d84db459974e258fbea5cb9aaa9fc90049c18946eb2a6e7
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
eada7450f463ca6875c630ad7f529889e22d8391023e364d76e02cdcf86e4f61
eb4006c2064019dddd5641310684f2789cb9c744617f133735bfd4ba514e2f14
ed84c162fa21cc210412b7f8ed6382f7a34dc0d930961067e4e897fc1e21f279
ee539d65a0dee4b994deaf0dd68b1384b8975bd5dd09adcec359ce30d2626e2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f058ff6e4e5c4260d3bb5dfe42338a57272ea58dbe8e60e3688171ac3d4f5a07
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f11884de40899d47234c1cf86074c4e1daf2adf2b83ecff07996dba83044fa47
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2bfdbf7d2df8d37016a17d53674d2799bb77996a763bf2bee8b1f604dd31a9f
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f3f20c973746f8c46e687631274d7d12ea6f92b83def552d85a4dfae1111db1e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7473a96bc1be6e95e90ef09ea6b40ce3870fd2f161ae995a3a321bcc8d91c25
f81cefe63d575068ae5a0dc5d862746f02c9b2eca253eeacd47e35ac46a43272
f844bca815eceffbf6cd2ab4237d8d1f1baa5c29373bd4255decf59dbebe5595
f8b30a2aaa19326c2f546b8e22134512c9e5486fa6fec2f0d1c8ca2bbc8acb04
f9735815c0c8cd868a901ea7750ba8ee2186a646cf206bc3ece5dbb6da2267bc
f9d68ef5cb8c45c19f684228e2673fc376d8920df6e27c1eb5344a62ab6855d8
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8
fd8088042323328c0ab329a44288949cd7be0b5fdecc97a4aae92cbd7e0b26f7
fde69d80f1c687b95dfc33c151fbc9563985129cbd399504a4238cf532bc2fc4
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.diariodocentrodomundo.com.br Open in urlscan Pro 2606:4700::6812:170e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

844 Requests

88 %HTTPS

33 %IPv6

90 Domains

161 Subdomains

99 IPs

13 Countries

14742 kBTransfer

33152 kBSize

99 Cookies

38 Outgoing links

Redirected requests

844 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.diariodocentrodomundo.com.br Open in urlscan Pro
2606:4700::6812:170e Public Scan

Screenshot
Live screenshot

Full Image

844
Requests

88 %
HTTPS

33 %
IPv6

90
Domains

161
Subdomains

99
IPs

13
Countries

14742 kB
Transfer

33152 kB
Size

99
Cookies

844 HTTP transactions
18 data transactions