Submitted URL: http://midianews.com.br/
Effective URL: https://www.midianews.com.br/
Submission: On September 06 via manual from BR — Scanned from DE

Summary

This website contacted 57 IPs in 14 countries across 55 domains to perform 401 HTTP transactions. The main IP is 45.33.101.39, located in Atlanta, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is www.midianews.com.br.
TLS certificate: Issued by R3 on August 29th 2022. Valid for: 3 months.
This is the only time www.midianews.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 82 45.33.101.39 63949 (LINODE-AP...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
54 2606:4700:303... 13335 (CLOUDFLAR...)
9 2a03:2880:f02... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.201.123.184 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.225.78.101 16509 (AMAZON-02)
1 104.96.129.145 16625 (AKAMAI-AS)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
4 4 140.82.121.3 36459 (GITHUB)
2 2606:50c0:800... 54113 (FASTLY)
1 34.102.185.99 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3.22.29.16 16509 (AMAZON-02)
1 16 2a03:2880:f12... 32934 (FACEBOOK)
1 142.250.186.66 15169 (GOOGLE)
2 185.89.211.132 29990 (ASN-APPNEX)
3 2602:803:c003... 26667 (RUBICONPR...)
1 185.184.10.30 203690 (RTB-HOUSE...)
2 6 51.89.9.252 16276 (OVH)
4 35.157.246.167 16509 (AMAZON-02)
3 5.135.209.96 16276 (OVH)
48 2a00:1450:400... 15169 (GOOGLE)
1 15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 216.58.212.162 15169 (GOOGLE)
1 2a04:4e42::485 54113 (FASTLY)
1 2a02:2638::b 44788 (ASN-CRITE...)
1 2a02:2638::2 44788 (ASN-CRITE...)
3 2.18.169.82 16625 (AKAMAI-AS)
1 151.101.130.132 54113 (FASTLY)
4 213.227.153.222 60781 (LEASEWEB-...)
1 66.155.71.25 13768 (COGECO-PEER1)
3 3 3.120.117.165 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
3 16 142.250.181.226 15169 (GOOGLE)
2 2 213.155.156.184 1299 (TWELVE99 ...)
2 2 104.18.18.126 13335 (CLOUDFLAR...)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 52.69.128.25 16509 (AMAZON-02)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
2 199.232.18.132 54113 (FASTLY)
9 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3.33.220.150 16509 (AMAZON-02)
2 2 37.157.5.142 198622 (ADFORM)
1 1 124.146.215.44 2514 (INFOSPHER...)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 3.75.3.113 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 1 52.2.211.96 14618 (AMAZON-AES)
1 1 54.174.178.125 14618 (AMAZON-AES)
1 185.86.137.108 201081 (SMARTADSE...)
1 52.57.48.124 16509 (AMAZON-02)
401 57
Apex Domain
Subdomains
Transfer
82 midianews.com.br
midianews.com.br
www.midianews.com.br
1 MB
69 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
2 MB
55 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
247 KB
54 betzord.com
betzord.com
685 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
1 KB
16 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
1 KB
15 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
657 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.eu.criteo.net — Cisco Umbrella Rank: 5551
csm.eu.criteo.net — Cisco Umbrella Rank: 5700
172 KB
9 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
561 KB
9 denakop.com
v3.denakop.com — Cisco Umbrella Rank: 279145
104 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
1 KB
5 zemanta.com
widgets.zemanta.com — Cisco Umbrella Rank: 9536
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 23707
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 16200
5 KB
5 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 427
region1.google-analytics.com — Cisco Umbrella Rank: 2119
www.google-analytics.com — Cisco Umbrella Rank: 94
38 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1864
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267
2 KB
4 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1251
397 B
4 github.com
github.com — Cisco Umbrella Rank: 2378
10 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
230 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
ajax.googleapis.com — Cisco Umbrella Rank: 480
38 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2997
950 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 420
2 KB
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1474
15 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 5636
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 10082
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 7382
53 KB
3 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 694
3 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 972
www.googleadservices.com — Cisco Umbrella Rank: 159
18 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
www.google.de — Cisco Umbrella Rank: 3469
1 KB
3 gstatic.com
fonts.gstatic.com
73 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 1015
1 KB
2 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 3422
19 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6721
643 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6886
745 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
3 KB
2 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 3331
986 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
2 KB
2 tailtarget.com
d.tailtarget.com — Cisco Umbrella Rank: 75470
d.t.tailtarget.com — Cisco Umbrella Rank: 327130
6 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 799
35 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1116
697 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 7488
613 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 743
861 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1531
463 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1371
55 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 23387
519 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1511
1021 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
265 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5005
104 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
5 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 4008
44 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901
573 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 951
191 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 493
1 KB
1 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 17367
182 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2197
1 btstatic.com
s.btstatic.com — Cisco Umbrella Rank: 9844
13 KB
0 tradermilionarios.co Failed
pubads.tradermilionarios.co Failed
401 55
Domain Requested by
80 www.midianews.com.br 1 redirects www.midianews.com.br
ajax.googleapis.com
54 betzord.com www.midianews.com.br
betzord.com
48 tpc.googlesyndication.com securepubads.g.doubleclick.net
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
tpc.googlesyndication.com
36 securepubads.g.doubleclick.net www.midianews.com.br
securepubads.g.doubleclick.net
www.googletagservices.com
17 pagead2.googlesyndication.com www.midianews.com.br
pagead2.googlesyndication.com
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
16 cm.g.doubleclick.net 3 redirects www.midianews.com.br
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
16 www.facebook.com 1 redirects www.midianews.com.br
connect.facebook.net
15 www.googletagservices.com securepubads.g.doubleclick.net
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
15 www.google.com 1 redirects securepubads.g.doubleclick.net
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
tpc.googlesyndication.com
9 static.criteo.net ads.eu.criteo.com
9 connect.facebook.net www.midianews.com.br
connect.facebook.net
9 v3.denakop.com www.midianews.com.br
v3.denakop.com
6 onetag-sys.com 2 redirects v3.denakop.com
www.midianews.com.br
4 c2shb.pubgw.yahoo.com v3.denakop.com
4 c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 github.com 4 redirects
4 www.googletagmanager.com www.midianews.com.br
betzord.com
www.googletagmanager.com
3 an.yandex.ru 2 redirects c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 widgets.outbrain.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
widgets.outbrain.com
3 prg.smartadserver.com v3.denakop.com
3 fastlane.rubiconproject.com v3.denakop.com
3 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
3 ssl.google-analytics.com www.midianews.com.br
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.midianews.com.br
betzord.com
2 c1.adform.net 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 zem.outbrainimg.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
2 b1t-eudc1.zemanta.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pool.admedo.com 2 redirects
2 b1-eudc1.zemanta.com www.midianews.com.br
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 ib.adnxs.com v3.denakop.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 raw.githubusercontent.com www.midianews.com.br
2 sb.scorecardresearch.com www.midianews.com.br
2 midianews.com.br 2 redirects
1 match.sharethrough.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 sync.srv.stackadapt.com 1 redirects
1 fksnk.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 www.google.de www.midianews.com.br
1 cs.emxdgt.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 im.bluevoox.com 1 redirects
1 tg.socdm.com 1 redirects
1 match.adsrvr.org c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 dclk-match.dotomi.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 pix.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 cc.adingo.jp c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel-sync.sitescout.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 widgets.zemanta.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.midianews.com.br
1 ads.eu.criteo.com c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
1 cdn.jsdelivr.net www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 prebid-us.creativecdn.com v3.denakop.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s.thebrighttag.com s.btstatic.com
1 d.t.tailtarget.com d.tailtarget.com
1 region1.google-analytics.com www.googletagmanager.com
1 s.btstatic.com www.midianews.com.br
1 d.tailtarget.com v3.denakop.com
1 ajax.googleapis.com www.midianews.com.br
0 pubads.tradermilionarios.co Failed www.midianews.com.br
401 74

This site contains links to these domains. Also see Links.

Domain
luck.bet
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.trinix.com.br
betanobr.com
Subject Issuer Validity Valid
midianews.com.br
R3
2022-08-29 -
2022-11-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
denakop.com
Cloudflare Inc ECC CA-3
2021-12-14 -
2022-12-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-11-24 -
2022-11-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-15 -
2022-09-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-10 -
2023-07-10
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
s.btstatic.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-15 -
2023-02-18
a year crt.sh
*.google.de
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
signal.co
Entrust Certification Authority - L1K
2022-02-24 -
2023-02-24
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-21 -
2023-04-22
a year crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-03 -
2022-11-05
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-07-22 -
2022-10-19
3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-03 -
2023-04-04
a year crt.sh
*.zemanta.com
R3
2022-07-22 -
2022-10-20
3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1
2022-04-06 -
2023-04-14
a year crt.sh
*.outbrainimg.com
R3
2022-08-05 -
2022-11-03
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-01 -
2022-11-30
3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-08-21 -
2022-11-23
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2022-05-18 -
2023-06-19
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.sharethrough.com
Amazon
2022-07-14 -
2023-08-12
a year crt.sh

This page contains 32 frames:

Primary Page: https://www.midianews.com.br/
Frame ID: EC7B56489CAA928BCEDD02C24B49CD9C
Requests: 148 HTTP requests in this frame

Frame: https://d.tailtarget.com/profiles.js
Frame ID: 4D83CA665F7673642FF676606EA3F08D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Frame ID: FC3965784D9258845D117714537999D2
Requests: 1 HTTP requests in this frame

Frame: https://betzord.com/betano-promo-link/
Frame ID: 38874EB139899F070F53AE7800FAE444
Requests: 80 HTTP requests in this frame

Frame: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8DA936C838D270AD788CA46D0DF54C6D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4588639086884542&output=html&adk=1812271804&adf=3025194257&lmt=1662430780&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.midianews.com.br%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662430779981&bpp=5&bdt=970&idt=461&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=363436652217&frm=20&pv=2&ga_vid=1043706724.1662430780&ga_sid=1662430780&ga_hid=853744265&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772915&oid=2&pvsid=1626684418093761&tmod=896265436&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=477
Frame ID: 4CB8F1DDA46F64BD12C318A0144EF0BA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0sK-JBWHaMwy5FdvwKGJwrJ6fdnSLFn7X7i3aJ6_7-FXYm4k360wzY8z0wA1ucnZ3ROFgwEWf-Cq9F0J2J-rYi-N_ZQoPKVXo5h1B_L8yHzbYygTpwfYvGMMSR7EO5tFWbpDAeEr9kk-GP6tcpcZtFkLeV3PtyUoTT2bsaJ9vSoCGUBFb6nJSKvyM5YAz-jMHbN6P5Ca6WxQqhBMe2jMZkQwOj87TCANXO3xXj9jiTuH12lrVSri0JrEjhRsY3X35HO66kxd5UO4EXnak0V6caVKyO2Q9illhu2JnPIAwZg0uMR97gzSX0i2hu9YiYwI5s33i8Ngn7A&sai=AMfl-YSK2fVrwTRtvTjNJY9EVmh6RDQCW2lCYu5-bx9e6nRspuuh435fXM-10X1ELBUgMyxEB-yxpLgt6ehIrfIwJVINHUYoqljL1xU1ax6UCXAC7Nm7jwiBMI9K-3ohP5MOig&sig=Cg0ArKJSzEwHza6OKeJlEAE&uach_m=[UACH]&adurl=
Frame ID: 0F373308A92CBF982DC1E40462B8ECC2
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6_box2Hb9u2AYgfQP_VFlCydbVfp6LqmNVepqnQ8P0BtBjUGfS_4yiGiiuGLl8Pad33STHb-EAtHk50xRPZ1zA9j7rwBnGhkMh4OtTgPQrsTRKh3_LBlqNHDxa3TTQ8zDCy34zhe1vPnYVkso5HpfDrlautmdOOF3iL4eQ_xUSaqAdej76Ah0L1TC-8UkjTw8lw-hEuwEuCAWsiewkbBxKYrCltz-lWEuiO6iiFkctaXOnvA3SfjuxYphkqrky5HYsX1z-_RDWrPWNuEC7jCBu0ONk0GKPiqXTKHObbbPULNbTkvYy5EL92HF&sai=AMfl-YRshF2xMc17L-Y8JRsL_5d99Pb3Bj9Z62BTxs9w6ox8zBaS2AAD79blybeFoF-_WTbwajv07tTsonFdarlTE2hGZwUJWtL9V66Bb4Okibrfnqrki_W8MtHNA2odKSH79oQ&sig=Cg0ArKJSzGj096cjXxIlEAE&uach_m=[UACH]&adurl=
Frame ID: 288AEEDA7A41A75E222BE7F9CAC88D0E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFFQqrpK1BqDJazIauZ0a8Z7bn7y6hy9il70Debci9azB599OZyTZBrxp6XUpo41YHTRYNgHBDxOuiL8XXCa31EWGWX6v5njXbdn5JoexSKc6e1BH9DdTLYM8-cyosjWJVqI-kVBV-tN-VCzoj6nriywj30uRxlZZQyyAWH0bOtYwclMQPbOHs1481Hsfr_swpFZs7wGYga9FP32zxa0FRKht6OFIKoWRFTcb8qUgZEvVOj3Rbd1UhQGOgm83GDdbxQ3l1f3-15YoWwEgffaKjBQH5OWzyVPbxJcNhusdyWbKwK7ZcXfBhM3uzeA&sai=AMfl-YRPNrf_6zpfm09yXujfUnwFp0eZhU4EG2q1Atd_XDzjp5NybF6z090i_7oF0IZiWPinGJwZAwSHR59N1rXUMb7yZOo44smStpeLVjfa1hi0aGN5rKJTT5enpOYGegm0BA&sig=Cg0ArKJSzLNVdTBSmIYDEAE&uach_m=[UACH]&adurl=
Frame ID: 4F22876880D1FC6B3DB8DD1FBCE32021
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyxq4ZZ2tSoLBwgD3PQgO6K-7ax00K1Gsb9K_DwmJAg1P51E8ke6RvJJ3JIAcbxMft3HEVoBr-Vs0_m6c16mR17S1KS4kWfiiaTIre0nhxx5pOLc2QoyXaYN2UvUwIs4-DXNY7nUq5iEpDCNfTcA4GyS2OtqUOtjC0UP5E_Bi-ZmqjLVplXRXvdKr9p36QmmgmYcKIhZpnMPXT9mXgHI-mIq_ARaQK0805moiuWRx7se6PzzOknNmuuBRG7nY5vyXxa7iY0PY_JX2TrQVoYODh5S24RTjWQDlajRcBoXgYXY1eGhAKhjVq_PKSwg&sai=AMfl-YShCly1HEXXsAbrB81nG8IxdVkju7Nv8Wqv-2pelWRqhU9VhNfohoSPfAXO9zwFevfxFHPP8i-8psrRVtz9KH8M0VN3fVxK7n7I8UMGLPiJwDsgw1y6EL8MUupo7rV2gw&sig=Cg0ArKJSzEY25QnxqTY3EAE&uach_m=[UACH]&adurl=
Frame ID: DD33558ED769C976F96CCB7C2D001178
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0MRsGnLuS7R6ylv-b9Yo7JdneDOwEF4f_sYIee8MQMGewyn8Ox-IO13Zyn1Rad0ClOo_a4TB-0dniZiR0hgNGZqkHAx-Qtq0C7XowAkSRwv_2rG8qiQmXcUWxfbiVwALKiFkOc7uqf0f3OQNRVAo7_5Ba-k2EnPY1NlRunjptuxKGLFUgayPgeHlW19eAWHYHZ63toug24ZxcPWvk7zLfHNUc2gZ-Zxz3zygBW3vYIWTxPLiyT-ZbTBIBP6P2BrCg6CDVHL4jcmTasv_mRZmixcasSU_yhuDMoa-VxpAqkj3ZcVCkN8mNCIwR4g&sai=AMfl-YRcM4dKFa26EjFYVJk_HPZR_X4tnY9TZar1YNQAp3Lwe9bQS9ecaTBHM9eO26Noj6NMgSLAuJZu5_GvT5LXMAm_4cQ05k-BbkOnhUmTPzWt3NcuQyTWx-BOdUJnQb8cBQ&sig=Cg0ArKJSzObxkWkdOs8OEAE&uach_m=[UACH]&adurl=
Frame ID: 455D17795B2EB34165D811D17ABCD19C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0W95fAmjHrmrEhBjQB8jWoX5ESrWsJuh48wblzr4NQXO_JWogcDAQCqMwaM5SlHCE7FBK7m9N-QYzwT4WVO9dhxgHRBvrjrBMq8Sl9ySj6nVbNx5Io-M7Hki1_Q6R72CXEs2rQzxvGgYPNrvbgpHhvyPpyVo2y7uZo8kT3lj5PCU2YOdx-IZMG3NQEdNTR_BKwwDYac_hGtnt6ihrJs0XTfhHSBke0FQdBex7q6XWecHo2wb6oX9ZvDsbhdHuQPAoUYB9JGWx5uX3QFXJACu9pobPAxI8IcWGXCoKcLNTVyq_dgIIygOVskK1hetoAeqXXubDWVgL&sai=AMfl-YTvsEEq-LOAbypEBxMNvevXf67nPEdFSvwZHLvpOh3EwPZiePJ8GX0QmQ5dv3NBymSxmlUfbrEdumoYT5aECOI9yS-UXmmBby4V2MOVGMJBISGf_g2lyA0jQaofKHqzMQ&sig=Cg0ArKJSzC4N1zWp_e7tEAE&uach_m=[UACH]&adurl=
Frame ID: 7F5769C0D081FC23295AF21C0FDC51EB
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDktrGsl2Dc6DflUCVnKxz0BULJF1Jod01LIRXYkQFC2kW4gV5bkf2jKIugMdlQYB_xGbeO8CqFtbpIZ3BkLBhRdtdDRIOWkXCiWU1lY5byFUZsQrr3EXujdDEBLIcWuEXvgy0BUa3VUsCG3cYkAWzGyUc8McLJjejW1ssoqtcM2DeumlqLhVewlCkNdy6p5LV061LhCN7GqgP0jpNopeGjL8za6Jv-IyfedMaBp8K6lrM3W-XflY9s6QkDva1uQUTiOYzCRl1xmeceMYvg4EXT4PCCnSW_MyNDvJ7oTg6q2fA5iOydT54xOPIeUl3G8qLNA2dI5hG&sai=AMfl-YTQ2ZhTb2aVAfx6BWBV4R59aPOEIQNvKZeXdVl-e1ECSghiSaNyLETJoW-WfJrS3OVot2ZKpIFwC18vNPP_JESMvXTt7cteX29x1p6g3jTvJ-hiy-99eTueHMzqKMUwEw&sig=Cg0ArKJSzA_nx8Nr4t9jEAE&uach_m=[UACH]&adurl=
Frame ID: B2D13D3E76511C212DCCE60D8629DE3C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2P_IUn2R3CfoUfBMBpjV_zaCLRppdxeNrsMw5rLFINwXZ8j0NzzvHhJIblemSIy-KknhRpjI5Le-_3DqSzrhP8RnPfIaBShgduAq_hVImJcBtoFo5uw6XWEwNSdybi0KZmitNiMppYDfhkEO2RQcozcvpqI4mdPA86-j8ybkyChZCLp18Pht5TTv-6yZ3vjsTu63Q5cRxvzb4wz0_zzbmzizKdKboMiO02L-IPXeU8Gfe4_zK6kmPDLw0myasCKtAsd6Xo9lPbKAqL3498uRR4LuPCyFxzEQCat7RATkeDcC7Jg2RXg7n8qbzcA0Gy5LCoXtni_rq&sai=AMfl-YTl2tq006bymRsoV7ULOCchy7guhcoax0a5onezFQeKJHuQETju3FwsH8uQCBbYT_P8jUL_AVRGyw0JJQ1SOC_gTePdt72KqRDfenDTfTsk1wvQOrOUqFeTk3ASUL-h-A&sig=Cg0ArKJSzDSAZkDggz-0EAE&uach_m=[UACH]&adurl=
Frame ID: E27396A550F3F05A305841565D622A3B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsFXoNN_bbopjzJNvQMRR6Qkvj9LBws3Rywe0W249MkIYB6JTNxZlGGS4EVRwWhUucSoQYfrQEH7ddQXvw7m0BDVgdbVzEBGFGqPjvNEBpKPr36BgNfHf-DyU9gxYa6tycjf1WOC8hBEkTHPyqGPdqXw1O3raJGgPjm5m0RNITotKkciGN6P5QsBx7rNzvZIAxPQH--N1idUsInw9zLuyT37LSUlr5ae2djgASlYgtY0nGziuuFoEJyCQjdMOFGX8j0RGPRhz9iuhsOgzXj6v5ViLpPUNVpPzH2D0ZsJKti1isrUWrYY4BiswHy-NK9kVvmeKwub2f&sai=AMfl-YQci8BbEH_ToQ0cdpWf7xptjl_AeaLgBIKC--BN4UYXlWFyv_cRMPWf896bCYV23nBPcX-s6TWPV5mAmPpA6NR7AtSVNzeYMIVdLDzpFLa6rrVAWW5WSK6LaVn2YSpzhw&sig=Cg0ArKJSzLpDRNaXRADkEAE&uach_m=[UACH]&adurl=
Frame ID: 917194FB4B20DA0DD7138BD8FD08F913
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOdiKBDxxowPA8btPrYmncmZgWGJaiGndLi4wlJY7RklCIhTuiQPV-MKe9amXSPG1IXBnAk3jV8MlijU1FEnu7CG6mfg9VY9DjNMoRwe9HwSSp-kOWc4uAWVsJ3QxkTST6g_NzX7Wt8kmuSUR5gJH41rqmWSnPtE_UabGUUH9MCh6038JCBSMbw2linr3jukiHdjF1GSfs7y4CZN5LSPNvAQhSSLglY0vBE0PV12kMzY49crbu6YCkOE3Xqa2y5WTBck06BVDUKor7PQThDC4S-cuq03clr1wjwS6j8vrFihwlU_jZc6jTdZjB37Nv&sai=AMfl-YQoddOb85qdsWQTb9lPsxAqmGFiS6eTjNm6nGvraEU5AiLAmX02TlcuLa-ns8G0LgcUw452TKvrFKXFQEwCjD71_NHKAGOS8nEMG-iPU6ec1efvUPJ6X8pns9vslSPgiw&sig=Cg0ArKJSzCRqgDCIEEgkEAE&uach_m=[UACH]&adurl=
Frame ID: 257FBEC2EE637E06EDDDEB7747B8B8CE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu19xyT0FCxr6NViKDNB5LhkwK0vWfbwbvMCBpjELiW8Z_59A-4Vm4WY66T8VvAFwj5yAToiieUoWfmEuvLx5lWJR8EA3s_4_MoXInTlH3ORrn04DY66wLCWSI7Ey_H6QHll4rQNRRbV3hDlUlArJyn7HmSv0qmtryeIOFOuXH0uML9qVhufgb3oTNL3DsnVm_q1O-7QhPrlcAyg6QrRtF_qmqOMpgbMEV8dHBRVrspor7muK7TuHXXymEzIxO-WbRVNlgVFgBb6dIUL0EHbMeiOdCaCfspk194lTz4x8gaD5GKuETIgQAxxNXYg0Jbe-jwbuv4DHG4&sai=AMfl-YTI8Y-eAsmSrDeaFoK7I7sjRddISaaW_ARhDetRca0mAjj60e-OgxvlhPA3SSW7kDuCwneGFyuGVBHN_reREFDLc8MTe3zlwGpPcGaCYwlAhza-LkFkAmMxgAh3RHT88g&sig=Cg0ArKJSzFx-43ie_2KEEAE&uach_m=[UACH]&adurl=
Frame ID: 649939959135CE50B18C310251069A2F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstQRa-Rj-t1QJNGgDvgdKdjRgiaR6G3FHm0bxVd5vyUJe-Kli8bzd2SkHyXGLk05qcwj2Sv1hylTm-G3-nq8HIOa35KlmyDwhYX-jw8d6KtM0mabvLhQg6TJAC9BEueNykRCN36iTSMhg0hAnIGxspjR7A8r8QXPx46_5yl9ryoJc2Cm_KJz-FslsUT-nFY1PwOYPjkYS0gSua-tUNk8COfXLJeM_76O2lGlisF6lLB3NQRB96ZZu_a_IezU85fj6-T2CriwmrmKXBOVMoJezpJuZdavnkiD8zk_yxPLMhILKyoYfcclNaGEAOjw5kASU84yRgws0&sai=AMfl-YQlmPfGqKP1eEeygr7FWAk45HsJiYDhiSUhJAFEzD8sGpbqXdPwxKyT9RPMUKMTwZMfM-ZQO7Ktc3g_4JBnb_VwyKd2C6hjeRX3piep4txkwubpuNRISLdQMTsaAhAwcg&sig=Cg0ArKJSzDWv2IMbyzkEEAE&uach_m=[UACH]&adurl=
Frame ID: 3F49456B8727E2C6F3F7A0C1A3F564EE
Requests: 8 HTTP requests in this frame

Frame: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 783F50FE4F0820AB25C174B1459476E2
Requests: 14 HTTP requests in this frame

Frame: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 48E2CB23B1F51E1CFDFF651136379883
Requests: 10 HTTP requests in this frame

Frame: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EE39398DFC26D7E822564421DD77B0FA
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Frame ID: 234A508A6EA5F1C0EE4FF616D11CF474
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB7D6D7E440E4B2D7BDFA60A43730E54
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 74FEAF1269E83A4C10DE3203119147F0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64D84E4BB79D8080A2358BC0173B5AEF
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34d9856de3a09%2526domain%253Dwww.midianews.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.midianews.com.br%25252Ff1dd7a9e9d558a4%2526relation%253Dparent.parent%26container_width%3D390%26height%3D120%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FMidiaNews%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D380
Frame ID: 544468B1ED59ECA440E9C6EA8CE9C0CB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E819D21AE24DFC5A8D789F0ED68AB924
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8288FEC55DC963875BF37A33F70CAEF1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E7271279E04FD9C942FE3320A061691F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3025F11A65BDACB41AC453C13AF9B974
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF560CCDAB3064E4AF0BDD2A42059F23
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 776F999F7903A11B7F2CA363B7CAB1C4
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

MidiaNews

Page URL History Show full URLs

  1. http://midianews.com.br/ HTTP 301
    https://midianews.com.br/ HTTP 301
    http://www.midianews.com.br/ HTTP 301
    https://www.midianews.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //s\.btstatic\.com/tag\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

401
Requests

96 %
HTTPS

43 %
IPv6

55
Domains

74
Subdomains

57
IPs

14
Countries

7575 kB
Transfer

14883 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://midianews.com.br/ HTTP 301
    https://midianews.com.br/ HTTP 301
    http://www.midianews.com.br/ HTTP 301
    https://www.midianews.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100
  • https://github.com/feliphedev/luck/blob/main/Export/5.png?raw=true HTTP 302
  • https://github.com/feliphedev/luck/raw/main/Export/5.png HTTP 302
  • https://raw.githubusercontent.com/feliphedev/luck/main/Export/5.png
Request Chain 338
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECr7s21WwLutFS6ugxH_Dik&google_cver=1&google_push=AehlK4C54Mc22hZTTHWJDhsVG5dpkx5zJQdFct_B6KF8eGZp8nvwn2QFl3PQHvx6zCH7bhK3fP-uJHc6FhTcZLe-AmVp0CQ59tE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECr7s21WwLutFS6ugxH_Dik&google_cver=1&google_push=AehlK4C54Mc22hZTTHWJDhsVG5dpkx5zJQdFct_B6KF8eGZp8nvwn2QFl3PQHvx6zCH7bhK3fP-uJHc6FhTcZLe-AmVp0CQ59tE HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7eb53307-b4df-4ea9-afc6-a7b1cf25f22e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7eb53307-b4df-4ea9-afc6-a7b1cf25f22e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ce8992fa-8c04-495d-a997-ac134f80a0cb&user_group=1&ssp=google&bsw_param=7eb53307-b4df-4ea9-afc6-a7b1cf25f22e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4C54Mc22hZTTHWJDhsVG5dpkx5zJQdFct_B6KF8eGZp8nvwn2QFl3PQHvx6zCH7bhK3fP-uJHc6FhTcZLe-AmVp0CQ59tE&google_hm=frUzB7TfTqmvxqexzyXyLg==
Request Chain 339
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEF-PPEML6HETzsBiogZuh1g&google_cver=1&google_push=AehlK4DFXMiG_LCPP3yeZ9m_8lBHJMYg7K4LsWEm-jdjVKGuKFffWTXj2Gyc0j19KobS96yMCzg3wQVw1yNjvATRkLl6ESs4eQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEF-PPEML6HETzsBiogZuh1g&google_cver=1&google_push=AehlK4DFXMiG_LCPP3yeZ9m_8lBHJMYg7K4LsWEm-jdjVKGuKFffWTXj2Gyc0j19KobS96yMCzg3wQVw1yNjvATRkLl6ESs4eQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DFXMiG_LCPP3yeZ9m_8lBHJMYg7K4LsWEm-jdjVKGuKFffWTXj2Gyc0j19KobS96yMCzg3wQVw1yNjvATRkLl6ESs4eQ
Request Chain 340
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELgj0GRj3s6xEHiOC4Le37s&google_cver=1&google_push=AehlK4CTscHjwyRvItcMZdg04hqmWOfOlaEb4tM5XoErcht-4qdyWzOWQFaaZ9a_JO5hu2UahDfFhvQS6Q6Fk1uTzMFpK6fpk9M HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELgj0GRj3s6xEHiOC4Le37s&google_push=AehlK4CTscHjwyRvItcMZdg04hqmWOfOlaEb4tM5XoErcht-4qdyWzOWQFaaZ9a_JO5hu2UahDfFhvQS6Q6Fk1uTzMFpK6fpk9M&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELgj0GRj3s6xEHiOC4Le37s&google_hm=YxauQcHqlcQUC8BfJAjDaAAABF0AAAIB&google_nid=index&google_push=AehlK4CTscHjwyRvItcMZdg04hqmWOfOlaEb4tM5XoErcht-4qdyWzOWQFaaZ9a_JO5hu2UahDfFhvQS6Q6Fk1uTzMFpK6fpk9M
Request Chain 341
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENicrq04qvoHSPJqDui6M10&google_cver=1&google_push=AehlK4AZ3msuJre-idLa0TBIgi-ivaEemnGqg3znNDkWD7xB4D73jHUOZHk5jTQX_3OD3Ea791Q1VWUEGk83UK3sJn8cyDAazBk HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4AZ3msuJre-idLa0TBIgi-ivaEemnGqg3znNDkWD7xB4D73jHUOZHk5jTQX_3OD3Ea791Q1VWUEGk83UK3sJn8cyDAazBk&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1662430785480 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5604b7a8-7587-41d5-8a5b-cf577aadb447-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4AZ3msuJre-idLa0TBIgi-ivaEemnGqg3znNDkWD7xB4D73jHUOZHk5jTQX_3OD3Ea791Q1VWUEGk83UK3sJn8cyDAazBk%26google_hm%3DA1YEt6h1h0HVilvPV3qttEc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AZ3msuJre-idLa0TBIgi-ivaEemnGqg3znNDkWD7xB4D73jHUOZHk5jTQX_3OD3Ea791Q1VWUEGk83UK3sJn8cyDAazBk&google_hm=A1YEt6h1h0HVilvPV3qttEc
Request Chain 343
  • https://an.yandex.ru/mapuid/google/CAESEBtpsXs_gD_7Abp_1CHNB8o?ext-param=AehlK4DzlTEJp9MPelexjrGup9KfD79uO8TZv2j6JXujDIdpFX_xO_DqPtRpDkXJGn3V59K9-_r3uqwNQhfEa6WehKfbAePMosM&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEBtpsXs_gD_7Abp_1CHNB8o?redir-setuniq=1&ext-param=AehlK4DzlTEJp9MPelexjrGup9KfD79uO8TZv2j6JXujDIdpFX_xO_DqPtRpDkXJGn3V59K9-_r3uqwNQhfEa6WehKfbAePMosM&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBtpsXs_gD_7Abp_1CHNB8o&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 367
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN2YF5KPRJVW4fEdN_nXmWQ&google_cver=1&google_push=AehlK4AhgssbYKkezxnnOifyaYcPE20NcRia2BOQtRISIkjH75F3P9PVtYnixgYwvycrIRy4UnQlIHVfXI7RSPScCBqrpzI8yu9N HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN2YF5KPRJVW4fEdN_nXmWQ&google_cver=1&google_push=AehlK4AhgssbYKkezxnnOifyaYcPE20NcRia2BOQtRISIkjH75F3P9PVtYnixgYwvycrIRy4UnQlIHVfXI7RSPScCBqrpzI8yu9N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NTcxNDczNTQ0NTUzMzI2MA&google_push=AehlK4AhgssbYKkezxnnOifyaYcPE20NcRia2BOQtRISIkjH75F3P9PVtYnixgYwvycrIRy4UnQlIHVfXI7RSPScCBqrpzI8yu9N
Request Chain 368
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECIMclgc5MaMDMyAYKKEhiA&google_cver=1&google_push=AehlK4AAKiZFMazeo_fRXitsZOKpDvoJjgtElc9LNl1vT5AsjM627CtmNl-9Zdb0LRJjtouPAlwDlo2VkFps7cAIilzD-_uYVy9v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4AAKiZFMazeo_fRXitsZOKpDvoJjgtElc9LNl1vT5AsjM627CtmNl-9Zdb0LRJjtouPAlwDlo2VkFps7cAIilzD-_uYVy9v&google_hm=WXhhdVFzQ284WHNBQU51SzhRZ0FBQUFB
Request Chain 369
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEPOfUW0fEkzIB33TAXFxzNM&google_cver=1&google_push=AehlK4BxvTQR4TYqg-mbMQTKbqoHJkJ0mbp9q4ieg3cnwaStoJhdcUxZL_culxef1yxB6YrEsjHMrzAZ32pHCSw72WnVMpKszjIZ7g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AehlK4BxvTQR4TYqg-mbMQTKbqoHJkJ0mbp9q4ieg3cnwaStoJhdcUxZL_culxef1yxB6YrEsjHMrzAZ32pHCSw72WnVMpKszjIZ7g&google_hm=QlMuZWZhMy0xODY2LTQ2NjMtOTZmZA==
Request Chain 371
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH8uf7WP_Vue21PzavEop3E&google_cver=1&google_push=AehlK4BpakK6Zjj-WCuC7Js-lF2rcYSp3FKhLfkb1gfWbID-qH5WNQ_fsyxxi8UomycumAGgNsOa8mUYEjl2IaLA3VOoC64NxpCTsw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BpakK6Zjj-WCuC7Js-lF2rcYSp3FKhLfkb1gfWbID-qH5WNQ_fsyxxi8UomycumAGgNsOa8mUYEjl2IaLA3VOoC64NxpCTsw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 379
  • https://github.com/feliphedev/luck/blob/main/Export/8.png?raw=true HTTP 302
  • https://github.com/feliphedev/luck/raw/main/Export/8.png HTTP 302
  • https://raw.githubusercontent.com/feliphedev/luck/main/Export/8.png
Request Chain 380
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10926351255/?random=414449120&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&ref=https%3A%2F%2Fwww.midianews.com.br%2F&tiba=Betano%20-%20B%C3%B4nus%20Cadastro%20(M1)%20-%20BETZORD&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Qa4WY4r3IpmG9fgP-KGVkAE&sscte=1&crd=&eitems=ChAI8LzWmAYQlu7pz-CI4pwZEh0AQVJMdZ4tftYGA3eWY1E2heyZL4egbj7SXPr4eA HTTP 302
  • https://www.google.com/pagead/1p-conversion/10926351255/?random=414449120&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&ref=https%3A%2F%2Fwww.midianews.com.br%2F&tiba=Betano%20-%20B%C3%B4nus%20Cadastro%20(M1)%20-%20BETZORD&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Qa4WY4r3IpmG9fgP-KGVkAE&cid=CAQSKQCsnQUxL7bq4T1f2pu3dENRg01geYhelm5f_5fPtykj68TTeG2X35kc&eitems=ChAI8LzWmAYQlu7pz-CI4pwZEh0AQVJMdWANWukfYw39xGkHg14I_lnbgktHaKKJvQ&random=3831245806&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/10926351255/?random=414449120&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&ref=https%3A%2F%2Fwww.midianews.com.br%2F&tiba=Betano%20-%20B%C3%B4nus%20Cadastro%20(M1)%20-%20BETZORD&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Qa4WY4r3IpmG9fgP-KGVkAE&cid=CAQSKQCsnQUxL7bq4T1f2pu3dENRg01geYhelm5f_5fPtykj68TTeG2X35kc&eitems=ChAI8LzWmAYQlu7pz-CI4pwZEh0AQVJMdWANWukfYw39xGkHg14I_lnbgktHaKKJvQ&random=3831245806&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 382
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENCJxtlKS1Yqhla8qOBWavk&google_cver=1&google_push=AehlK4DzOhZjYwrZRC57skOdgX85mQ2BKvjoT0Aefe0qYWi4Zi_eBasdhrFBn8Wj2tlqI-4IujMddWHmdE5ccvXR9RXNg4JVtJY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DzOhZjYwrZRC57skOdgX85mQ2BKvjoT0Aefe0qYWi4Zi_eBasdhrFBn8Wj2tlqI-4IujMddWHmdE5ccvXR9RXNg4JVtJY
Request Chain 383
  • https://fksnk.com/cs/google?google_gid=CAESEPulF_SUdH_IHDw-9nd6aYc&google_cver=1&google_push=AehlK4D7lQAHsadQF48rv9vVrqHyrQNshrCGrm0eUOHsj1D5c8x777-N5-d0gnV-nl8aC9Dj5YH-NBIm9m5J3kBv1sNRCA9h84U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Rjg2NDI0RTRBMjRFNzJBQw==
Request Chain 384
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECaJpChm0xum8PREro-tWCo&google_cver=1&google_push=AehlK4C5Il6iwjZxNlynnp6BXJFqdl1PiTR3kjgaNkDm6cn_9EIU7TfNy_uJ3LfY29yN171URBqGkYVclG3P0fct27WRFOyXrmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wrU-CBmfRcNNUxW_nhLUgrnVm6Y&google_push=AehlK4C5Il6iwjZxNlynnp6BXJFqdl1PiTR3kjgaNkDm6cn_9EIU7TfNy_uJ3LfY29yN171URBqGkYVclG3P0fct27WRFOyXrmg
Request Chain 387
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH8uf7WP_Vue21PzavEop3E&google_cver=1&google_push=AehlK4AxKYWHNOtW-YRrtr2sCcwEK9ij-hgPHeVsa8QybswDe3RxfmOforuWK0rwejDPxT3fDsaSbk_FygPCu0Q3ckxIvgMLtMER HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4AxKYWHNOtW-YRrtr2sCcwEK9ij-hgPHeVsa8QybswDe3RxfmOforuWK0rwejDPxT3fDsaSbk_FygPCu0Q3ckxIvgMLtMER HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 400
  • https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34d9856de3a09%26domain%3Dwww.midianews.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.midianews.com.br%252Ff1dd7a9e9d558a4%26relation%3Dparent.parent&container_width=390&height=120&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FMidiaNews%2F&locale=pt_BR&sdk=joey&show_facepile=true&small_header=true&width=380 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34d9856de3a09%2526domain%253Dwww.midianews.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.midianews.com.br%25252Ff1dd7a9e9d558a4%2526relation%253Dparent.parent%26container_width%3D390%26height%3D120%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FMidiaNews%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D380

401 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.midianews.com.br/
Redirect Chain
  • http://midianews.com.br/
  • https://midianews.com.br/
  • http://www.midianews.com.br/
  • https://www.midianews.com.br/
146 KB
26 KB
Document
General
Full URL
https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 / PHP/5.6.40
Resource Hash
aa6fb1d6c4803553e608ce1c6554dde575b089c336ca325a702ab4063d43ce46

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-1
Date
Tue, 06 Sep 2022 02:19:42 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.20.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Tue, 06 Sep 2022 02:19:41 GMT
Location
https://www.midianews.com.br/
Server
nginx/1.20.1
bootstrap.min.css
www.midianews.com.br/assets/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://www.midianews.com.br/assets/css/bootstrap.min.css
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-1d970"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
site.css
www.midianews.com.br/assets/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://www.midianews.com.br/assets/css/site.css?v=1.46
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
b4cde435f8d4e4f6c07a4330c981ed4aa78282d405d5006d4deaa24414f54db3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 16:01:38 GMT
Server
nginx/1.20.1
ETag
W/"60c23762-50f2"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
css
fonts.googleapis.com/
722 B
881 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19c459b0ed66b69066cef6ca25981e3c5252bb0712e6307769acdafb59ddfbf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 01:03:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 02:19:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 02:19:42 GMT
css
fonts.googleapis.com/
14 KB
798 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1dc3cf8cf7fc81c77157a4573f51abc66a6f1ec914d066c01d0ae7312d0afa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 02:19:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 02:19:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 02:19:42 GMT
core.css
www.midianews.com.br/css/
48 KB
10 KB
Stylesheet
General
Full URL
https://www.midianews.com.br/css/core.css?v=4.1
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
912fb56663067a41c422af71a64d6fb1960c0a0fdd6d1245ad20954b7f7f34f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Feb 2021 18:08:57 GMT
Server
nginx/1.20.1
ETag
W/"601843b9-bf1a"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
royalslider.css
www.midianews.com.br/assets/css/royalslider/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.midianews.com.br/assets/css/royalslider/royalslider.css?v=2.0
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
e320e9f0884f09b22a629d22d37c76fcb2fa8af2755625e9c2ba9b8d8bda861f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-10ae"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
rs-default.css
www.midianews.com.br/assets/css/royalslider/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.midianews.com.br/assets/css/royalslider/rs-default.css?v=2.0
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
53654c79f1deee792bdc698e5c4b21966ffe073efacaccc02f991c8a6cd7b17e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-2347"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
lightbox.min.css
www.midianews.com.br/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.midianews.com.br/css/lightbox.min.css
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
6ae3e827093ff912ba2929226fdd8392ad58e6112466f2adbd2c2e72cd794a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-a30"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
lightbox-plus-jquery.min.js
www.midianews.com.br/js/
95 KB
33 KB
Script
General
Full URL
https://www.midianews.com.br/js/lightbox-plus-jquery.min.js?v=1.0
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
ae4b20c803567c87abc0beda0cc094d8da0a5f095cd2c9320827bf67e007106d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-17a32"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 18:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 18:17:53 GMT
functions.js
www.midianews.com.br/js/
7 KB
3 KB
Script
General
Full URL
https://www.midianews.com.br/js/functions.js?v=2.1
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
9649f3eaa72a40b5e168856d520e02edef356e58afd63f13a13a06ae01bd6b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Feb 2020 19:03:00 GMT
Server
nginx/1.20.1
ETag
W/"5e3b1164-1d6d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
fsmenu.js
www.midianews.com.br/javascript/
8 KB
3 KB
Script
General
Full URL
https://www.midianews.com.br/javascript/fsmenu.js?v=2.0
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
2d51145820144285bcf5e2f592a5cd75539f19f81073b2f5bb7393498c5c95d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-1e02"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
jquery.royalslider.min.js
www.midianews.com.br/assets/js/royalslider/
50 KB
17 KB
Script
General
Full URL
https://www.midianews.com.br/assets/js/royalslider/jquery.royalslider.min.js?v=2.0
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
47687bb3c5bfbf7f754a55283e73e5ee62a676045f5450b06709591b9536cb0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-c6f1"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
utils.js
www.midianews.com.br/js/
6 KB
3 KB
Script
General
Full URL
https://www.midianews.com.br/js/utils.js?v=2.3
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
15d7881f8562e2522ff7c5e4ffa785208bcd4b22f14515940dab22654b1a3619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-186a"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
jQuery.countdown.js
www.midianews.com.br/extensions/countdown/
30 KB
8 KB
Script
General
Full URL
https://www.midianews.com.br/extensions/countdown/jQuery.countdown.js?v=2.0
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
7691e9db5e0fc7fe8f7cfc6776b3972629e875d0c84ce7cc657273271ddfec5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-78c1"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:42 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
164 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad5dfeb19dec30de9f0b17bbf6a8661536cf28e08389c01a010ade0f0c6df7d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57405
x-xss-protection
0
server
cafe
etag
2653166386037881749
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 02:19:43 GMT
js
www.googletagmanager.com/gtag/
203 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D58P3EH9SX
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d6962346a4ec1739f5a8248c3eb92e153ea396cf75419a594910d4df111176c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73925
x-xss-protection
0
expires
Tue, 06 Sep 2022 02:19:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28557
x-xss-protection
0
server
sffe
etag
"1325 / 345 of 1000 / last-modified: 1662156382"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Sep 2022 02:19:43 GMT
denakop.js
v3.denakop.com/
60 KB
19 KB
Script
General
Full URL
https://v3.denakop.com/denakop.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf36f5ee3b211c138d24511daef077a9e6188f9d7536b88e0fa6caf64dc173d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
876
last-modified
Wed, 17 Aug 2022 02:19:31 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"62fc5033-eee6"
x-frame-options
DENY
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
7463b8aafbe19be6-FRA
expires
Tue, 06 Sep 2022 03:19:43 GMT
logo-midianews.png
www.midianews.com.br/images/midianews/
17 KB
17 KB
Image
General
Full URL
https://www.midianews.com.br/images/midianews/logo-midianews.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
f0d9fb8b836cc9e034d892057653f8823cbbe6334f24b7f5527d74f01cf4ec36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-4306"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17158
Expires
Thu, 06 Oct 2022 02:19:43 GMT
lupa.png
www.midianews.com.br/images/midianews/
3 KB
4 KB
Image
General
Full URL
https://www.midianews.com.br/images/midianews/lupa.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
0b81e9574347441a999ddb046f1c06fc57f750cf60551f07f733fd92a824b775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-d28"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3368
Expires
Thu, 06 Oct 2022 02:19:43 GMT
icon-face.png
www.midianews.com.br/images/midianews/
4 KB
4 KB
Image
General
Full URL
https://www.midianews.com.br/images/midianews/icon-face.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
8b3431cfb87c8627d221e2f3158b9f759cc77409a57198dc91e4b7adc7d6b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-f65"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3941
Expires
Thu, 06 Oct 2022 02:19:43 GMT
icon-twitter.png
www.midianews.com.br/images/midianews/
4 KB
4 KB
Image
General
Full URL
https://www.midianews.com.br/images/midianews/icon-twitter.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
3b8687c475537d90b9ccab551ba8196e47e91557513508331329be1267f205b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-ff1"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4081
Expires
Thu, 06 Oct 2022 02:19:43 GMT
icon-youtube.png
www.midianews.com.br/images/midianews/
4 KB
4 KB
Image
General
Full URL
https://www.midianews.com.br/images/midianews/icon-youtube.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
58b88f2f65ed4b6ef09c637e435881935f2ab062df7027bcaa4472be089d34c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-1077"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4215
Expires
Thu, 06 Oct 2022 02:19:43 GMT
icon-instagram.png
www.midianews.com.br/images/midianews/
4 KB
4 KB
Image
General
Full URL
https://www.midianews.com.br/images/midianews/icon-instagram.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
e9e490018b852367302eff3132df65a8aefa2e9607c3fd9ac44828111b8c9d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-100b"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4107
Expires
Thu, 06 Oct 2022 02:19:43 GMT
bet365-banner.png
www.midianews.com.br/imagens/
9 KB
9 KB
Image
General
Full URL
https://www.midianews.com.br/imagens/bet365-banner.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
61e6c4245c2c0c24172e329a0d4e16d1188a84d0ecf84bd6eb13baaba25a16c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 01 Feb 2021 15:39:34 GMT
Server
nginx/1.20.1
ETag
"601820b6-22f8"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8952
Expires
Thu, 06 Oct 2022 02:19:43 GMT
transp.gif
www.midianews.com.br/imagens_clientes/
43 B
351 B
Image
General
Full URL
https://www.midianews.com.br/imagens_clientes/transp.gif
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-2b"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 06 Oct 2022 02:19:43 GMT
ef9e4d2d7c835ff65c4c4c21de7d2984.jpg
www.midianews.com.br//storage/webdisco/2016/07/09/347x231/
16 KB
17 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2016/07/09/347x231/ef9e4d2d7c835ff65c4c4c21de7d2984.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
a7c22e48c9ff81c2e3872a993ff4fee129432d23bd5dc8614ba5a82029e09854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Sat, 09 Jul 2016 19:52:15 GMT
Server
nginx/1.20.1
ETag
"578155ef-41ac"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16812
Expires
Thu, 06 Oct 2022 02:19:43 GMT
d606338f51137aea7d520f13ca8e3032.jpg
www.midianews.com.br//storage/webdisco/2022/01/26/347x231/
22 KB
22 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/01/26/347x231/d606338f51137aea7d520f13ca8e3032.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
bedbde9941bbaf9a7752b54096569e70c842f80a95027fafa2911fae1255b3e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Wed, 26 Jan 2022 21:09:56 GMT
Server
nginx/1.20.1
ETag
"61f1b8a4-5757"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22359
Expires
Thu, 06 Oct 2022 02:19:43 GMT
7fbfd70af16f7e5d79e126731d6894e5.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/160x100/
4 KB
4 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/160x100/7fbfd70af16f7e5d79e126731d6894e5.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
507a6deb912a1798bb4e1ab383b364024e492febcb6cab11d0f5f09ec263ffcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 20:10:15 GMT
Server
nginx/1.20.1
ETag
"631657a7-ed0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3792
Expires
Thu, 06 Oct 2022 02:19:43 GMT
d9d0b2c85ad48265a6d6f5a3dfb27fda.png
www.midianews.com.br//storage/webdisco/2022/09/05/160x100/
36 KB
37 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/160x100/d9d0b2c85ad48265a6d6f5a3dfb27fda.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
342ed53c87c79ec68b1211b84369685952d912f147600fe32b997cc23e6195e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 14:21:10 GMT
Server
nginx/1.20.1
ETag
"631605d6-914e"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37198
Expires
Thu, 06 Oct 2022 02:19:43 GMT
f836e111f92af440853c9ee200fe2e62.jpg
www.midianews.com.br//storage/webdisco/2022/03/11/160x100/
6 KB
6 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/03/11/160x100/f836e111f92af440853c9ee200fe2e62.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
9468356e44d3e78eccb60a2b7d2064c20924c2e7f036770104c291a3930c99a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Fri, 11 Mar 2022 19:35:05 GMT
Server
nginx/1.20.1
ETag
"622ba469-16ed"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5869
Expires
Thu, 06 Oct 2022 02:19:43 GMT
183f5f42b3951b73952e0e8f85dd4d51.jpg
www.midianews.com.br//storage/webdisco/2021/12/01/347x231/
14 KB
14 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2021/12/01/347x231/183f5f42b3951b73952e0e8f85dd4d51.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
b281401cd2cb866f33e67b6165eb6320548563769bd9062df23a092c3c6732c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Wed, 01 Dec 2021 20:59:48 GMT
Server
nginx/1.20.1
ETag
"61a7e244-37c5"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14277
Expires
Thu, 06 Oct 2022 02:19:43 GMT
video_player.png
www.midianews.com.br/imagens_clientes/
50 KB
50 KB
Image
General
Full URL
https://www.midianews.com.br/imagens_clientes/video_player.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
be0d843347693f8fc5d99fa222441a925b1347c3d00e7d5b2f34edacd43caaa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-c655"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50773
Expires
Thu, 06 Oct 2022 02:19:43 GMT
ea13820f6be76c537e63bc6b910b8545.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/438x291/
17 KB
17 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/438x291/ea13820f6be76c537e63bc6b910b8545.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
ffae4ab2133dca46a19c118b9ee3dae1a22c3c47ed6e7b02f038052faa014f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 19:27:11 GMT
Server
nginx/1.20.1
ETag
"63164d8f-4340"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17216
Expires
Thu, 06 Oct 2022 02:19:43 GMT
9a5ddf016fdceab82bc69af78a150c88.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/438x291/
17 KB
18 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/438x291/9a5ddf016fdceab82bc69af78a150c88.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
76a2f7541043a1d102be6aeee50a652ba044b3576c77c46ad500f508165aa97d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 20:00:33 GMT
Server
nginx/1.20.1
ETag
"63165561-4509"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17673
Expires
Thu, 06 Oct 2022 02:19:43 GMT
cab1077bf07b0f0154d0a278f57fb11e.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/438x291/
11 KB
11 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/438x291/cab1077bf07b0f0154d0a278f57fb11e.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
1d837a75fde817c90c2089b11718efa16270b9144845135da2ffc4d73b06da35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 19:01:52 GMT
Server
nginx/1.20.1
ETag
"631647a0-2c6c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11372
Expires
Thu, 06 Oct 2022 02:19:43 GMT
bb9a3d078f074ad2d4b5715f8a0ec3f2.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/capa/default/G1/
31 KB
31 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/capa/default/G1/bb9a3d078f074ad2d4b5715f8a0ec3f2.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
6cc75b6b10aabe3b82f29165906db978e755d807d4cb81dbbd66b759dc3aa9fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 19:38:31 GMT
Server
nginx/1.20.1
ETag
"63165037-7cbe"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31934
Expires
Thu, 06 Oct 2022 02:19:43 GMT
9a6b96184ae3a6edffac0abe25503e6a.jpg
www.midianews.com.br//storage/webdisco/2020/11/24/capa/default/G2/
29 KB
29 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2020/11/24/capa/default/G2/9a6b96184ae3a6edffac0abe25503e6a.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
1a5280b4cc6aaf220be89b14e5fe43f7d4b309b9b2857cdb83300e827d1faf06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 19:40:01 GMT
Server
nginx/1.20.1
ETag
"63165091-7473"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29811
Expires
Thu, 06 Oct 2022 02:19:43 GMT
c4798fdb8ef8c67eb939aa5257940402.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/capa/default/G3/
68 KB
68 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/capa/default/G3/c4798fdb8ef8c67eb939aa5257940402.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
cdd6bc8efe20c6f68a0aa0e11455964193da8c357d17efc6ddaaf32953fb976c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 21:01:35 GMT
Server
nginx/1.20.1
ETag
"631663af-10fd8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69592
Expires
Thu, 06 Oct 2022 02:19:43 GMT
88bf730430786c424ce79e7f1685f33e.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/capa/default/G4/
49 KB
49 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/capa/default/G4/88bf730430786c424ce79e7f1685f33e.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
2aaac5256a4f623cb40a8057f74a134889a9d954abb4016f66dbf541fa101390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 19:51:28 GMT
Server
nginx/1.20.1
ETag
"63165340-c469"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50281
Expires
Thu, 06 Oct 2022 02:19:43 GMT
997808d7cacb57eb66de92d43cb2312f.jpg
www.midianews.com.br//storage/webdisco/2020/01/07/160x100/
5 KB
5 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2020/01/07/160x100/997808d7cacb57eb66de92d43cb2312f.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
23bcd1e945d612588a79b266bb6a01ea7cd5a641e25eae3b4575e868a369efd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Tue, 07 Jan 2020 19:11:49 GMT
Server
nginx/1.20.1
ETag
"5e14d7f5-1417"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5143
Expires
Thu, 06 Oct 2022 02:19:43 GMT
d0c7be8f7001fca3d3a627cb3950ac47.jpg
www.midianews.com.br//storage/webdisco/2020/05/14/160x100/
5 KB
6 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2020/05/14/160x100/d0c7be8f7001fca3d3a627cb3950ac47.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
ff3890b6f4d743a8fce82c571c2b8a25367173d4a2e286049b7e9a03624742f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Thu, 14 May 2020 20:20:56 GMT
Server
nginx/1.20.1
ETag
"5ebda828-14d2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5330
Expires
Thu, 06 Oct 2022 02:19:44 GMT
fe9bf2683e71a94c0ac89add24e54b91.jpg
www.midianews.com.br//storage/webdisco/2022/08/01/160x100/
4 KB
4 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/08/01/160x100/fe9bf2683e71a94c0ac89add24e54b91.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
4a8ce8033b92cd063b6990fadaed034f6933fc19fd98eed16d9342055089569a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 01 Aug 2022 13:02:20 GMT
Server
nginx/1.20.1
ETag
"62e7cedc-f44"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3908
Expires
Thu, 06 Oct 2022 02:19:44 GMT
726cd343b2a708ac3652d77a81bb3b31.jpg
www.midianews.com.br//storage/webdisco/2019/04/03/160x100/
6 KB
6 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2019/04/03/160x100/726cd343b2a708ac3652d77a81bb3b31.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
a04d9e53f8300a24e9e15ec1782587a232eadf639107a1810d8352cdd7e280e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Wed, 03 Apr 2019 19:57:35 GMT
Server
nginx/1.20.1
ETag
"5ca5102f-1778"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6008
Expires
Thu, 06 Oct 2022 02:19:44 GMT
f44d738342a428dc364f5890867d26e8.jpg
www.midianews.com.br//storage/webdisco/2019/09/04/714x370/
57 KB
57 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2019/09/04/714x370/f44d738342a428dc364f5890867d26e8.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
7b0ad030377103e7b7c66bcbdccdf92d9601def6c0afa21a4504968a8155a0e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Wed, 04 Sep 2019 20:57:00 GMT
Server
nginx/1.20.1
ETag
"5d70251c-e40b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58379
Expires
Thu, 06 Oct 2022 02:19:44 GMT
6d3ef40a7fc8ceece2833fa0230747fe.jpg
www.midianews.com.br//storage/webdisco/2022/08/26/714x370/
55 KB
55 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/08/26/714x370/6d3ef40a7fc8ceece2833fa0230747fe.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
69eb443bc6694b3c17937b8b5a0c46f1354b505728ec3c3e29f453966ee37df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Fri, 26 Aug 2022 15:43:10 GMT
Server
nginx/1.20.1
ETag
"6308ea0e-dbf0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56304
Expires
Thu, 06 Oct 2022 02:19:44 GMT
eea1c1c9a50f8b65a1d3d38b8bf680d4.jpg
www.midianews.com.br//storage/webdisco/2022/08/20/285x189/
7 KB
7 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/08/20/285x189/eea1c1c9a50f8b65a1d3d38b8bf680d4.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
f3635b677d876c635672bd18b5631497e2770ff846f71a8b58c6f4a584cbd9b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Sat, 20 Aug 2022 19:40:11 GMT
Server
nginx/1.20.1
ETag
"6301389b-1c7b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7291
Expires
Thu, 06 Oct 2022 02:19:44 GMT
7333030ec2ac7efccf3688a0f7c2879c.jpg
www.midianews.com.br//storage/webdisco/2022/07/18/285x189/
17 KB
17 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/07/18/285x189/7333030ec2ac7efccf3688a0f7c2879c.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
6fbd033817ac90769da963b040d59ea7bcc27ca89feaac58c24190d096de4fe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 18 Jul 2022 22:14:11 GMT
Server
nginx/1.20.1
ETag
"62d5db33-43c7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17351
Expires
Thu, 06 Oct 2022 02:19:44 GMT
a31ed4e4c0960f9392e1fadf5093cb4f.jpg
www.midianews.com.br//storage/webdisco/2018/10/15/285x189/
20 KB
20 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2018/10/15/285x189/a31ed4e4c0960f9392e1fadf5093cb4f.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
b97ae48d8861ed70484655de2d1dc43ac5f28741f9fa4a9afc3266bf822de56e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 15 Oct 2018 19:17:19 GMT
Server
nginx/1.20.1
ETag
"5bc4e7bf-4e97"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20119
Expires
Thu, 06 Oct 2022 02:19:44 GMT
8b402b0f427687fb0046f17a1513d8e7.jpg
www.midianews.com.br//storage/webdisco/2022/08/24/285x189/
13 KB
13 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/08/24/285x189/8b402b0f427687fb0046f17a1513d8e7.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
a48c580b44c66572d8303050643f83eedafbc0cf6e72a50974e1de101b20c289

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Wed, 24 Aug 2022 14:39:10 GMT
Server
nginx/1.20.1
ETag
"6306380e-32c6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12998
Expires
Thu, 06 Oct 2022 02:19:44 GMT
fbc311f40c249b93c6513d2139fbba7d.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/285x189/
13 KB
13 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/285x189/fbc311f40c249b93c6513d2139fbba7d.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
e80c08d9002b2023b276fa768d1a28f911380251fd370b969de3762b054ded99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 18:58:00 GMT
Server
nginx/1.20.1
ETag
"631646b8-32d7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13015
Expires
Thu, 06 Oct 2022 02:19:44 GMT
0854127099bfce4fd9766aef3d351bf2.jpg
www.midianews.com.br//storage/webdisco/2022/09/01/347x231/
19 KB
19 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/01/347x231/0854127099bfce4fd9766aef3d351bf2.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
bad0e1e1ad6979ad3c9648638b2a2b4edb9b352266567c45f54f3fcf5c9b279e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Thu, 01 Sep 2022 18:17:46 GMT
Server
nginx/1.20.1
ETag
"6310f74a-4aa0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19104
Expires
Thu, 06 Oct 2022 02:19:44 GMT
slick.min.js
www.midianews.com.br/js/
42 KB
11 KB
Script
General
Full URL
https://www.midianews.com.br/js/slick.min.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-a76e"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:43 GMT
slick.css
www.midianews.com.br/css/
2 KB
923 B
Stylesheet
General
Full URL
https://www.midianews.com.br/css/slick.css
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
58023f0aaa39c2e92e4c00e18b1225d85ea70edc0ce1d413c4e8ca7c1411ba14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-6ef"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:43 GMT
56795636637422c9ade09b7ce9bf7bee.jpg
www.midianews.com.br//storage/webdisco/2021/08/20/438x291/
22 KB
22 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2021/08/20/438x291/56795636637422c9ade09b7ce9bf7bee.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
1db7d44704755e9c28e1d3f515e793a8b6a85663059d041d44fd73ae3ba8d42b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Sat, 21 Aug 2021 00:14:09 GMT
Server
nginx/1.20.1
ETag
"61204551-57b3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22451
Expires
Thu, 06 Oct 2022 02:19:44 GMT
a03d28af2ac64af662cdc02e33e616a0.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/438x291/
16 KB
16 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/438x291/a03d28af2ac64af662cdc02e33e616a0.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
987abdc0d0c5ec8650aa0d5c62d49aad4010b0fc2737d1834ab47d219ffc7679

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 14:38:14 GMT
Server
nginx/1.20.1
ETag
"631609d6-40b5"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16565
Expires
Thu, 06 Oct 2022 02:19:44 GMT
0cc58c469e18b6904cde4789ada1b00e.jpg
www.midianews.com.br//storage/webdisco/2022/06/02/438x291/
24 KB
24 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/06/02/438x291/0cc58c469e18b6904cde4789ada1b00e.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
0e1cd27ce1389ff9207ad3e0dcdaf4c44c481daa9d09761f70e6979d3c5dfee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Thu, 02 Jun 2022 12:31:24 GMT
Server
nginx/1.20.1
ETag
"6298ad9c-6079"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24697
Expires
Thu, 06 Oct 2022 02:19:44 GMT
9132c49468b4e8f32af7ef1cd713e091.jpg
www.midianews.com.br//storage/webdisco/2021/08/20/438x291/
21 KB
21 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2021/08/20/438x291/9132c49468b4e8f32af7ef1cd713e091.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
e4a64254faf739f183a340f61ebe6d78ba159256d1dc741373a9e688a88a5abb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Sat, 21 Aug 2021 00:13:50 GMT
Server
nginx/1.20.1
ETag
"6120453e-547a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21626
Expires
Thu, 06 Oct 2022 02:19:44 GMT
9e5429953ba037a47fe8bf53cafb5e6c.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/714x370/
53 KB
53 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/714x370/9e5429953ba037a47fe8bf53cafb5e6c.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
fef50df80b512700a5aa2a99410cbbd3c523956845f8bd401b1011fba9f02d6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 16:01:30 GMT
Server
nginx/1.20.1
ETag
"63161d5a-d294"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53908
Expires
Thu, 06 Oct 2022 02:19:44 GMT
eff25466adfe022caae5d9b150f86f14.jpg
www.midianews.com.br//storage/webdisco/2022/07/22/347x231/
25 KB
25 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/07/22/347x231/eff25466adfe022caae5d9b150f86f14.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
8f87f2ab71330470e510981533d22d6ac55dcc75173a22be6ec27530397a1f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Fri, 22 Jul 2022 21:07:36 GMT
Server
nginx/1.20.1
ETag
"62db1198-63ab"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25515
Expires
Thu, 06 Oct 2022 02:19:44 GMT
ce7c45362d4fe744648f23f21044c357.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/347x231/
14 KB
14 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/347x231/ce7c45362d4fe744648f23f21044c357.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
892f079f73641958d6fc0b56ee76a533ff224f2f499be1ba7d8980ba169314f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 14:23:11 GMT
Server
nginx/1.20.1
ETag
"6316064f-364c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13900
Expires
Thu, 06 Oct 2022 02:19:44 GMT
c7d17ebda106f6f6f87e921ae45e8a26.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/438x291/
29 KB
30 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/438x291/c7d17ebda106f6f6f87e921ae45e8a26.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
d8c595a5b0479a513c9d27f70b1df33033bf9167c1cdfcceca7ad536093e4c19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 20:51:00 GMT
Server
nginx/1.20.1
ETag
"63166134-74d0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29904
Expires
Thu, 06 Oct 2022 02:19:44 GMT
644b2da71b8e0dcc2c905cd7c6f2486d.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/160x100/
5 KB
6 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/160x100/644b2da71b8e0dcc2c905cd7c6f2486d.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
77509214fd2c40d8513031709d7bbde71809641e6d25e55fc92ff17cc487aeb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 15:30:26 GMT
Server
nginx/1.20.1
ETag
"63161612-158f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5519
Expires
Thu, 06 Oct 2022 02:19:44 GMT
fd2b82f963b74516aec7bc4eea170c47.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/160x100/
7 KB
7 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/160x100/fd2b82f963b74516aec7bc4eea170c47.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
e18fb623e19dbf67eaf2da9c925788c700f7f93b793b8c11e03b4e2844363ef0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 12:07:35 GMT
Server
nginx/1.20.1
ETag
"6315e687-1b4b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6987
Expires
Thu, 06 Oct 2022 02:19:44 GMT
dd93e31cb594a9d4b779881e4fbdf46b.jpg
www.midianews.com.br//storage/webdisco/2022/05/27/714x370/
47 KB
48 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/05/27/714x370/dd93e31cb594a9d4b779881e4fbdf46b.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
fcf445b5cf2f66e831a787508b926f87c0d174c4ec72a3dbc42b96660ffbaa41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Fri, 27 May 2022 13:50:35 GMT
Server
nginx/1.20.1
ETag
"6290d72b-bd7f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48511
Expires
Thu, 06 Oct 2022 02:19:44 GMT
e85e25e8ee6518a64077ced6843f0a51.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/714x370/
62 KB
62 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/714x370/e85e25e8ee6518a64077ced6843f0a51.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
dae2874fc0990d4fcbde2281ae55c7fde320feac2586cd4835878d36fbf21595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 13:52:08 GMT
Server
nginx/1.20.1
ETag
"6315ff08-f60b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62987
Expires
Thu, 06 Oct 2022 02:19:44 GMT
944ce91794315f9cfb3d57fd67ed8d15.jpg
www.midianews.com.br//storage/webdisco/2019/06/11/347x231/
35 KB
35 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2019/06/11/347x231/944ce91794315f9cfb3d57fd67ed8d15.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
ce38172175a1df78e6a9c3250721bccbac8b5638d0fc3f8a6d54ac5f8acef3ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Tue, 11 Jun 2019 12:30:38 GMT
Server
nginx/1.20.1
ETag
"5cff9eee-8c4a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35914
Expires
Thu, 06 Oct 2022 02:19:44 GMT
769b80d1c45821d6ee66d57cb8e99dae.png
www.midianews.com.br//storage/webdisco/2022/09/05/347x231/
111 KB
111 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/347x231/769b80d1c45821d6ee66d57cb8e99dae.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
814cd1e7250a145599e2dade4bc032e8d7d6b4283a36bbd2ed7476cb935590e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 11:51:25 GMT
Server
nginx/1.20.1
ETag
"6315e2bd-1bbf8"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113656
Expires
Thu, 06 Oct 2022 02:19:44 GMT
3e0401e89c1f4b112cfad0fa268a5160.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/160x100/
3 KB
4 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/160x100/3e0401e89c1f4b112cfad0fa268a5160.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
e3a9f01b71b0bdaf166506c4fb4f0f82da67c94ca170a1164f31f7c4735f930c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Mon, 05 Sep 2022 12:53:55 GMT
Server
nginx/1.20.1
ETag
"6315f163-dc9"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3529
Expires
Thu, 06 Oct 2022 02:19:44 GMT
ico_trinix.png
www.midianews.com.br/imagens_clientes/
1 KB
2 KB
Image
General
Full URL
https://www.midianews.com.br/imagens_clientes/ico_trinix.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
79b61357c5ad94a4a4889d84d174e4191af616f89ba30f205d85d4ed626b1bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-5a9"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1449
Expires
Thu, 06 Oct 2022 02:19:44 GMT
bootstrap.min.js
www.midianews.com.br/assets/js/
36 KB
10 KB
Script
General
Full URL
https://www.midianews.com.br/assets/js/bootstrap.min.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
W/"5c40be27-90b5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 06 Oct 2022 02:19:43 GMT
teste.js
betzord.com/teste1/js/
165 B
739 B
Script
General
Full URL
https://betzord.com/teste1/js/teste.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4d264d7dd2a8df1c977c1a63468a7fa2c483587ccaa1bff5ddd455a1293bfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49692
cf-polished
origSize=326
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 07 Jul 2022 14:47:03 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ou4%2BqNAwhM0K3F7HFV4VPLj8e85QjJdDx2V1Jb99br1X15i%2F00N4MXvDgHWwuAomvCpYsl%2BsU4rrX8jEkhfUfdtUKXEeuJVWGZCVojIkBy%2FyHyeg1nb7873IiE2BoctpDhF4pCs9WrG%2Bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8ab89a59052-FRA
expires
Mon, 12 Sep 2022 12:31:31 GMT
all.js
connect.facebook.net/pt_BR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/all.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/js/functions.js?v=2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78565aa100f2967d39274a0b41a6a02cc69b60935deb66cff3dea00a3f78d32d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Zt4h7Xs1/pqRgOZJty72sA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1684
x-fb-rlafr
0
x-fb-debug
bwhxjBCJ6+qDzPs1DyDwdrwi2ccQdeYxAiSeQJumH+aPa8x0GBPDwWooS6eES3CjsJp6YIND8ihye3qp9GCMyg==
x-fb-trip-id
917726464
x-fb-content-md5
54916d7cc5d1701748b7a19e57e00949
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"080d1725f6d1d2b2615380b6383fcd6c"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 06 Sep 2022 02:29:22 GMT
fbevents.js
connect.facebook.net/en_US/
100 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26752
x-xss-protection
0
pragma
public
x-fb-debug
QSro5lMZVCzXmBr0pzNoQsNYNNCt47ljcUJvjxy0e8T77EoEmQSt8Y/upvVXowdaXvn9mzrYyWsIzQGIsE+vjA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
publicidade.png
www.midianews.com.br/imagens_clientes/
2 KB
2 KB
Image
General
Full URL
https://www.midianews.com.br/imagens_clientes/publicidade.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/css/core.css?v=4.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
56f2c428468478ca2e92c5c1555d4c6507f93e988ce7060a8826d3efe3462631

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/css/core.css?v=4.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-638"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1592
Expires
Thu, 06 Oct 2022 02:19:43 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.midianews.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 19:24:57 GMT
x-content-type-options
nosniff
age
456886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12372
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:19:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 19:24:57 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.midianews.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 03:24:20 GMT
x-content-type-options
nosniff
age
428123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:24:20 GMT
titilliumtext25l002.woff
www.midianews.com.br/css/font-face/
47 KB
47 KB
Font
General
Full URL
https://www.midianews.com.br/css/font-face/titilliumtext25l002.woff
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/css/core.css?v=4.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
792db9b277ced9b3fbf6dd26ffa1917cf0eb31b8c8f04f898e01b77cbb0c8c47

Request headers

Referer
https://www.midianews.com.br/css/core.css?v=4.1
Origin
https://www.midianews.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-bc84"
Content-Type
font/woff
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48260
Expires
Thu, 06 Oct 2022 02:19:43 GMT
comment-ico.gif
www.midianews.com.br/imagens_clientes/
1 KB
1 KB
Image
General
Full URL
https://www.midianews.com.br/imagens_clientes/comment-ico.gif
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/css/core.css?v=4.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
aa025e2380fe9621f8ea4501a1471d3995e082c5c5f99248e122d020774949e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/css/core.css?v=4.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-4c5"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1221
Expires
Thu, 06 Oct 2022 02:19:43 GMT
grab.png
www.midianews.com.br/assets/css/royalslider/
555 B
555 B
Image
General
Full URL
https://www.midianews.com.br/assets/css/royalslider/grab.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/assets/css/royalslider/royalslider.css?v=2.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/assets/css/royalslider/royalslider.css?v=2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx/1.20.1
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html
ff41c479b69b3cf2b826fd1a1d6db0f6.jpg
www.midianews.com.br//storage/webdisco/2022/06/29/714x370/
47 KB
47 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/06/29/714x370/ff41c479b69b3cf2b826fd1a1d6db0f6.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
3b05a4325a8a10dfe496ce053ae7b2255e11e2eb7d91a35f6c5419749101d7be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Wed, 29 Jun 2022 20:18:14 GMT
Server
nginx/1.20.1
ETag
"62bcb386-bcbd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48317
Expires
Thu, 06 Oct 2022 02:19:43 GMT
3535c3099160d469d8d4d8e5936e7716.jpg
www.midianews.com.br//storage/webdisco/2022/09/05/714x370/
62 KB
62 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/09/05/714x370/3535c3099160d469d8d4d8e5936e7716.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
58407f510891934f8d9582a0396e1033aaa881b1cd62567a5eefe73b467c7a6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Mon, 05 Sep 2022 21:26:36 GMT
Server
nginx/1.20.1
ETag
"6316698c-f71c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63260
Expires
Thu, 06 Oct 2022 02:19:43 GMT
7e14bd1890c60e1953441c000a562758.jpg
www.midianews.com.br//storage/webdisco/2022/05/06/714x370/
37 KB
37 KB
Image
General
Full URL
https://www.midianews.com.br//storage/webdisco/2022/05/06/714x370/7e14bd1890c60e1953441c000a562758.jpg
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
9a18d45bfd667fa3ed6f0f0143ee6e282125fcb6607c1f79f20f912d8247a101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Fri, 06 May 2022 15:51:17 GMT
Server
nginx/1.20.1
ETag
"627543f5-924d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37453
Expires
Thu, 06 Oct 2022 02:19:43 GMT
rs-default.png
www.midianews.com.br/assets/css/royalslider/
3 KB
3 KB
Image
General
Full URL
https://www.midianews.com.br/assets/css/royalslider/rs-default.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/assets/css/royalslider/rs-default.css?v=2.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
219480468b7ffa3679aa0ef8f86a2737453555563989d608dda82767f4273d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/assets/css/royalslider/rs-default.css?v=2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:43 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-a42"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2626
Expires
Thu, 06 Oct 2022 02:19:43 GMT
midianews.com.br
v3.denakop.com/ad-request/10208/desktop/
1 KB
805 B
Script
General
Full URL
https://v3.denakop.com/ad-request/10208/desktop/midianews.com.br
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e006282e0bccdbb003e146d1a914f7c1595e6eaf049d37c8798919c8abf454d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.midianews.com.br/
Origin
https://www.midianews.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.midianews.com.br
cache-control
private, max-age=1800
access-control-allow-credentials
true
cf-ray
7463b8ac1c629be6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
profiles.js
d.tailtarget.com/ Frame 4D83
13 KB
6 KB
Script
General
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 15:19:09 GMT
content-encoding
gzip
age
39634
x-guploader-uploadid
ADPycdv9v4hdNZIVLi-XPEzywJaSdwFSsHiACua5fTKfBMJxanjpoyqDbWvwIwO5BwN4_tVt2ovraZxTg7z4C5LWv1S__citV97B
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5285
last-modified
Tue, 26 Apr 2022 18:06:37 GMT
server
UploadServer
etag
"dc1d2d4b8c01f1a6828c106065a1cc45"
x-goog-hash
crc32c=h/RHkA==, md5=3B0tS4wB8aaCjBBgZaHMRQ==
content-language
en
x-goog-generation
1650996397234828
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5285
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 06 Sep 2022 15:19:09 GMT
all.js
connect.facebook.net/pt_BR/
306 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/pt_BR/all.js?hash=c9fede4f55c4b13b340cc03a35de7ed5
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
813174d65db921db5c12d5f02739093f3ff60d9819b3dcf80697910087cd4af8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.midianews.com.br/
Origin
https://www.midianews.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
0cxPBjshZJ19mmI9Wsjckg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88030
x-fb-rlafr
0
x-fb-debug
wXV9OPzAOsmjcPZZuk+0OkIMQeg0AtU+feVCeeaHoF1puki9JHFU3CfEKgwBGlLRc+E3hM8OzyhwFuX5JK7cCA==
x-fb-content-md5
631bf0b45ad136df16f67e41ef8ca4b3
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6b1d48035d887fd1097140e3f17730d8"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 06 Sep 2023 00:37:36 GMT
197423277906772
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/197423277906772?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17203239bbc144a37b1585eeccb0e79c1ad97ff4bfd162b2aff0242e9cd37686
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
zALNh+UfdeqCAuPnwGothtRXG8R5o4f0rx5RlXF+4/hMYwFcIyL/dlWETv5jjPwxYx8zyOuGxLlnQzFtdy7ljw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
comment_count_capa.php
www.midianews.com.br/
1 KB
602 B
XHR
General
Full URL
https://www.midianews.com.br/comment_count_capa.php?cids=0,429502,429499,429473,429483,429498,429490,429456,429467,429484,429485,429486,429487,429437,429438,429439,429440,429474,429469,429449,429455,429450,429156,429478,429441,429244,429472,429445,429459,429496,429458,429466,429436,429476,429453,429464,429433,429444
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 / PHP/5.6.40
Resource Hash
a7bb79cdf59762c1f781725784af1540ab3623fef2e842a182789167fcc0f73d

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.midianews.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 02:19:44 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1719
date
Tue, 06 Sep 2022 01:51:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 06 Sep 2022 03:51:04 GMT
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 03:41:54 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
81553
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
re8B2K0GQfD6rS4pqcGOL4BVhFwihU_ZJsFq2n4yHtVfUwnxwgIfXg==
tag.js
s.btstatic.com/
34 KB
13 KB
Script
General
Full URL
https://s.btstatic.com/tag.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.129.145 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-129-145.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
M1.rBdFPkYUZAqbwA8PPsZwez29wDB5e
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 18:58:47 GMT
Server
nginx
ETag
"00faca760dbffa8181ab5101a52189e7"
Vary
Accept-Encoding
P3P
CP=NOI DSP COR NID
Cache-Control
max-age=14400
Date
Tue, 06 Sep 2022 02:19:43 GMT
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
12525
pubads_impl_2022083001.js
securepubads.g.doubleclick.net/gpt/
379 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 21:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131975
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 08:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Sep 2023 21:31:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
268 B
169 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.midianews.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af992227dd12b34e368993cb20005359f2e014751dd48dcf25c7b81bc201523d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144
x-xss-protection
0
expires
Tue, 06 Sep 2022 02:19:43 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/
343 KB
121 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4588639086884542&plah=www.midianews.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f27f075f01318877ef46a7a96c852f201b89888537081ca3e6176ee765f361d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123678
x-xss-protection
0
server
cafe
etag
2297252430614578698
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 02:19:43 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/ Frame FC39
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67395
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 07:36:28 GMT
etag
8616628553774171045
expires
Mon, 19 Sep 2022 07:36:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
351 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D58P3EH9SX&gtm=2oe8v0&_p=853744265&cid=1043706724.1662430780&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662430780&sct=1&seg=0&dl=https%3A%2F%2Fwww.midianews.com.br%2F&dt=MidiaNews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D58P3EH9SX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
betzord.com/betano-promo-link/ Frame 3887
88 KB
16 KB
Document
General
Full URL
https://betzord.com/betano-promo-link/
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5bd05f316c77f15885d8ddbf3ad20703deda79de95ef2fe938d517d21f3b10

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7463b8ad89d08fca-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 02:19:43 GMT
expires
Tue, 06 Sep 2022 02:19:43 GMT
last-modified
Mon, 05 Sep 2022 23:52:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4tgc%2FAhqdqJR32IZnygcJnyewmlPEdSJwvUqNAZsaUejgf0l034I%2B35KXGMtdCyXHJyPEE0m10psfftbf98%2FWwyTSyIu%2FDFE2g7NFJ2CxkAuHGJk1u8ADI%2B8TdGnyY%2BLspAp8C1BXz74A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-turbo-charged-by
LiteSpeed
medianews
pubads.tradermilionarios.co/api/hit/view/
0
0

5.png
raw.githubusercontent.com/feliphedev/luck/main/Export/
Redirect Chain
  • https://github.com/feliphedev/luck/blob/main/Export/5.png?raw=true
  • https://github.com/feliphedev/luck/raw/main/Export/5.png
  • https://raw.githubusercontent.com/feliphedev/luck/main/Export/5.png
937 KB
938 KB
Image
General
Full URL
https://raw.githubusercontent.com/feliphedev/luck/main/Export/5.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
81bcff743f08fa5b47d52abdcc77b10b70921b94a066390924792f2854ae9bab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-fastly-request-id
5eb13de66c205256cc1f99a2e2c83e4365a672d7
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
x-cache-hits
0
vary
Authorization,Accept-Encoding,Origin
content-length
959820
x-xss-protection
1; mode=block
x-served-by
cache-hhn4076-HHN
x-github-request-id
846E:2584:1CD97B7:1EBECC4:6316AE40
x-timer
S1662430784.477668,VS0,VE156
x-frame-options
deny
date
Tue, 06 Sep 2022 02:19:44 GMT
source-age
0
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
etag
W/"d1c5602ad86a0a01d58687164137336d5486a81b92b399b71ef9a0a07234b355"
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:24:44 GMT

Redirect headers

date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
content-length
0
x-xss-protection
0
location
https://raw.githubusercontent.com/feliphedev/luck/main/Export/5.png
referrer-policy
no-referrer-when-downgrade
server
GitHub.com
x-github-request-id
EC92:196F:1E83766:205D08D:6316AE3F
x-frame-options
deny
expect-ct
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
text/html; charset=utf-8
access-control-allow-origin
https://render.githubusercontent.com
cache-control
no-cache
permissions-policy
interest-cohort=()
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events *.actions.githubusercontent.com wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src render.githubusercontent.com viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
prev.png
www.midianews.com.br/images/
1 KB
2 KB
Image
General
Full URL
https://www.midianews.com.br/images/prev.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/css/lightbox.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-550"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1360
Expires
Thu, 06 Oct 2022 02:19:44 GMT
next.png
www.midianews.com.br/images/
1 KB
2 KB
Image
General
Full URL
https://www.midianews.com.br/images/next.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/css/lightbox.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-546"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1350
Expires
Thu, 06 Oct 2022 02:19:44 GMT
loading.gif
www.midianews.com.br/images/
3 KB
3 KB
Image
General
Full URL
https://www.midianews.com.br/images/loading.gif
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/css/lightbox.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-acf"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2767
Expires
Thu, 06 Oct 2022 02:19:44 GMT
close.png
www.midianews.com.br/images/
280 B
590 B
Image
General
Full URL
https://www.midianews.com.br/images/close.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/css/lightbox.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.33.101.39 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1043-39.members.linode.com
Software
nginx/1.20.1 /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:44 GMT
Last-Modified
Thu, 17 Jan 2019 17:40:55 GMT
Server
nginx/1.20.1
ETag
"5c40be27-118"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
280
Expires
Thu, 06 Oct 2022 02:19:44 GMT
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/gif
prebid.js
v3.denakop.com/
264 KB
82 KB
Script
General
Full URL
https://v3.denakop.com/prebid.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce72c682f13871a709e2f1c080b9e903ade3ee7a61159336e5d2518ff996e59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
386
cf-polished
origSize=270602
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=rQMPa04lYfPRUq6YB4dpVJnqNn4V2000qfHFZ9VmH8c-1662430783-0-AbxPtcAuoPqSMANVHLopJiAY5HPU9K9lJmSaQVUVC2iA3R1FyNIC91tQH25kUS9ku96WR3SwUU-MPEKsV4EbGvg; report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 Aug 2022 22:10:47 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6303fee7-4210a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=rQMPa04lYfPRUq6YB4dpVJnqNn4V2000qfHFZ9VmH8c-1662430783-0-AbxPtcAuoPqSMANVHLopJiAY5HPU9K9lJmSaQVUVC2iA3R1FyNIC91tQH25kUS9ku96WR3SwUU-MPEKsV4EbGvg"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/javascript
cf-ray
7463b8ae2e6a690a-FRA
cf-bgj
minify
profile
d.t.tailtarget.com/ Frame 4D83
92 B
300 B
Script
General
Full URL
https://d.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 06 Sep 2022 03:19:43 GMT
b
sb.scorecardresearch.com/
0
188 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=25705027&cs_it=b3&cv=3.8.0.210223&ns__t=1662430780253&ns_c=windows-1252&c7=https%3A%2F%2Fwww.midianews.com.br%2F&c8=MidiaNews&c9=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-101.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
eeay8Lv3hAVru23hZN_wwg7JUf9muw6zcdYR41_YmszpiejyZ4ETBg==
x-cache
Miss from cloudfront
__utm.gif
ssl.google-analytics.com/r/
35 B
54 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=782087587&utmhn=www.midianews.com.br&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=MidiaNews&utmhid=853744265&utmr=-&utmp=%2F&utmht=1662430780281&utmac=UA-27990930-1&utmcc=__utma%3D23984678.1043706724.1662430780.1662430780.1662430780.1%3B%2B__utmz%3D23984678.1662430780.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1838001911&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=2007015784&utmhn=www.midianews.com.br&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=MidiaNews&utmhid=853744265&utmr=-&utmp=%2F&utmht=1662430780287&utmac=UA-7850056-1&utmcc=__utma%3D23984678.1043706724.1662430780.1662430780.1662430780.1%3B%2B__utmz%3D23984678.1662430780.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Sep 2022 11:50:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52155
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.midianews.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.midianews.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=1626684418093761&vrg=2022083001&nw_id=13524368&nslots=17&pub_url=https%3A%2F%2Fwww.midianews.com.br%2F&sig=1&req=0&req_cnt=5&dm=8
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
416 KB
31 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1626684418093761&correlator=2207133751363851&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=13524368%2CMC%2CCAPA825x120_01%2CCHD%2CCM1%2CARROBACAPA01%2CARROBACAPA02%2CARROBACAPA03%2CARROBACAPA04%2CCMF1%2CPOPUP%2CARROBACAPA05%2CARROBACAPA06%2CCAPAVERT300x600_01&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13&prev_iu_szs=825x120%2C825x120%2C380x120%2C670x90%2C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C250x250%2C300x250%2C300x250%2C300x600&ifi=2&adks=159180267%2C3373427831%2C3084779689%2C2185403285%2C2871245313%2C989076358%2C777692875%2C2044435768%2C2126542927%2C3148882446%2C2466024905%2C2369906890%2C3311723979&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1662430780378&lmt=1662430780&dlt=1662430779011&idt=1292&adxs=183%2C230%2C1037%2C308%2C1130%2C1145%2C1130%2C1130%2C226%2C-9%2C1138%2C1138%2C1138&adys=259%2C2613%2C259%2C1619%2C1443%2C2360%2C3250%2C3342%2C6336%2C-9%2C4351%2C4642%2C4933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C-1%7C8%7C9%7C10&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.midianews.com.br%2F&frm=20&vis=1&psz=825x120%7C945x120%7C367x120%7C945x878%7C315x1%7C315x330%7C315x503%7C315x503%7C840x40%7C0x-1%7C322x250%7C322x250%7C322x600&msz=825x-1%7C825x-1%7C380x-1%7C915x1%7C315x1%7C285x1%7C315x1%7C315x1%7C840x20%7C0x-1%7C300x250%7C300x250%7C300x600&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C2%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1043706724.1662430780&ga_sid=1662430780&ga_hid=853744265&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c603b78d20100985bb55078ae36b386c07acbb75d9a98f117415c8c831f60254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31733
x-xss-protection
0
google-lineitem-id
5021831254,-2,34395568,36518008,5176317023,4983313177,5038032124,5380933887,5591439741,-2,4482565630,29052208,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385306854,-2,73579191928,138390927519,138401368964,138403960078,138269935309,138368849518,138360141216,-2,138253203973,138249741315,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
42 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1626684418093761&correlator=2207133751363851&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=13524368%2CBDEST1260X250_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=1260x250&ifi=15&adks=3242420574&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1662430780391&lmt=1662430780&dlt=1662430779011&idt=1292&adxs=170&adys=616&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.midianews.com.br%2F&frm=20&vis=1&psz=1290x150&msz=1260x-1&fws=0&ohw=0&ga_vid=1043706724.1662430780&ga_sid=1662430780&ga_hid=853744265&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dae40f39602ce4f090d040740ccd9fa08bf7b715ce01694fbfbff4ebc43d13ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16544
x-xss-protection
0
google-lineitem-id
5591439741
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138399159831
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
41 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1626684418093761&correlator=2207133751363851&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=13524368%2CMC2&enc_prev_ius=%2F0%2F1&prev_iu_szs=825x120&ifi=16&adks=4129951658&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1662430780394&lmt=1662430780&dlt=1662430779011&idt=1292&adxs=226&adys=4922&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=11&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.midianews.com.br%2F&frm=20&vis=1&psz=967x120&msz=825x-1&fws=0&ohw=0&ga_vid=1043706724.1662430780&ga_sid=1662430780&ga_hid=853744265&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04272d09647059ae97688389e94926f3d7ad4566c7f52c1fa32517e4769203fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16356
x-xss-protection
0
google-lineitem-id
5591439741
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138398878769
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
428 B
266 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1626684418093761&correlator=2207133751363851&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=13524368%2CARROBACAPA07&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=17&adks=2550442900&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1662430780396&lmt=1662430780&dlt=1662430779011&idt=1292&adxs=700&adys=6398&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=12&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.midianews.com.br%2F&frm=20&vis=1&psz=316x250&msz=300x-1&fws=0&ohw=0&ga_vid=1043706724.1662430780&ga_sid=1662430780&ga_hid=853744265&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad8de310d55df0e203652e1a1fffd48949693a18132ffabfb2fa9709cfba7ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
415 B
253 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1626684418093761&correlator=2207133751363851&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=13524368%2CBDEST1260X250_02&enc_prev_ius=%2F0%2F1&prev_iu_szs=1260x250&ifi=18&adks=3055601204&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1662430780399&lmt=1662430780&dlt=1662430779011&idt=1292&adxs=170&adys=7019&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=13&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.midianews.com.br%2F&frm=20&vis=1&psz=1260x250&msz=1260x-1&fws=0&ohw=0&ga_vid=1043706724.1662430780&ga_sid=1662430780&ga_hid=853744265&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88226a4bba6455e7f4498455015e3543a7e5ced8cc037a598ababdfa1062d5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
223
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8DA9
6 KB
4 KB
Document
General
Full URL
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:44 GMT
expires
Wed, 06 Sep 2023 02:19:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tag
s.thebrighttag.com/
0
0
Script
General
Full URL
https://s.thebrighttag.com/tag?site=1uCEzB6&H=-v57ra6
Requested by
Host: s.btstatic.com
URL: https://s.btstatic.com/tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.29.16 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-29-16.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=197423277906772&ev=PageView&dl=https%3A%2F%2Fwww.midianews.com.br%2F&rl=&if=false&ts=1662430780430&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1662430780429.1539537595&it=1662430779880&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 06 Sep 2022 02:19:44 GMT
cookie.js
partner.googleadservices.com/gampad/
220 B
649 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.midianews.com.br&callback=_gfp_s_&client=ca-pub-4588639086884542
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4588639086884542&plah=www.midianews.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4d2754e8a1714acd4f22612b5655516f5d20c46e00330b7a1c2ff359f310b1d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.midianews.com.br%2F&tn=DIV&cls=fundo-lgpd&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4CB8
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4588639086884542&output=html&adk=1812271804&adf=3025194257&lmt=1662430780&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.midianews.com.br%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662430779981&bpp=5&bdt=970&idt=461&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=363436652217&frm=20&pv=2&ga_vid=1043706724.1662430780&ga_sid=1662430780&ga_hid=853744265&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772915&oid=2&pvsid=1626684418093761&tmod=896265436&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=477
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4588639086884542&plah=www.midianews.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:44 GMT
expires
Tue, 06 Sep 2022 02:19:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
prebid
ib.adnxs.com/ut/v3/
375 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
61a3e53fff84d6ca192ea53740eea2dfb9af87fcdfd50eb1c493dbb7e415b3a0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 02:19:44 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2e6a03fb-e9c0-4358-bf77-44ecfc915d7a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.midianews.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
375
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10208,1,,,!smartadserver.com,4012,1,,,!smartadserver.com,4016,1,,,!smartadserver.com,4071,1,,,!smartadserver.com,4073,1,,,!smartadserver.com,4074,1,,,!google.com,pub-8170966538152543,1,,,!adtech.com,11627,1,,,!contextweb.com,560821,1,,,!appnexus.com,2081,1,,,!appnexus.com,10528,1,,,!indexexchange.com,175407,1,,,!openx.com,537143344,1,,,!pubmatic.com,156078,1,,,!contextweb.com,558299,1,,,!aol.com,57545,1,,,!yahoo.com,57545,1,,,!rubiconproject.com,23648,1,,,!rubiconproject.com,23650,1,,,!smartahperver.com,4014,1,,,!contextweb.com,560288,1,,,!pubmatic.com,156439,1,,,!pubmatic.com,154037,1,,,!pubmatic.com,156030,1,,,!rubiconproject.com,16114,1,,,!rubiconproject.com,13132,1,,,!openx.com,537149888,1,,,!sovrn.com,257611,1,,,!appnexus.com,3703,1,,,!groundtruth.com,107,1,,,!districtm.io,101760,1,,,!appnexus.com,9763,1,,,!onetag.com,7586ca4ec84e073,1,,,!advertising.com,28246,1,,,!rubiconproject.com,11006,1,,,!google.com,pub-3769010358500643,1,,,!freewheel.tv,20393,1,,,!freewheel.tv,24377,1,,,!yahoo.com,58905,1,,,!aol.com,58905,1,,,!appnexus.com,13099,1,,,!smartahperver.com,4111,1,,,&rf=https%3A%2F%2Fwww.midianews.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=6fd0ec9a-353b-4737-9c59-0f054c6e28b8&l_pb_bid_id=6e53c2b6ccdf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3041583679981741
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d87a8abfe9fa7b7667d337357e833cdb327901ebbc2792080ddcdfedcfb92acc

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 02:19:44 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.midianews.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
259 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=9&alt_size_ids=8&rp_schain=1.0,1!denakop.com,10208,1,,,!smartadserver.com,4012,1,,,!smartadserver.com,4016,1,,,!smartadserver.com,4071,1,,,!smartadserver.com,4073,1,,,!smartadserver.com,4074,1,,,!google.com,pub-8170966538152543,1,,,!adtech.com,11627,1,,,!contextweb.com,560821,1,,,!appnexus.com,2081,1,,,!appnexus.com,10528,1,,,!indexexchange.com,175407,1,,,!openx.com,537143344,1,,,!pubmatic.com,156078,1,,,!contextweb.com,558299,1,,,!aol.com,57545,1,,,!yahoo.com,57545,1,,,!rubiconproject.com,23648,1,,,!rubiconproject.com,23650,1,,,!smartahperver.com,4014,1,,,!contextweb.com,560288,1,,,!pubmatic.com,156439,1,,,!pubmatic.com,154037,1,,,!pubmatic.com,156030,1,,,!rubiconproject.com,16114,1,,,!rubiconproject.com,13132,1,,,!openx.com,537149888,1,,,!sovrn.com,257611,1,,,!appnexus.com,3703,1,,,!groundtruth.com,107,1,,,!districtm.io,101760,1,,,!appnexus.com,9763,1,,,!onetag.com,7586ca4ec84e073,1,,,!advertising.com,28246,1,,,!rubiconproject.com,11006,1,,,!google.com,pub-3769010358500643,1,,,!freewheel.tv,20393,1,,,!freewheel.tv,24377,1,,,!yahoo.com,58905,1,,,!aol.com,58905,1,,,!appnexus.com,13099,1,,,!smartahperver.com,4111,1,,,&rf=https%3A%2F%2Fwww.midianews.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=daa0c57b-aee4-4163-bd4d-8b8ded1754c7&l_pb_bid_id=7ca3f9b309e462&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02199023496725605
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
23738fab5072fed64145d00c4e9a52db1de4014721ffc1db5f5afbe9313720b5

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 02:19:44 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.midianews.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
260 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55&rp_schain=1.0,1!denakop.com,10208,1,,,!smartadserver.com,4012,1,,,!smartadserver.com,4016,1,,,!smartadserver.com,4071,1,,,!smartadserver.com,4073,1,,,!smartadserver.com,4074,1,,,!google.com,pub-8170966538152543,1,,,!adtech.com,11627,1,,,!contextweb.com,560821,1,,,!appnexus.com,2081,1,,,!appnexus.com,10528,1,,,!indexexchange.com,175407,1,,,!openx.com,537143344,1,,,!pubmatic.com,156078,1,,,!contextweb.com,558299,1,,,!aol.com,57545,1,,,!yahoo.com,57545,1,,,!rubiconproject.com,23648,1,,,!rubiconproject.com,23650,1,,,!smartahperver.com,4014,1,,,!contextweb.com,560288,1,,,!pubmatic.com,156439,1,,,!pubmatic.com,154037,1,,,!pubmatic.com,156030,1,,,!rubiconproject.com,16114,1,,,!rubiconproject.com,13132,1,,,!openx.com,537149888,1,,,!sovrn.com,257611,1,,,!appnexus.com,3703,1,,,!groundtruth.com,107,1,,,!districtm.io,101760,1,,,!appnexus.com,9763,1,,,!onetag.com,7586ca4ec84e073,1,,,!advertising.com,28246,1,,,!rubiconproject.com,11006,1,,,!google.com,pub-3769010358500643,1,,,!freewheel.tv,20393,1,,,!freewheel.tv,24377,1,,,!yahoo.com,58905,1,,,!aol.com,58905,1,,,!appnexus.com,13099,1,,,!smartahperver.com,4111,1,,,&rf=https%3A%2F%2Fwww.midianews.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=14a72aa1-463c-4738-830b-d060ae2c79bc&l_pb_bid_id=8014a745c93a76&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7594874548114303
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
519fa4333b5e04f108d24a39f99810f5c978b148a31362c58898bda5510665ae

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 02:19:44 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.midianews.com.br
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
378 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
73208ed0c6e013ca61d8eca5561b9e73c1c5a321bf44d890851617077404ba89
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 02:19:44 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1a0d4d65-f3f1-459d-8fa7-aeca88e3a326
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.midianews.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
378
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/
0
182 B
XHR
General
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.midianews.com.br
date
Tue, 06 Sep 2022 02:19:44 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/
15 B
367 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.midianews.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.midianews.com.br
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Sep 2022 02:19:44 GMT
server
ATS/9.1.10.25
v1
prg.smartadserver.com/prebid/
171 B
562 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.midianews.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.midianews.com.br
access-control-max-age
600
age
0
content-length
0
date
Tue, 06 Sep 2022 02:19:44 GMT
server
ATS/9.1.10.25
v1
prg.smartadserver.com/prebid/
171 B
562 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:43 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/
0
342 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.midianews.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:43 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1cb8d22365de3befdbad3c02bc2b135615c5ec2261b1b26ffc8e99c955397acc

Request headers

Referer
https://www.midianews.com.br/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.midianews.com.br
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
301 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6e1fab83d5c0a9a212c97aae73af4727dac866aac5769183fac510accfc2f026

Request headers

Referer
https://www.midianews.com.br/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.midianews.com.br
access-control-allow-credentials
true
content-length
66
css
fonts.googleapis.com/ Frame 3887
69 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CManrope%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f0a7bc44673757d4c6e5c244720cc64dea773d2f9693e41415d569620cf2f117
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 02:19:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 02:19:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 02:19:44 GMT
style.min.css
betzord.com/wp-includes/css/dist/block-library/ Frame 3887
87 KB
12 KB
Stylesheet
General
Full URL
https://betzord.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Jul 2022 01:03:31 GMT
server
cloudflare
age
500478
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8XscirCMqkWImPexYOyzmsiM7qsNxUYa4fSqcGwYj8OwIgZJGInxM1ducHG%2BtwsbNbyg2bQnwaxrqh30qRqPHgtUA4RsufXb%2B0Mw9Q9u0iZAm92oKUPPT1tgkqxsMespBxW0P6dP1nJFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba848fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Aug 2023 07:18:26 GMT
style.min.css
betzord.com/wp-content/themes/hello-elementor/ Frame 3887
6 KB
2 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdb1eb69c6b5cbffaf1be2df2bcbd4a97d2823de9f4b856aae722900a5e27c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2697504
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 20:51:08 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFrz1ytq5tcyhQANRKdem2TT1pBIsoqegrSFHszQe8EB6PKAkts5DZTR47Nm27UaU6L%2BJmLtODo4PRpuc%2BcylFAAMXT9%2B3VayE6zVT9Hwfb48BYz0kPhm9lkuOupwmoLbfg9YMEx82TIhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba858fca-FRA
expires
Sat, 05 Aug 2023 21:01:20 GMT
theme.min.css
betzord.com/wp-content/themes/hello-elementor/ Frame 3887
15 KB
3 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee1ce2620eaf7f585a69794864001be0bde74b874d6a18b9f2d11f074229f2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2697504
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 20:51:08 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtx%2BMCLwHsQNiszWgEPfSfJ5EzpADysvLEb%2Faw1N4O%2F05qe3JfWpoSYLZnxlSvqCe3om7DQ%2FP52ct0VSPV0HaWW1P2GwH1eAAsf0Ue0C5EbmzydnIQzURRkB4q4eflu5I5pROEAE18KhhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba878fca-FRA
expires
Sat, 05 Aug 2023 21:01:20 GMT
elementor-icons.min.css
betzord.com/wp-content/plugins/elementor/assets/lib/eicons/css/ Frame 3887
19 KB
4 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2256587
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Aug 2022 22:42:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDb0oJxmZHj8t08inh%2BfkI5girdmD1S5RX%2BZqMTP8i6Edo1dlDw26SU3wlL2AGfNizIhW40uKSj3km4qmz9vq7ykXZ1CNJpTvejUtqqYcyh%2F8i5x20IgvF7hHaLWjxWVdY5sKeuU1FbtHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba888fca-FRA
expires
Thu, 10 Aug 2023 23:29:57 GMT
frontend-legacy.min.css
betzord.com/wp-content/plugins/elementor/assets/css/ Frame 3887
13 KB
1 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d79f67c8130541900cfd46cf7f7a22a2a91f03a61f28dab9f9c1386bcb0a880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636254
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vd16cMXyj4FkkRNRW2DoydCNra7%2B92we35rMD%2BZu7BHmpYNhgjFnmOZfXaiJvrDqCpmIJx4o4uB%2BpU44Jo4%2BCxAoFl%2B4Prmt%2Bf8sbxPvS6%2FJnZNsNEerRaEr%2F3pX66uNeMjjitTykXTTOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba898fca-FRA
expires
Fri, 18 Aug 2023 03:48:50 GMT
frontend.min.css
betzord.com/wp-content/plugins/elementor/assets/css/ Frame 3887
162 KB
21 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
038bbd0e8431a0ada1eab160e7a9ebc018ead3b01f5c0cf60daf2bfc1fc70df2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636254
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bs6kq2dMWDFTcGiYSdyZWSlShsQZhnehZwaWh8wAEYRvvUIm3FCwdeU5dxEh%2BAT1NeiJyvPvhJNNEoPjesAPIloxJT1Rvq0zOYa%2Fni8hI44zo%2BA3PBynm5Yn9%2FleRdu7LHWj2vd5zK%2F55g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba8a8fca-FRA
expires
Fri, 18 Aug 2023 03:48:50 GMT
post-7.css
betzord.com/wp-content/uploads/elementor/css/ Frame 3887
2 KB
1 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/uploads/elementor/css/post-7.css?ver=1660790143
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb2f3e010963ad0404dfe317f1bdd9f996709d0b24c30384c4abc4ba288269d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1638737
cf-polished
origSize=1658
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:43 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaaWJQy1WNrl0mP2x%2FFS683%2BkJqtGNFmuorpHNzelRSRjFKQ2GDBMPjNw9SPE2Fx%2BCrM5o8GlUYit6EapqR7ETgfjrwCHhXbmSeRYbpA11qEtZu9t9oXfIFPB9nvRADUdsYV8yOZhwZ%2Fbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba8b8fca-FRA
expires
Fri, 18 Aug 2023 03:07:27 GMT
frontend.min.css
betzord.com/wp-content/plugins/elementor-pro/assets/css/ Frame 3887
469 KB
44 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30db9902d015c9533560f7040717711ac830ddebe571118a875a466ef1161e04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2691795
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 21:33:36 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NrPiO%2FFGaFYdG0pH4R2eU%2BiCvT69gG6BEUVXkiveWmRo80R46PBS0aj6vldGlTMBgIUB38m9Qj3BhVoOhm7Gzdf5%2FVzzUwFyh6WbVJHLYT66mFsBF8opXA4o%2BaI4NHH%2B1xmierO8gGRZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba8c8fca-FRA
expires
Sat, 05 Aug 2023 22:36:29 GMT
style.min.css
betzord.com/wp-content/plugins/image-hover-effects-addon-for-elementor/assets/ Frame 3887
33 KB
4 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/image-hover-effects-addon-for-elementor/assets/style.min.css?ver=1.3.7
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28c3a2c07a25ad942d4129adb3faf0497d76960502b632cdca85bcfd835cfab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2259143
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 06 Jul 2022 15:20:12 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEuNfXrq90jJq%2Ba9NZM2EUT2tESrdYq6MR8dCXpAIrzw3XqxGEQTW%2B8Rf5PNK4Mm%2FpQHd9YIF6qGuDN6lXelBRczhcEkOLcRxaYo30Ow%2Fh%2Fhsi5wqG5ziG%2B8kswgdpUbsKErl8BdYG7D5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba8d8fca-FRA
expires
Thu, 10 Aug 2023 22:47:21 GMT
all.min.css
betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 3887
58 KB
13 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636254
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qizb9QHwT9cMsZTTgMbg2JU%2Bn05NHD0RHoc%2ByoKrercnERWA%2FDBNiFBvIxm2%2Fthuc%2Bm7L0QzfWoLre2coJF2JP3JNxR4f1CTSgTfHZOXbl6Ct%2B3uCIq5e5Keb%2FKXrPFJppe5%2FRnVOhmQnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba8e8fca-FRA
expires
Fri, 18 Aug 2023 03:48:50 GMT
v4-shims.min.css
betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 3887
26 KB
5 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636254
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7%2FagSbaGdMc3%2Fy1XtO0T945V26%2BXUK0a4F6zwb%2FaRtZYkb5RRqo13FeY4uuRY81%2F3C0Gu3n5BHrAg94eCryY4yj83CBaq6K7rLtwW40haWwZpUvs%2FEal1uTOwFheqJsmTlMtHEjQjbGSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba8f8fca-FRA
expires
Fri, 18 Aug 2023 03:48:50 GMT
global.css
betzord.com/wp-content/uploads/elementor/css/ Frame 3887
78 KB
6 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/uploads/elementor/css/global.css?ver=1660790145
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69464b44f28303a15d39c3749af9d96d61c1ae6da851cd838d1eb07907512223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636254
cf-polished
origSize=80295
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:45 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYWlaHwsFhzhCS3hpRPRcQRnNtUbam26IRFem%2FJn5h0%2FaKUOcllWBBPKvSmcOvBJENZepb3msWmpcEsbgChSvu%2BBp6ek%2FMcBYfpyqNXltcG50PnRLy7wTF1M2pD2rU4jwbBa9EdQD%2B8EtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba908fca-FRA
expires
Fri, 18 Aug 2023 03:48:50 GMT
post-7742.css
betzord.com/wp-content/uploads/elementor/css/ Frame 3887
7 KB
2 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/uploads/elementor/css/post-7742.css?ver=1660790145
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38acb2ffc662c9ca2b339bf1431e1343c40e79a1dfb7c2c5c87dce28c1dcea73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636254
cf-polished
origSize=7541
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:45 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xg2%2FD316KO5TUndJOlZKOYad74G%2BA3xWZvO5%2BjVHRk0qNrMSI3eNNVkHX8%2FfPNY3vyhH48%2BuedOgk%2FAhOMi2hM82VPJCtoOqnymHV0tR%2Bs3CIYU45aV5%2FX46tFeiGRAcFK%2F77cDGvWigAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba918fca-FRA
expires
Fri, 18 Aug 2023 03:48:50 GMT
post-4370.css
betzord.com/wp-content/uploads/elementor/css/ Frame 3887
3 KB
1 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/uploads/elementor/css/post-4370.css?ver=1660790145
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94451bf3f1fc1c6a1123cdf96a929b639d93ac8492ab32a72bb6363fe0026458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636254
cf-polished
origSize=3680
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:45 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdLa2OD%2BwvukNxcSBt40QjpkC1sUIDRj8HzEcJv9wGsJQ0Jj9ipS8VqfMmnjIfhL8GcNfc2OUX7SXPOHqLu%2BD6qos2wfxDQPLFytFKzNtYa1HZnWYX5a4bwsBuklWGBey5g07JPT3wke9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba928fca-FRA
expires
Fri, 18 Aug 2023 03:48:50 GMT
style.min.css
betzord.com/wp-content/plugins/happy-elementor-addons/assets/fonts/ Frame 3887
25 KB
6 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/happy-elementor-addons/assets/fonts/style.min.css?ver=3.6.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a526f7e1a82516f99f2639fc48cd8033545c9d1ddae99c01942dede8116d4ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2258464
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Aug 2022 22:42:52 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ut8ctekVY%2B1smkGC1kVuhpmSconkfNOPdGouI8SEajlGHRpWQJmQciX7A0dlGe7BKXKZzLOdK%2BeuwV8%2F5lSR3nCltqf9Ysi6LNxHR2jFkzSJE%2BrNaotMT2Rlc8OZyQwg2JIssJf1DO99Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba938fca-FRA
expires
Thu, 10 Aug 2023 22:58:40 GMT
font-awesome.min.css
betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 3887
30 KB
7 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4884865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 06 Jul 2022 15:19:53 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOQ1Ti7QWl2F5JvFZXEkWOjh6K9ReOIx5Kp9qz7aFGzxYsck2Xo%2BNqMd%2B8wZctwckeaHOlXPVElSH0UzTY5nX8gVDyRnKoHVZnndqO4BDrAjJm6OIMTyxb3quKR6p3QIlXpDm8MLWFl6gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba948fca-FRA
expires
Tue, 11 Jul 2023 13:25:19 GMT
general.min.css
betzord.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/ Frame 3887
3 KB
1 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b869f479a2181cbc0c5d8b6e5bb8bb9cbf81d59a18d056681d8b3de448b1d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
981572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:35 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nw5CabCu5xtobLS84Yf5bTalfaz2UHmt5PleX5Lf%2BOvl9CRLQD0HB9101G0MlawIBZ84Z23rTBnYqJVJdC1vz%2FQ6GetZwOPxcRx3%2Bdyu2fcSOiD1J1%2BilQpbUHBeWDR6yuD9OkRfPDtkBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba958fca-FRA
expires
Fri, 25 Aug 2023 17:40:12 GMT
fontawesome.min.css
betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 3887
57 KB
13 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2269369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 20:49:06 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wV0sxj4z2FsPTHTnXFGKknuRhPbAbSkeRQO716aOE5CFRMQWGofcFFKKskC5sDDOA3SHLQMiCO8SzuwEv%2FWQiZi753MqYlggKyFUA%2FyII8x796fSJns%2B5XPoBla6k%2FAeYCPBs403BQfYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba968fca-FRA
expires
Thu, 10 Aug 2023 19:56:55 GMT
solid.min.css
betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 3887
669 B
847 B
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4884865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 06 Jul 2022 15:19:53 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmo7iyUVEiGFeSs1g6%2Fxf82pqkA534smeMkF3HX%2FlSnF2%2FLNA8IeAAYVWdycIxTiAlOX1Zx6IzbyEVT2uDTzVfUHN9pz7xur%2F2sC4fbFS%2BNySfaTsOBvy8%2FXgDOENGWdgLoHqofiw%2B%2FuSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba978fca-FRA
expires
Tue, 11 Jul 2023 13:25:19 GMT
v4-shims.min.js
betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ Frame 3887
15 KB
5 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393208
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvbDQUz9UvK2RQGQ0Zt8c7LjvCyEpxqTJV7ywd5Un7V46JxoHIG2fodVj%2Fkntaz%2FMZ9Xwwlc3QTwGC2FX2vCRWzdv5fQAqAh1kKaAwGItVjnMf6CsekGEDe3eMlc1Y5ORwZaZQHqFGsWsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba988fca-FRA
expires
Thu, 08 Sep 2022 13:06:16 GMT
jquery.min.js
betzord.com/wp-includes/js/jquery/ Frame 3887
87 KB
32 KB
Script
General
Full URL
https://betzord.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 Nov 2021 15:14:14 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5En1R3koexz%2BFJj2hWMes6DamSKb8VixKIqALZTelqz0gya4TQFYVD8xtqc%2FPLfSZqPSVtLvcjBHT9qV2APAq0D5oJNhS6b8SCrfiCU3tj3E3t0quqHtQX6sj9%2FDvhQDcN2n9IJpLVlWTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba998fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Sep 2022 02:19:44 GMT
jquery-migrate.min.js
betzord.com/wp-includes/js/jquery/ Frame 3887
11 KB
5 KB
Script
General
Full URL
https://betzord.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 Nov 2021 15:14:14 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKIKmsD5Z2MzdYNd3jAW7UuTWCZduFWKYsjkPi055azYG8s68NNY76htsIBcdOwJONLxEj8yjml2nGDLXYPNcxptaeH8t77aeuA9zrkPsSOqSF7fbWSsz80NvpDhtASiVijnFw68PL1JBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba9a8fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Sep 2022 02:19:44 GMT
js
www.googletagmanager.com/gtag/ Frame 3887
105 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-223744036-1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
096258c45b73e5645a9dba178dca7ae377b4ef801801cfe6573a065e0862146e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41886
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Sep 2022 02:19:44 GMT
fa-solid-900.woff2
betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ Frame 3887
76 KB
77 KB
Font
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://betzord.com/betano-promo-link/
Origin
https://betzord.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4017517
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78196
last-modified
Wed, 06 Jul 2022 15:19:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhEp2jfKtqBvaxmFpV4qdxmrS6lS2itxTpUAqxelr0A25EjzigYJRoDzm19VbDrF0NjVfjqDk%2FWw7TIyl25vYXyp3M8WJbriPP3IUn8YCR%2FQyjRZxZ%2B4rnTR33TBcOOMln%2FyA5vYd2laXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7463b8b0ba9b8fca-FRA
expires
Fri, 18 Nov 2022 14:21:07 GMT
Panchang-Bold.woff2
betzord.com/wp-content/uploads/2021/12/ Frame 3887
22 KB
23 KB
Font
General
Full URL
https://betzord.com/wp-content/uploads/2021/12/Panchang-Bold.woff2
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3573b0e184b9b8721f745d591c453b8e5b90cb210d33171aadc8481ea6b7fad0

Request headers

Referer
https://betzord.com/betano-promo-link/
Origin
https://betzord.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5480286
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22664
last-modified
Wed, 29 Dec 2021 19:20:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1k4j9iaV60e9qeShskYs61jGUhBNgaL02uDRT1pBR%2BSlo6qJvTum%2FrlC3kLGffnETBKGkvxgZ%2BVFsF61rqgf%2F1OSmVaJbfXAYcf4cqOHKUVNaDkhcx8j7NBQXOfUtrbPVrW%2FdeMjEt83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7463b8b0ba9c8fca-FRA
expires
Tue, 01 Nov 2022 16:01:38 GMT
fa-brands-400.woff2
betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ Frame 3887
75 KB
76 KB
Font
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://betzord.com/betano-promo-link/
Origin
https://betzord.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4884865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76764
last-modified
Wed, 06 Jul 2022 15:19:53 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErHJHvA0OMbp%2FGSgkQ0RG9R0uRo1AcHcA5R3uZYIUBi3zsfcdXR9WAbdKu%2FtuagwOYB%2BUgmN4c3rOp0xirVNTekOUXScu4OttdVAunjj13TU8OIUTiQLr7KbTZRxKyFX2GPc%2BO0fTtsf%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7463b8b0ba9d8fca-FRA
expires
Tue, 08 Nov 2022 13:25:19 GMT
animations.min.css
betzord.com/wp-content/plugins/elementor/assets/lib/animations/ Frame 3887
18 KB
3 KB
Stylesheet
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1638735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mAMugYPy3MY2SCDJf5j7Czh9wuBdinTBoJ6Gx7KBkbMgIfbao8vE24QXJ6BHdaq2SF8YYVce0og8s7nJ%2B9%2Ffb%2BPuFPV8s%2BdVVZwldSz6wKERvkhu3IGueNhqSme8gl8SSZN9R5v5eismQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba9e8fca-FRA
expires
Fri, 18 Aug 2023 03:07:29 GMT
happy-addons.min.js
betzord.com/wp-content/plugins/happy-elementor-addons/assets/js/ Frame 3887
38 KB
9 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/happy-elementor-addons/assets/js/happy-addons.min.js?ver=3.6.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf2c71956006036a25395c0ed4cef711eb1228e899f7ea8f561f6b702510e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
392147
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Aug 2022 22:42:52 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kmv3c%2Bz%2FnTp%2B0lkNtrwukDkEdS%2BqBZqmbG%2BvLscP86PJEUqkWcJ6nbO49WhkSMR6%2BXbLI6aXwG5lNMQ6c24wS2GkJH%2FX%2FzoM%2FicaRIwfkqvjgV6av3rGQ3idB%2B57DR8PO%2FRf13ccie5%2FNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0ba9f8fca-FRA
expires
Thu, 08 Sep 2022 13:23:57 GMT
general.min.js
betzord.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/ Frame 3887
8 KB
3 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f2fe7e10c8a8cf933afea3f0fb4a89cf74262405024cd908e7d59f5f03c16c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393570
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:35 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxkPbFYnUIBbdj3guNWG%2BeLgqbq4djYgHYNLfFdE6MFUoAM2z7qdhqXZyKCdGEN4j%2BX9Am8IeYAL%2BxJZ8yQJwD06oTwSaktl4k1y%2Bygg%2BjJPqfU65nwdp0MY2apFCq2GFuyjkikH9SPHOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa08fca-FRA
expires
Thu, 08 Sep 2022 13:00:14 GMT
anime.min.js
betzord.com/wp-content/plugins/happy-elementor-addons/assets/vendor/anime/lib/ Frame 3887
17 KB
8 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/happy-elementor-addons/assets/vendor/anime/lib/anime.min.js?ver=3.6.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
379046
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Aug 2022 22:42:52 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUOZ45bFD5tZxLQKmSD2nUq7t50iJo4FTSUmn8XOU9ZgS1ZNWpzRgSE1bkEWsHFjLxMxagGrJndbxc2NLquHVc1JzuZ0L8lPIRofQ65rhQu0lQv%2FIq5ahEPKzVV3iaBiemYIR0CotLPzJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa18fca-FRA
expires
Thu, 08 Sep 2022 17:02:18 GMT
jquery.smartmenus.min.js
betzord.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ Frame 3887
25 KB
8 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388273
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 21:33:36 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJJHH2wnoPmoDDw3lLpjzpcgmPNG8zR0lewOlo97CZcS89LifnHpV3oOHYFjrM7ZovnI24XhfMgrZZ7dZ3BWIqu6Agsgr3GFTvJQmH%2BWMhwvrhJFHx7Ed%2FWWRx86Gt%2F7G9u6LuYTzbmnnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa28fca-FRA
expires
Thu, 08 Sep 2022 14:28:31 GMT
webpack-pro.runtime.min.js
betzord.com/wp-content/plugins/elementor-pro/assets/js/ Frame 3887
5 KB
3 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f70f923b2ab16028477cab0d08b65bba7902871f49a4f6edda814da01c16449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50314
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 21:33:36 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvydAom4TPd6dsFamEPqSkfHxrz5qA3DOZm1by8EH1W77lJPU5RTfDnFhBShXw9W0Dp%2FpdO9MRHdlCWg%2BKrj3Cc2CiHCGJWw1tZQ6YhQA1LBnC%2Ft%2BDUoSDMneBCnkjzz6YeO5q156F1j6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa38fca-FRA
expires
Mon, 12 Sep 2022 12:21:10 GMT
webpack.runtime.min.js
betzord.com/wp-content/plugins/elementor/assets/js/ Frame 3887
5 KB
3 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74eb63655d226b4e05d1c555fcace31e13941d8e0f2fcb1dc7dc59e2789f68e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
371968
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:34 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHJh9U1RuLwHoClB7c1dX4veU2GtWW1QO7OdhzxhvK7r5KJeLMGHtTHovBEZDydUsMFmj1W1NrsER0VFaOEwcxqCYeWJBm124Z%2BfmIGe7qpHhHdH1A8RQmoWYO%2Bz3KDrFzctnGj8BmOAmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa48fca-FRA
expires
Thu, 08 Sep 2022 19:00:16 GMT
frontend-modules.min.js
betzord.com/wp-content/plugins/elementor/assets/js/ Frame 3887
32 KB
11 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23874448e8d502c1299f1a6ab837ebf5f2045716ede2fa49d13c1fbb1791646d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388273
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:34 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDxeE7URDIMb%2BwwYF%2BP8EL%2F4S0DFK661%2FFkFXqiIK5qQwC4T%2FGIt8HJ4x%2B%2BI85XpfQFh4OazPVkS0d6KjFPesfT1948tV%2FkFB8oD2xd0KWPP5POx8xnhVggiVb7BUVLZXNQPgIcwz4LQrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa58fca-FRA
expires
Thu, 08 Sep 2022 14:28:31 GMT
regenerator-runtime.min.js
betzord.com/wp-includes/js/dist/vendor/ Frame 3887
6 KB
3 KB
Script
General
Full URL
https://betzord.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 May 2022 01:06:27 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VaLGRWM1%2Blpq1meIIcnj%2BJXFEucAym83SKty%2FBDUuy7MwOg2TP2BTIjxdKBYDsAGNMioZc0DwCac8RVsstcgKWy8o4GTisYAzc2p8CU9mz%2FNVJTXDaVMcxv2bpxDtsD5cgN%2BsDW31Iq2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa68fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Sep 2022 02:19:44 GMT
wp-polyfill.min.js
betzord.com/wp-includes/js/dist/vendor/ Frame 3887
19 KB
8 KB
Script
General
Full URL
https://betzord.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 01:06:27 GMT
server
cloudflare
age
579672
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RM2KcAtgJqc5r3jMDv9faKQnX82bk6CBr1A4mU5ttAi%2Fcm8b3NqCEw8RL%2FMBTu6lNJ9t5w4TT4mlth%2Frm1XHFsjQzJG9EFPn2U0YUXwOUTJ6bWVjn5fLtb7UwIbAh3qFICJ07%2BmIF4770g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa78fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 06 Sep 2022 09:18:32 GMT
hooks.min.js
betzord.com/wp-includes/js/dist/ Frame 3887
5 KB
2 KB
Script
General
Full URL
https://betzord.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 01:06:28 GMT
server
cloudflare
age
13810
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2phjNHzdOYqkO3t0%2F83HH23BTPBbeBYeQNwKOzZn2go6Jx5JJFu5uLTqEsJ4IN5x9z2S9bgVNT1ZzTZLQc5lyKJjaX5Su4zFIovMCtWJY0mClhodWBxWdS0Ne%2B5pkGpcifuZT4Qwr%2BRUaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa88fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 12 Sep 2022 22:29:34 GMT
i18n.min.js
betzord.com/wp-includes/js/dist/ Frame 3887
10 KB
4 KB
Script
General
Full URL
https://betzord.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 01:06:27 GMT
server
cloudflare
age
579672
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZsXmkRg2IyCtyLxnlwa9%2F0VPnrPpygHwW5u%2B1w3%2BG%2BjNdTxZDViTfRPllpaKFmxwWxevbdKzK51FT4LnXyhx5aO15%2FZKGA7PGcjPochVF9qBpkS4t%2BbzZgSson05obZmqugk3wRdPeQxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baa98fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 06 Sep 2022 09:18:32 GMT
frontend.min.js
betzord.com/wp-content/plugins/elementor-pro/assets/js/ Frame 3887
21 KB
6 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc88f6ecc4a347b5cede85aca7e298a306aad67dfd4d80a59e66d254f513ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265647
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 21:33:36 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAiWzzQHZ89C22pHvRLfdggyEBYYssUnmZVYjs83XE4HSDex%2FLDp3A4vpcEjaL0wU33sDDqxsTY8oK8hfi%2BDVIdTBrg29GUWgAzvetKZjqaSLUAgp2IyWUfbfGBgC2yyYlWUGSxXgX3saQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baab8fca-FRA
expires
Sat, 10 Sep 2022 00:32:17 GMT
waypoints.min.js
betzord.com/wp-content/plugins/elementor/assets/lib/waypoints/ Frame 3887
12 KB
4 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
570412
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lK1kEdN2Q%2F%2FXILd6sPDhV9LnZdizWg35Hp5ZPGP2wwxR2NVRJc8ntKjKaL%2FBHz7qyQkXVT2%2BrZCVoaH%2BBUbGzyT8Ni8BWP7q8Gjg3Kw9Lz0cRjnF86J9wS%2FdHoosl%2FXl%2BXwEQx5xRXiFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baac8fca-FRA
expires
Tue, 06 Sep 2022 11:52:51 GMT
core.min.js
betzord.com/wp-includes/js/jquery/ui/ Frame 3887
20 KB
7 KB
Script
General
Full URL
https://betzord.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 01:06:27 GMT
server
cloudflare
age
368478
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Brdiaiu5m8htxHZKs%2BfWii5HB4TjyVOqbyqMyCEg6k4KLegeJxpIiJz2GmbfgNpAp%2FMHYo8pUglekTTu3219w4ZP%2BU01z397JnHUEToeopCzva2Nrmh%2Fu4jh%2ByIIMoQtsrL%2FuDp8F1ODw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baae8fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Sep 2022 19:58:26 GMT
swiper.min.js
betzord.com/wp-content/plugins/elementor/assets/lib/swiper/ Frame 3887
136 KB
36 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
439268
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwnEGRbD4dm4wN9u0I98YnSj5YijJZGO%2Fi%2B21xeeEXulXz9uUpZmx7C8DRR9U%2FyuhEQN0t9uYE0JvBV0y%2FurgECw9ua0Zf%2B3gxjmJxUuy%2FC4n8X52OuPrMuiyf%2Bz6nu37aQQ5L5CNwke2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0baaf8fca-FRA
expires
Thu, 08 Sep 2022 00:18:35 GMT
share-link.min.js
betzord.com/wp-content/plugins/elementor/assets/lib/share-link/ Frame 3887
3 KB
2 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388273
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSy4tOYrv29x%2FGJRvzAwvrU2ZyyWXjMa%2Fw5MbXZFmZ3ediPsVDGSbH1TfQVQce5l%2BQ4SmN1y5BvgLZTTEfkEHVwk8ADBVScXzSt3ZTH7EYfP%2BfNsjRu2OtgawjO%2BbkbxxhRnmy4qf72yMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0bab08fca-FRA
expires
Thu, 08 Sep 2022 14:28:31 GMT
dialog.min.js
betzord.com/wp-content/plugins/elementor/assets/lib/dialog/ Frame 3887
10 KB
4 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13810
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:33 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7VxcICgqn1LSJRQtFxYFoi%2BLQETOrjf1lJmF7OVEEiUsqMNR31FzZNiHEA7eLqvx2SX4FfopZZV0q6KUvnBlkXrETWjgGvFMr5Oaa5UREpb3GNPLcgIkROjPENVXqNMGG41VBl31wnleg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0bab18fca-FRA
expires
Mon, 12 Sep 2022 22:29:34 GMT
frontend.min.js
betzord.com/wp-content/plugins/elementor/assets/js/ Frame 3887
40 KB
13 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37996581fe12adcd54d4510db1cfacfa3fd768aa01bbe5d3f9ef4b207b62cf02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387426
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:34 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttWVG4U2BiTHxD3Sdbf4S0g877TSCysZZYJcsoYp33wElFRbcpUPNMkL31wJNwD7zj7IzuBeJAienKfjvHNDLUlx2mjRnbMEOXKamQJ4RbQ6EjtEVRzw3jRwKSuHEX8eVZluWWrmav5gkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0bab48fca-FRA
expires
Thu, 08 Sep 2022 14:42:38 GMT
preloaded-elements-handlers.min.js
betzord.com/wp-content/plugins/elementor-pro/assets/js/ Frame 3887
131 KB
32 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e248cb2d34cb478ad0bb8b2801665869a6966195555f0c429821f55f72e46399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261465
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 21:33:36 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2pWjvEAjW8MjylPYuT9lSrFBnhJx7NiHD9RYnZ76f07Bep%2FJphVhhNCCiMQmiPFfGhq2of4sJ1oAW8n4fYa1smnEfR8Puc%2FPHiOnxEdKdh6eq%2F9dMqQdZd%2F2ub8P70G9RRluvtill%2BYYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0bab58fca-FRA
expires
Sat, 10 Sep 2022 01:41:59 GMT
preloaded-modules.min.js
betzord.com/wp-content/plugins/elementor/assets/js/ Frame 3887
42 KB
14 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.1
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e81686e89ad882d603e4f64d1832ba72dc57c2b58431fd558a65c17d1162ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
412121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 02:35:34 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IraB60wqJ1QQ1FnYIzDstap6aYT4s6nRwvgLUQNt5aid8q4Bg7edItbam%2BRQP4fTuzdaHvw9BQOYxnrOrxyDtLUWsuTCnJZCL6ciK73tcP5EDZzLH6Jj8Nxj3SuhmoIVk5h5Qt4LvnUeAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0bab68fca-FRA
expires
Thu, 08 Sep 2022 07:51:02 GMT
jquery.sticky.min.js
betzord.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ Frame 3887
4 KB
2 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.3
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec33c581d5e02e4431f1afc6396a33f1637ad979a3412a2ecc237932af3c8a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261465
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Aug 2022 21:33:36 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12Ko8VI5GMB1V3%2Bjkz%2FMIjQ84mOw1mJQ7L5FMNXqlQalJhq8XB8TmH%2FRlpLpQlU%2FJ8yuJvCfHb5kJOlbZae3%2BkZ27lwWJNb2nMl4vtAhUXQF7HsmS7bu3SsxxWBm4mL0mS%2FBJFnHtep1iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b0bab78fca-FRA
expires
Sat, 10 Sep 2022 01:41:59 GMT
lazyload.min.js
betzord.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ Frame 3887
8 KB
3 KB
Script
General
Full URL
https://betzord.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 04 Jan 2022 13:18:25 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuHZNbt%2FtdfhJrK%2Bg8dwMoI2%2FeB%2BysqY7pi%2F8fCJlzqIAFYOryjVCaqHTuOsDi0PXtRql5whVR1nZ7wHuqtl3aAdQB3WV0MP2nGhUJP%2Br%2F%2FlgYioseZh2M6hvtENSNJ%2Ft1ZtprxA9R847w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b37b4b8fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0F37
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0sK-JBWHaMwy5FdvwKGJwrJ6fdnSLFn7X7i3aJ6_7-FXYm4k360wzY8z0wA1ucnZ3ROFgwEWf-Cq9F0J2J-rYi-N_ZQoPKVXo5h1B_L8yHzbYygTpwfYvGMMSR7EO5tFWbpDAeEr9kk-GP6tcpcZtFkLeV3PtyUoTT2bsaJ9vSoCGUBFb6nJSKvyM5YAz-jMHbN6P5Ca6WxQqhBMe2jMZkQwOj87TCANXO3xXj9jiTuH12lrVSri0JrEjhRsY3X35HO66kxd5UO4EXnak0V6caVKyO2Q9illhu2JnPIAwZg0uMR97gzSX0i2hu9YiYwI5s33i8Ngn7A&sai=AMfl-YSK2fVrwTRtvTjNJY9EVmh6RDQCW2lCYu5-bx9e6nRspuuh435fXM-10X1ELBUgMyxEB-yxpLgt6ehIrfIwJVINHUYoqljL1xU1ax6UCXAC7Nm7jwiBMI9K-3ohP5MOig&sig=Cg0ArKJSzEwHza6OKeJlEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 0F37
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 0F37
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame 0F37
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRt9cYbI0JqBbuaV83oNPoLr3y05hVzSdQGmv54_ZG-U-snDlgr4o_5191TC7CbZ_DJ2c46CrPHV3chCZYYK2LFixEd1g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F37
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
12526165249189579416
tpc.googlesyndication.com/simgad/ Frame 0F37
54 KB
54 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12526165249189579416
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e893d0593dfe01dad5e00f7dd9cbfe9061e5c5e000000a67d961e3778d989be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55599
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 18:15:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Sep 2023 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 288A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6_box2Hb9u2AYgfQP_VFlCydbVfp6LqmNVepqnQ8P0BtBjUGfS_4yiGiiuGLl8Pad33STHb-EAtHk50xRPZ1zA9j7rwBnGhkMh4OtTgPQrsTRKh3_LBlqNHDxa3TTQ8zDCy34zhe1vPnYVkso5HpfDrlautmdOOF3iL4eQ_xUSaqAdej76Ah0L1TC-8UkjTw8lw-hEuwEuCAWsiewkbBxKYrCltz-lWEuiO6iiFkctaXOnvA3SfjuxYphkqrky5HYsX1z-_RDWrPWNuEC7jCBu0ONk0GKPiqXTKHObbbPULNbTkvYy5EL92HF&sai=AMfl-YRshF2xMc17L-Y8JRsL_5d99Pb3Bj9Z62BTxs9w6ox8zBaS2AAD79blybeFoF-_WTbwajv07tTsonFdarlTE2hGZwUJWtL9V66Bb4Okibrfnqrki_W8MtHNA2odKSH79oQ&sig=Cg0ArKJSzGj096cjXxIlEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 288A
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 288A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame 288A
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRK6-XoI4AHRerX43xFHLlklvzzwbRKSO4vbaV7DRdOpW2fyuX5qOGvjersXbY1vuEmoqFxmjIyqFwoaQ850gpbuNynog
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 288A
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
5603686972880720675
tpc.googlesyndication.com/simgad/ Frame 288A
93 KB
93 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5603686972880720675
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41528aafc8b560c70d3b457d90bc9a9c78e0e28e5f323590ffc74e23384da2b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 22:33:10 GMT
x-content-type-options
nosniff
age
99994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95064
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 15:00:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 04 Sep 2023 22:33:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F22
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFFQqrpK1BqDJazIauZ0a8Z7bn7y6hy9il70Debci9azB599OZyTZBrxp6XUpo41YHTRYNgHBDxOuiL8XXCa31EWGWX6v5njXbdn5JoexSKc6e1BH9DdTLYM8-cyosjWJVqI-kVBV-tN-VCzoj6nriywj30uRxlZZQyyAWH0bOtYwclMQPbOHs1481Hsfr_swpFZs7wGYga9FP32zxa0FRKht6OFIKoWRFTcb8qUgZEvVOj3Rbd1UhQGOgm83GDdbxQ3l1f3-15YoWwEgffaKjBQH5OWzyVPbxJcNhusdyWbKwK7ZcXfBhM3uzeA&sai=AMfl-YRPNrf_6zpfm09yXujfUnwFp0eZhU4EG2q1Atd_XDzjp5NybF6z090i_7oF0IZiWPinGJwZAwSHR59N1rXUMb7yZOo44smStpeLVjfa1hi0aGN5rKJTT5enpOYGegm0BA&sig=Cg0ArKJSzLNVdTBSmIYDEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 4F22
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 4F22
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame 4F22
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpOnWxBkVomkIhEoWsWo4VGxBVDyXrKsJDYMrt2Sww20yiCx9g9KavEZX_b2GD3zbivJDx1de3FjS3LKKe2lmx58BicQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F22
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
16862181455193317930
tpc.googlesyndication.com/simgad/ Frame 4F22
30 KB
31 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16862181455193317930
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
388f16f9c4b8ec197494d734e49ce5704a9c10efcea33bc5f3c4c4e4b11de4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 10:22:18 GMT
x-content-type-options
nosniff
age
57446
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31221
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 22:36:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Sep 2023 10:22:18 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DD33
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyxq4ZZ2tSoLBwgD3PQgO6K-7ax00K1Gsb9K_DwmJAg1P51E8ke6RvJJ3JIAcbxMft3HEVoBr-Vs0_m6c16mR17S1KS4kWfiiaTIre0nhxx5pOLc2QoyXaYN2UvUwIs4-DXNY7nUq5iEpDCNfTcA4GyS2OtqUOtjC0UP5E_Bi-ZmqjLVplXRXvdKr9p36QmmgmYcKIhZpnMPXT9mXgHI-mIq_ARaQK0805moiuWRx7se6PzzOknNmuuBRG7nY5vyXxa7iY0PY_JX2TrQVoYODh5S24RTjWQDlajRcBoXgYXY1eGhAKhjVq_PKSwg&sai=AMfl-YShCly1HEXXsAbrB81nG8IxdVkju7Nv8Wqv-2pelWRqhU9VhNfohoSPfAXO9zwFevfxFHPP8i-8psrRVtz9KH8M0VN3fVxK7n7I8UMGLPiJwDsgw1y6EL8MUupo7rV2gw&sig=Cg0ArKJSzEY25QnxqTY3EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame DD33
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame DD33
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame DD33
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBrIGlEDwj_nMcQ9N9p9-LY6YJp4n6h50m1A8ItKYLAz7qwz6Q_zk9WTgO1Shp8QEP2tEHXPn8fGZ2PX1kZkmmDvKHkg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DD33
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
15600173247338219118
tpc.googlesyndication.com/simgad/ Frame DD33
10 KB
10 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15600173247338219118
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d84d12fc932ef29ae8429acdcc57f67b20e165e483c3e54100856475440faaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 13:17:16 GMT
x-content-type-options
nosniff
age
565348
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9910
x-xss-protection
0
last-modified
Fri, 26 Dec 2014 21:24:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Aug 2023 13:17:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 455D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0MRsGnLuS7R6ylv-b9Yo7JdneDOwEF4f_sYIee8MQMGewyn8Ox-IO13Zyn1Rad0ClOo_a4TB-0dniZiR0hgNGZqkHAx-Qtq0C7XowAkSRwv_2rG8qiQmXcUWxfbiVwALKiFkOc7uqf0f3OQNRVAo7_5Ba-k2EnPY1NlRunjptuxKGLFUgayPgeHlW19eAWHYHZ63toug24ZxcPWvk7zLfHNUc2gZ-Zxz3zygBW3vYIWTxPLiyT-ZbTBIBP6P2BrCg6CDVHL4jcmTasv_mRZmixcasSU_yhuDMoa-VxpAqkj3ZcVCkN8mNCIwR4g&sai=AMfl-YRcM4dKFa26EjFYVJk_HPZR_X4tnY9TZar1YNQAp3Lwe9bQS9ecaTBHM9eO26Noj6NMgSLAuJZu5_GvT5LXMAm_4cQ05k-BbkOnhUmTPzWt3NcuQyTWx-BOdUJnQb8cBQ&sig=Cg0ArKJSzObxkWkdOs8OEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 455D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 455D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame 455D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOlVR44-ZdeS7pTaAGRJwg8E7G9hOKEmwNBz4MvOUQVfvy9SB81VWCsDUQnEWnhxgfhLc_PdiZNCS4MXr8kDsXBe66Zg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 455D
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
12119040642561980943
tpc.googlesyndication.com/simgad/ Frame 455D
102 KB
102 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12119040642561980943
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2db825b0f7a51cd0fb3bf6867be86bb0911c303ecae1af4755f5249a0e85f0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104253
x-xss-protection
0
last-modified
Thu, 05 May 2022 19:19:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Sep 2023 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7F57
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0W95fAmjHrmrEhBjQB8jWoX5ESrWsJuh48wblzr4NQXO_JWogcDAQCqMwaM5SlHCE7FBK7m9N-QYzwT4WVO9dhxgHRBvrjrBMq8Sl9ySj6nVbNx5Io-M7Hki1_Q6R72CXEs2rQzxvGgYPNrvbgpHhvyPpyVo2y7uZo8kT3lj5PCU2YOdx-IZMG3NQEdNTR_BKwwDYac_hGtnt6ihrJs0XTfhHSBke0FQdBex7q6XWecHo2wb6oX9ZvDsbhdHuQPAoUYB9JGWx5uX3QFXJACu9pobPAxI8IcWGXCoKcLNTVyq_dgIIygOVskK1hetoAeqXXubDWVgL&sai=AMfl-YTvsEEq-LOAbypEBxMNvevXf67nPEdFSvwZHLvpOh3EwPZiePJ8GX0QmQ5dv3NBymSxmlUfbrEdumoYT5aECOI9yS-UXmmBby4V2MOVGMJBISGf_g2lyA0jQaofKHqzMQ&sig=Cg0ArKJSzC4N1zWp_e7tEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 7F57
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 7F57
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7F57
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
3353696683192364897
tpc.googlesyndication.com/simgad/ Frame 7F57
36 KB
36 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3353696683192364897
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
951026ae17fb66f507b01f485ae76b2e56cc0cbb5bdd2664546affd7d331388a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 15:19:29 GMT
x-content-type-options
nosniff
age
298815
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36776
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 21:00:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Sep 2023 15:19:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B2D1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDktrGsl2Dc6DflUCVnKxz0BULJF1Jod01LIRXYkQFC2kW4gV5bkf2jKIugMdlQYB_xGbeO8CqFtbpIZ3BkLBhRdtdDRIOWkXCiWU1lY5byFUZsQrr3EXujdDEBLIcWuEXvgy0BUa3VUsCG3cYkAWzGyUc8McLJjejW1ssoqtcM2DeumlqLhVewlCkNdy6p5LV061LhCN7GqgP0jpNopeGjL8za6Jv-IyfedMaBp8K6lrM3W-XflY9s6QkDva1uQUTiOYzCRl1xmeceMYvg4EXT4PCCnSW_MyNDvJ7oTg6q2fA5iOydT54xOPIeUl3G8qLNA2dI5hG&sai=AMfl-YTQ2ZhTb2aVAfx6BWBV4R59aPOEIQNvKZeXdVl-e1ECSghiSaNyLETJoW-WfJrS3OVot2ZKpIFwC18vNPP_JESMvXTt7cteX29x1p6g3jTvJ-hiy-99eTueHMzqKMUwEw&sig=Cg0ArKJSzA_nx8Nr4t9jEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame B2D1
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame B2D1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2D1
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
14060229101240215844
tpc.googlesyndication.com/simgad/ Frame B2D1
465 KB
466 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14060229101240215844
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
000181cab76b60688837cd1ccf89e631cd2c1e31806fe1b5b57f9d3616d70ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 00:03:58 GMT
x-content-type-options
nosniff
age
8146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476490
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 18:19:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Sep 2023 00:03:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E273
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2P_IUn2R3CfoUfBMBpjV_zaCLRppdxeNrsMw5rLFINwXZ8j0NzzvHhJIblemSIy-KknhRpjI5Le-_3DqSzrhP8RnPfIaBShgduAq_hVImJcBtoFo5uw6XWEwNSdybi0KZmitNiMppYDfhkEO2RQcozcvpqI4mdPA86-j8ybkyChZCLp18Pht5TTv-6yZ3vjsTu63Q5cRxvzb4wz0_zzbmzizKdKboMiO02L-IPXeU8Gfe4_zK6kmPDLw0myasCKtAsd6Xo9lPbKAqL3498uRR4LuPCyFxzEQCat7RATkeDcC7Jg2RXg7n8qbzcA0Gy5LCoXtni_rq&sai=AMfl-YTl2tq006bymRsoV7ULOCchy7guhcoax0a5onezFQeKJHuQETju3FwsH8uQCBbYT_P8jUL_AVRGyw0JJQ1SOC_gTePdt72KqRDfenDTfTsk1wvQOrOUqFeTk3ASUL-h-A&sig=Cg0ArKJSzDSAZkDggz-0EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame E273
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame E273
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame E273
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQM90tSAoax4zteIBDKEmd_sFJxokZwe0eTS7oZ6g8UT44NQVT9tPng1hdg8GJWsMr9-kB4pX5sdccCNdiwRBXN8j07NQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E273
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
8222584447224614154
tpc.googlesyndication.com/simgad/ Frame E273
309 KB
309 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8222584447224614154
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92153e7ac944fac923e50132eef5ea8306e070921319641987e01283e666855d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 07:10:34 GMT
x-content-type-options
nosniff
age
587350
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316575
x-xss-protection
0
last-modified
Wed, 08 May 2019 19:14:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Aug 2023 07:10:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9171
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsFXoNN_bbopjzJNvQMRR6Qkvj9LBws3Rywe0W249MkIYB6JTNxZlGGS4EVRwWhUucSoQYfrQEH7ddQXvw7m0BDVgdbVzEBGFGqPjvNEBpKPr36BgNfHf-DyU9gxYa6tycjf1WOC8hBEkTHPyqGPdqXw1O3raJGgPjm5m0RNITotKkciGN6P5QsBx7rNzvZIAxPQH--N1idUsInw9zLuyT37LSUlr5ae2djgASlYgtY0nGziuuFoEJyCQjdMOFGX8j0RGPRhz9iuhsOgzXj6v5ViLpPUNVpPzH2D0ZsJKti1isrUWrYY4BiswHy-NK9kVvmeKwub2f&sai=AMfl-YQci8BbEH_ToQ0cdpWf7xptjl_AeaLgBIKC--BN4UYXlWFyv_cRMPWf896bCYV23nBPcX-s6TWPV5mAmPpA6NR7AtSVNzeYMIVdLDzpFLa6rrVAWW5WSK6LaVn2YSpzhw&sig=Cg0ArKJSzLpDRNaXRADkEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 9171
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 9171
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame 9171
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAw5pJ8pE8hoqkrmWifJZKiA35bbLgGSDBfA8tKDf23GoKZVW165-HtSdpSEj0K46B_7X4RcYaRpjAoZ1xTT2ZzLnTNg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9171
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
557019496350554400
tpc.googlesyndication.com/simgad/ Frame 9171
395 KB
395 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/557019496350554400
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67833aec30fdce4680bb65816d8bab7131306cd647781f065a61b126ffa3d73f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
404623
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 20:49:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Sep 2023 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 257F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOdiKBDxxowPA8btPrYmncmZgWGJaiGndLi4wlJY7RklCIhTuiQPV-MKe9amXSPG1IXBnAk3jV8MlijU1FEnu7CG6mfg9VY9DjNMoRwe9HwSSp-kOWc4uAWVsJ3QxkTST6g_NzX7Wt8kmuSUR5gJH41rqmWSnPtE_UabGUUH9MCh6038JCBSMbw2linr3jukiHdjF1GSfs7y4CZN5LSPNvAQhSSLglY0vBE0PV12kMzY49crbu6YCkOE3Xqa2y5WTBck06BVDUKor7PQThDC4S-cuq03clr1wjwS6j8vrFihwlU_jZc6jTdZjB37Nv&sai=AMfl-YQoddOb85qdsWQTb9lPsxAqmGFiS6eTjNm6nGvraEU5AiLAmX02TlcuLa-ns8G0LgcUw452TKvrFKXFQEwCjD71_NHKAGOS8nEMG-iPU6ec1efvUPJ6X8pns9vslSPgiw&sig=Cg0ArKJSzCRqgDCIEEgkEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 257F
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 257F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame 257F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEWeK4N_dWHYCgiSzyXJ6OoBvbKHLzMR3hSf5RlIc1oMZi1nDCTuXUlDOd9vdwOWL5U4jNsgNJE5V5U7RvuSD6c9IDVg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 257F
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
5965445673611002425
tpc.googlesyndication.com/simgad/ Frame 257F
153 KB
153 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5965445673611002425
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e038e6081a638a9d238a523657a41d788c87b58c1ca2ab59724f34c54d493921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156375
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 13:26:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Sep 2023 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6499
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu19xyT0FCxr6NViKDNB5LhkwK0vWfbwbvMCBpjELiW8Z_59A-4Vm4WY66T8VvAFwj5yAToiieUoWfmEuvLx5lWJR8EA3s_4_MoXInTlH3ORrn04DY66wLCWSI7Ey_H6QHll4rQNRRbV3hDlUlArJyn7HmSv0qmtryeIOFOuXH0uML9qVhufgb3oTNL3DsnVm_q1O-7QhPrlcAyg6QrRtF_qmqOMpgbMEV8dHBRVrspor7muK7TuHXXymEzIxO-WbRVNlgVFgBb6dIUL0EHbMeiOdCaCfspk194lTz4x8gaD5GKuETIgQAxxNXYg0Jbe-jwbuv4DHG4&sai=AMfl-YTI8Y-eAsmSrDeaFoK7I7sjRddISaaW_ARhDetRca0mAjj60e-OgxvlhPA3SSW7kDuCwneGFyuGVBHN_reREFDLc8MTe3zlwGpPcGaCYwlAhza-LkFkAmMxgAh3RHT88g&sig=Cg0ArKJSzFx-43ie_2KEEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 6499
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 6499
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame 6499
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJF5J2zk2QaZqq1wCyP77vR1N7krQPue3EhyEK213Rx9xMA-sRbdkfaXnhrm97ckOKsTTc5RjZ0JHahhDqYo-QlPbVJQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6499
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
8888244852836371489
tpc.googlesyndication.com/simgad/ Frame 6499
54 KB
54 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8888244852836371489
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e398f272744f06e9542c6b2d817a1a25d29f7d6cae5cfb94573cf3ec114e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 15:13:43 GMT
x-content-type-options
nosniff
age
39961
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55416
x-xss-protection
0
last-modified
Sat, 01 Dec 2018 13:38:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Sep 2023 15:13:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3F49
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstQRa-Rj-t1QJNGgDvgdKdjRgiaR6G3FHm0bxVd5vyUJe-Kli8bzd2SkHyXGLk05qcwj2Sv1hylTm-G3-nq8HIOa35KlmyDwhYX-jw8d6KtM0mabvLhQg6TJAC9BEueNykRCN36iTSMhg0hAnIGxspjR7A8r8QXPx46_5yl9ryoJc2Cm_KJz-FslsUT-nFY1PwOYPjkYS0gSua-tUNk8COfXLJeM_76O2lGlisF6lLB3NQRB96ZZu_a_IezU85fj6-T2CriwmrmKXBOVMoJezpJuZdavnkiD8zk_yxPLMhILKyoYfcclNaGEAOjw5kASU84yRgws0&sai=AMfl-YQlmPfGqKP1eEeygr7FWAk45HsJiYDhiSUhJAFEzD8sGpbqXdPwxKyT9RPMUKMTwZMfM-ZQO7Ktc3g_4JBnb_VwyKd2C6hjeRX3piep4txkwubpuNRISLdQMTsaAhAwcg&sig=Cg0ArKJSzDWv2IMbyzkEEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 3F49
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:11:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 3F49
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
l
www.google.com/ads/measurement/ Frame 3F49
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1k0H9VnZVXGAR6OF8NmtOWl3lAkoit7usA6XuMSiH-weKfzn6NtE6pMBaW36EESiUNt19ywxrHbiecFK3fT15vW_0iw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F49
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:44 GMT
7106552682299818279
tpc.googlesyndication.com/simgad/ Frame 3F49
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7106552682299818279
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4087fb9b5b3a0a9333ab44e9b852aed788c43f44f6f144a42ed99e8354d892dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 15:13:43 GMT
x-content-type-options
nosniff
age
39961
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38555
x-xss-protection
0
last-modified
Thu, 08 Nov 2018 22:20:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Sep 2023 15:13:43 GMT
truncated
/ Frame 0F37
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ce281af1334fa34eae9a7cff8a183ffce1aefb5313c0934ba16147693927e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 288A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f18d1ae597dbf8c1d20898d604540bb18f8d2b2af607dfde0b2475420ca43b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4F22
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96d1325dadff7451683beb0b0bf24ae8e84721ae35835db0977465d0ed5c544b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DD33
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bf2cf83ae7a23cd34f20bad42bc5031c01caff347d9134f576674b78528114f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 455D
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f27dd7ec7254896b2e59fb856b110216d581d408dace29fa6b15f74dc88ebbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7F57
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
230b36d2ec336b784222bfb43e52edf098d9cf6e45cb968be9139cb6009e1250

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2D1
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d177d10ead2c0b8d4ba9355863e5b282a9d0c499b38e8fbe8e983f707b5f2c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=197423277906772&ev=Microdata&dl=https%3A%2F%2Fwww.midianews.com.br%2F&rl=&if=false&ts=1662430780994&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MidiaNews%22%2C%22meta%3Adescription%22%3A%22Credibilidade%20em%20tempo%20real.%20Not%C3%ADcias%20de%20Mato%20Grosso%2C%20Cuiab%C3%A1%2C%20V%C3%A1rzea%20Grande%20e%20Interior.%22%2C%22meta%3Akeywords%22%3A%22NOTICIAS%20DE%20CUIABA%2C%20NOTICIAS%20DA%20CAPITAL%2C%20URGENTE%20CUIABA%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22MidiaNews%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.midianews.com.br%2Fcomment.php%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.midianews.com.br%2Fimagens_clientes%2Flogo_quad.gif%22%2C%22og%3Asite_name%22%3A%22MidiaNews%22%2C%22og%3Adescription%22%3A%22Credibilidade%20em%20tempo%20real.%20Not%C3%ADcias%20de%20Mato%20Grosso%2C%20Cuiab%C3%A1%2C%20V%C3%A1rzea%20Grande%20e%20Interior.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&fbp=fb.2.1662430780429.1539537595&it=1662430779880&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:44 GMT
gtm.js
www.googletagmanager.com/ Frame 3887
145 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K4GN52B
Requested by
Host: betzord.com
URL: https://betzord.com/betano-promo-link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d76248e34bf53792738c5eb08b827b942ef43a6454ab059b1912d7a4228131d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54323
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Sep 2022 02:19:44 GMT
truncated
/ Frame 3887
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a2cd395765349fd5ad0603553fd096b382673d3813f53c73550461426e471fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 3887
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CManrope%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://betzord.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 03:24:20 GMT
x-content-type-options
nosniff
age
428124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:24:20 GMT
truncated
/ Frame E273
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51910bf7f982d809f4ee42aed8b8c903aee46a4425ae329767e71ef0b08e0d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9171
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c84b0b9aec6b76d98c9a988b6c114405a7dcf09c15bb3e988604412591665173

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 257F
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf15e22d977cac634f2165769936e25ee21887d18c8760a908de39d24b0e4b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6499
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
333fd4ee5d3f32e503dbe1e4da292916daa7bef29c5980397dbe7ebab9d73b6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3F49
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edd44f7843a8171d9c8587cb47ffc3b530dda841d4891cb7fab57f04f1b338e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0F37
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYjGSrLlggbP-1CrEVlgJxVQnfCoifcn9aocssE8f8o5q9P_nOkCkA6uiCJb4ZaD3DdmrzRWXRFqmHLFd7bRj37wkBCEn37bgKfJQ1D-RLJIzB-oly-qocCdjalB5jkPXwVUoHEbnx1SkrSyyW2FOgITUdy5CgiaJ-mtnnV9_UTiy3Fw8g4O35yoA3rrqIovCjHgbII1OvG6oslCJu08FgD7Sa47vpUHqux_jFbVF-d7VaGVj9jzBcrTKuuKSWfe58zysPhwcRgWfsj29bsu8JZEOqciC-C-VT6BePzf0KmxdgibV_aoS-SR8mbnJBgKz4SmuoNWnmQpqU&sai=AMfl-YQcQKZQ4osemX6TS_Lh8g7a9gmu39KKxejskmctZFuqC6yn6sIyx1b5zDmr4ef5vuN7jXIKBz1j3LG3ni0l-3MrNF5yBtGdHELAr_d3PwraNeT3gKlGJN1O5xDOYB1oJg&sig=Cg0ArKJSzM5mpOzIMXvuEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 288A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstI6sJNsWy9XF2csCinqvzqu3diA5LoQOMyhawXWdRUTxc4Qr644NjVrPcQYqVASk3ctFSEjvDMKKo7RRbGH9g2G5VB903yeqEVTc3M3eVyVz5eHCdoPwBdQqceamZyxDEfwnwApZMNENSA2L-V9pX2fAI50divdaykZ2vLe84f_uVAAUKY2V8h_dZJiVBy7AMF3KhIX0X5VUzPekdcTjFQOxq3f7M-u9g8k0ZQjpxyOZy5ovi4vHlJCLcGIjKh4LrmC6imIWR83DI774xghu_ilVu1Qf5bd-stppn--4qZ_IXmQCLxHZ2ALxpzbjE&sai=AMfl-YR5aRTcuDQA8iv3TyaGv934omj0z4yatgiaUVvsR693OgClJCPKtUFKs-RH6ZTvNYcpddEPPaiWqKS6iu8PLKYc6V3X8m9iFNp3H9FPWbYiSv33zHnECKX8V8J1aFTNzV8&sig=Cg0ArKJSzGrNL-cTB9OpEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
truncated
/ Frame 3887
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a23b14bd4561febae5c54111562ae7d1b2afef167812918bb937c93d5e80bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3887
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4d39c270152edfb6145de8a957a7cee9bd530b94b2b9db1c1b8ed0fba8098aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3887
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc3585fc68616a1df4514b8652e019b16f7f60402b07456061bdbdecccc6f071

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
api.gif
v3.denakop.com/
0
264 B
Image
General
Full URL
https://v3.denakop.com/api.gif?a=10208&d=desktop&b=Chrome&o=Windows&u=aDTE0bHZQyy%2FQLKo561Mpg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=first&p=https%3A%2F%2Fwww.midianews.com.br%2F&t=1662430781177&cb=0.847117022855794
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 06 Sep 2022 02:19:44 GMT
server
cloudflare
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
7463b8b48967690a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.midianews.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.midianews.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
82 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1626684418093761&correlator=2207133751363851&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=21715141650%3A13524368%2Cmidianews.com.br%2Cdesktop_first%2Cdesktop_side%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C160x600%7C120x600%7C120x450%2C970x90%7C728x90&ifi=19&adks=2410036024%2C2050675732%2C2829915238&sfv=1-0-38&fsapi=false&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.midianews.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dfirst%26account_id%3D10208%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.midianews.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dside%26account_id%3D10208%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.midianews.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dunder%26account_id%3D10208&sc=1&cookie=ID%3D345a2a3974db9c85-220231dc13ce0081%3AT%3D1662430784%3ART%3D1662430784%3AS%3DALNI_MbO-lZJmQ7sNjCkLOiTqJj5E8Ck2Q&abxe=1&dt=1662430781184&lmt=1662430781&dlt=1662430779011&idt=1292&adxs=170%2C0%2C0&adys=726%2C20%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=i%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.midianews.com.br%2F&frm=20&vis=1&psz=1260x-1%7C160x-1%7C970x-1&msz=1260x-1%7C160x-1%7C970x-1&fws=0%2C512%2C512&ohw=0%2C0%2C0&ga_vid=1043706724.1662430780&ga_sid=1662430780&ga_hid=853744265&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1640ab9ad5c1fd50db29befd69aa9f9ccec2df28c26ce285b3303476434140ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19581
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.midianews.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.gif
v3.denakop.com/
0
264 B
Image
General
Full URL
https://v3.denakop.com/api.gif?a=10208&d=desktop&b=Chrome&o=Windows&u=aDTE0bHZQyy%2FQLKo561Mpg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=side&p=https%3A%2F%2Fwww.midianews.com.br%2F&t=1662430781188&cb=0.45386591325333114
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 06 Sep 2022 02:19:44 GMT
server
cloudflare
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
7463b8b4997c690a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/
0
264 B
Image
General
Full URL
https://v3.denakop.com/api.gif?a=10208&d=desktop&b=Chrome&o=Windows&u=aDTE0bHZQyy%2FQLKo561Mpg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=under&p=https%3A%2F%2Fwww.midianews.com.br%2F&t=1662430781189&cb=0.856219330003648
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 06 Sep 2022 02:19:44 GMT
server
cloudflare
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
7463b8b4997e690a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F22
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_bEdzF8JO07GbnFIYBE9NB823dsDgLt3FwM11BoyLzko7GjL3xB5fhj7ODZAZDXki9zJJms2q-dArP9E46-kriKdBPQ7Xqh-uBeAeB69cYKnbrap7XfUDijeS4bhZWnz46v7p6Ldoc0SZDneeYMnRVgoch1GILV5kXekdwdafJud3S3WtybgWt0qXFNHDSWS1nDlfyBZtFu_vvFPdg78SHfZuYOOC2QXdCStX6JtGYkfnxv9tz4IsXtEZtQhAH2y7cenyk4QDGaJ1MpKUPn2WVmIw_9q0bmocSlZ0SQEtRJIXohWF-AThDhJC3awz&sai=AMfl-YRe_e93F6wzuMXZCGNfjXKxUlu-jegDM-Ji2imD5rllqYQorYfDtBrqjCzFKvYwcqs-2KxMfW1pA4rzHZKNOBL9wwE8IC5B1I0rfJD7qXF6FpA8zDwCHazx9bqa-EKEUg&sig=Cg0ArKJSzNhRPkzK6hTVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 455D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4zh0qc8zTuZ89J_vfaEdACQDNnlY_nfKlaB6R411E8tOXVWWhR5iZ1iFVlHA2_mSmowsothAoqTP7rGb1g2YTnudxxKickVN6NR8Vw0wscm4bFV2wbO4ShjVTPxYqFE_3bzQ8tYiNfvSaDEhP-fhiFrypddZvnPEuQy0oaBdNyoRr5af45d9ba0w6wjWrd2pzLeQiOuqR6HeguCWinWnhiScIrDtkMv6-rXX-qMd1WVdLFvgb7TFxCXqMZHI5BqRM_meLNWKRxgkY5gQJMvx5pgNIBVvx89LlmLvjbw7FSE0PV0XmppKbFA55wDaf&sai=AMfl-YQ5NGe8FMSMNMLa-O_5AsnJyJmwuGL0-Xg5SCEEyh33LVM_HRA20IHTC09tac_mljAHWBzsPkvson3s7GjqxlXm8r3r-sQ5Xh4yPlxK4avBgAqly0ovwV04bPFQWFPVOQ&sig=Cg0ArKJSzIZ1Ft9U1hJ0EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
ZuumeCut-Bold.ttf
betzord.com/wp-content/uploads/2022/05/ Frame 3887
83 KB
83 KB
Font
General
Full URL
https://betzord.com/wp-content/uploads/2022/05/ZuumeCut-Bold.ttf
Requested by
Host: betzord.com
URL: https://betzord.com/wp-content/uploads/elementor/css/post-7742.css?ver=1660790145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbec01b9c16b19b0aff79223444a8182aff77c8946b42dfeade842d3f64b51d

Request headers

Referer
https://betzord.com/wp-content/uploads/elementor/css/post-7742.css?ver=1660790145
Origin
https://betzord.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
cf-cache-status
MISS
last-modified
Wed, 25 May 2022 20:23:31 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyuGj2RP%2FbiLGGRfg7bTIKtaJBgs5%2BnOUMIOl9xJ7RusGygNVir6%2FpvwHUhJ1%2BxEumk3BFx8tJ3Xjarc9p%2F%2BpkyAFuFvm4trgoD7c8UQDtyJPcqCkjy%2BQmG1kIxWqnCbdl5Tme8ltF7bOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
7463b8b4dba58fca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7F57
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXo1E6GL_6n7U0OXGbyF2rcIW4fvPN5EF_GTBpBgOBE_deNjp7LABRWWi1BSgoO36JBc555z8LAK1NpRlqFGqMjwO0cd7msMI07Hw_PY0Tch9p_dlgPNEphWlFKxtaqqulzRwKCvNRVBouA0k4rhyghkMddcMWCXeJsaTSB3JweANVhZ_XTpNhOBTYy1oUCXscwekPWwKzM6JYpBt6nDDoVat-EobVdkHRmB3h3-d_P3cMkym1d1ivfgL396xeTJ7t-EO-9A0FFEgAbB9nQnBERBDYSAgMwautVNoI3Csw9Vl7WN2FtfdA0_97MjS-BXT2DYZ-qXLwIX0&sai=AMfl-YTxHNbzVMWOqzrBXH5q8csWn3ahHsnau3w62PeGbajpbB9KhX6uKtxw5x8ycTQw82q0tpRQi6PuOK71AYivwAekSLiGJ01S8A9WqVn8Yc6UNMHxY3ytoEtrhly1Z2fCsw&sig=Cg0ArKJSzADm2iGCewwnEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DD33
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK7o0B-SUnzvG2Bpe_DzVFz3Te5oyhzma2ZyRC-ntn0A2RdYlt9NP-T-EaBFjZKtRV5rrlYyp4m-1HIiTnfTfOJH5RQneIeITjBczv23uDjFL8wBWkgRXMD1aql7Lngd0WJuRjxYN0Ya0tgHmbWDCHAHUlaKKY-EjOmRk9_IyelPnR0y-T17MB6ROi5C66paXC7SPNFGxHqLq5rzZzQCIVgFEnXk--22CdwtDK4OFOBSTi2bp3_mkGvmV7mC_1xkJpVraehTc_OaK1iCmFFu1udlhO_DCJFEgcNyFmIfetIJU9Cntr0ieZehm-aI7K&sai=AMfl-YRvW7Cw_Aa45KlvYE8UuAKHaTQ3zvuWRioff38J0Ny9UoB4NzJ6bU-mogT5gKX6vfGnkWzVOscy0Vi2s8U8SmzgYPVQe44bMHs3fNG0m0OPDYmmuCeD0PA8EWCvYDPpCw&sig=Cg0ArKJSzOJ3bR7-J0rnEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6499
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlHj6LKlv-BQZCeqyUTthroq4GbkeSMflfCSAst_fAqdr_O2Va_O6FRZWvjmUAImD5C0CO_6LQgWxo74zt0gf3VGxn33CADP8MGmPZ27PXzwNIXviJektfeg8q5DW3_27_sZHYtL0HYKHQyyYsLBH2mqe4F2SHNKpESAJZ2vbxG4QQ7L61speNNKR0xF4BjHg5-Z7jLc0KYM64luWxnZGqL1-j4wdMElsIVGcK5KmhSTDVDgngXxPP3otcLZ1_lhIf1CUcWu7WtQyzpLLyYhpJuqaQeJLF2U9nnfx5JWaEjrJwMbxumc9VAA6RjxbC1v_y32Pkxqs-Cfg&sai=AMfl-YRJIdiHoMmduIPj9Vwc1xJObJMgQ0XgAsYk-CbRebjDXzF3KQU5yASyt1twzDz8dHlPOPLO1Xhsml30edQ8EZx_X5tkR43IHBi5r2_153QisDas2OKZInVi_zpvgIkYWg&sig=Cg0ArKJSzLsKyngo49lFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 257F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk2yMwe3Rbj-jCGM2H5VYzHAWA2yiXY65pBPpoFa5DyygHfJf4qeYAghVjunEFwHQ0Om60JAuk3LBWDEe4-e8wi9Z5g6NRQq8gAky7qW82tY-t7880ftuo_e_fc31cjC29HYxnf0seT57Iw3tF_MvrMZD49v751tCrxXJdmk3B3q2boZda2VAza4-8Nou8WO5G83jKK3DPXJnYsg-RaGzGievfPHAwrDuQKbr5J2i6H-7sVuo5Hx-_dXzVq7WD_JuKrPlqQ2XhmIrbfTr9SYxn89Wk2CITxXixRV_gwiNhHTAfn2YWrfmPlwkjkX8Rf3M&sai=AMfl-YSGwntzx3PhCZ8HoerCsudzDz6UtW_-68WTDJeHE8_wjzQl_zC4-lWYamql3EgFuTK7VsR3pMdu7Vl_zqygEVz3PjN1cKeG1-IQ8SJ7K3ryb7npr2ba0Pza-qECc-Libw&sig=Cg0ArKJSzI0aB7boTqa9EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3F49
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0g3uUhwiGbB_cyZJ0zAi3pWLG7ss5xb0JO0al7gYlMlQhbo3bWrxXc5Q6V2RaT2A6z9TqNird2oU85IhsUJ-XhpdHGEaD5kQlt2jspC2-yIMswa5V-QRNG-hzgRFA2711kODkaDIQ7axLiLgVSpNKYk2j5tntGDV2DcQVeRYAyds5WeGRKGmlCYuyCs2wbIQ2CV_Mpju04_OrJTImGtsYzlqZtgcQG7GRHlz-NcOAEYgFy1SshQhG-vxH2skT47jt5BRMZ8sIjW3MojRYIEdKzovFj-OeSFXwRbINeJK_a9rOLXI0a7ZnklUnIVGtEQsw3K2hQr7bQA&sai=AMfl-YQWaTXCGvYp9k4OeTwZoOIhSOcO3w6rHrTLOVaneruc51lB_DHNmZ-hlENs5t0IbFIpBWPO9c8GXmGpl1wMiVDfqgre4fHPQbdXjQGy5jDzvvIfwc4z97SMkhKN52JEsg&sig=Cg0ArKJSzINbVGoKW54cEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9171
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiSCvM_X1a-eY9HFzdTyF15yJaxos0VoCTD_fNW_DxnjwupH05oBs9qO1JYsAY7sAU8N5j3HzKC5xikr8Hys4lpanzMg6UdgJ21CrRKPc1mz68FawQEV_BzUYzmsiMalW65rAC7qqzf-Q6qFb6HthrO2I7W5LzE78vjGoNJ1gc6ifnbA0LdkMktrvyMKlcc-torU6bc8G8tslNHUAcPAeR0BeodiwFpjtJsGjYlriDuPJsHr9jXvLqG5a-f1b4HFOh9ffYKWmUx1f6eipGI9MSGdjxV9grrumIuvEsHMirK92HxTjB78FchZ25PSBVuTgHNlGdijdtF_0&sai=AMfl-YQ9ouq1p8ChTWY7ZzAoNB60ODoBjn337nmBS_-QHcjwxw3DcCPr7U0UC4bzjFYtoFNieF6qCsYppjaqMRmL4bQfVV6H7ZwZALiqn6NchuRYcMVooZNjVcGjnW0cspx8pA&sig=Cg0ArKJSzKdCqc1beADKEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E273
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGuJ0mg8v6SyNZinIKzaBe9vE6ozDzIBC1PRsILjQXHg52n0l-zMtRO51KnjuC1ZODFZa1uEtINqmk2b5vGq_EORuEbTJ15rkT3EjJ32YkFjDRjqCE8GwD98lkW_rAACrhR6gCl9dPVs-5j9tuRBC7KUfuvgryGdnaOesVOr-rk1MijBlRdKTIFJwzFsw6cX0GIBTJvry17JO8p3RjwcfdOUwejCEX0JorbvYnRFcVdOvEHIBBqnF2Rg0P67XUjopzoFQeIPP1OKDrWBtEk-BlXu4x79xnD1pg95AV6kiVGA-tSaVZ2aJnuAdPzu0lYW2FCWgjmu35tSc&sai=AMfl-YRyIJqFDkEonu8dY9q1rsJt7QYHvtnahQBAzGhzRZTX2cqErOz-7uEwUdxVbUHxh_YkoYySEjLPj9On7-4CJqolsBN2evyRE3V4aapuHNF8jgygJQTX1Wfi5_ZdoUH48Q&sig=Cg0ArKJSzLKYbMF74FFTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B2D1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPsWWXTDjvWsOw6hqCsTXHM0je30nXM9STLKFDeFCktun03qWstqUlm39RVN3dHbPL5j59JsRBeIzeG8A8U-KN7_zh_Odb9crEJmjh6wG377K6MoPxKS-JP39Zb-6dMDm-4xTuJvwMopATPk9Ruiv2m7gtGMCrHSfCkAEDzKBzgPHefi0OUVh32AIyelPV4NOTfF9oha0z3zaR9NloZpr428gTwhc9s2p0IF_8-0hIBsrdEPDtomFP1znREDCo55Kfvgd6cQbKfAMJgqqG6NHILqc1pvfDeKzK7Uj3xi7kZbiRw_7xE8yHk40PKCKgOyObyjp4YuVfBr8&sai=AMfl-YTSk3zEK9b9Smbg1ck--5RPfjpkhZwaBdSQCLrVicnQI9xgK1gQwe2lqQPDcRftAPjMNG6Ex1SM_Vvcyz_T93irm-ons_gBscQLKGXWpNq2EE9FubFmL-EnbIyHsCV3JQ&sig=Cg0ArKJSzLq2ygoRhOmZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 06 Sep 2022 02:19:44 GMT
container.html
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 783F
6 KB
3 KB
Document
General
Full URL
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:44 GMT
expires
Wed, 06 Sep 2023 02:19:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 48E2
6 KB
3 KB
Document
General
Full URL
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:44 GMT
expires
Wed, 06 Sep 2023 02:19:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE39
6 KB
3 KB
Document
General
Full URL
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:44 GMT
expires
Wed, 06 Sep 2023 02:19:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
262 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ Frame 3887
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223744036-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4665
date
Tue, 06 Sep 2022 01:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 06 Sep 2022 03:02:00 GMT
js
www.googletagmanager.com/gtag/ Frame 3887
169 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Y2F3FC11F&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223744036-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05dae70dc3528c34c1ce1a09fbd1ec37c64564a9d7aae686abe7787573ff08a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64314
x-xss-protection
0
expires
Tue, 06 Sep 2022 02:19:45 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 3887
41 KB
16 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4GN52B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15690
x-xss-protection
0
server
cafe
etag
13194339052015637803
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 02:19:45 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 3887
100 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26752
x-xss-protection
0
pragma
public
x-fb-debug
BgU2gyWb80DmpHd1PTdTLQAkkC0hsKTbl7Z/66UxRfjCtArT2uu+ZJpmVHh6xOTri2tFRdAJdy+JngZW2DuU6g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
qstools.js
cdn.jsdelivr.net/gh/savedbyjs/splitools@master/dist/ Frame 3887
1 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/savedbyjs/splitools@master/dist/qstools.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4GN52B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
079a7ccaf65998881fb2b8b9a4032cebeefa0c0e0b2e7159cefce6978ee1148a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
36769
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
601
etag
W/"5df-F1CMyOzgH1RBZRtiWnkVVLmN5bs"
x-served-by
cache-fra19160-FRA, cache-hhn4065-HHN
x-jsd-version-type
branch
date
Tue, 06 Sep 2022 02:19:45 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
Arte-Betano-Pub-min-1-1-1-1-300x283.png.webp
betzord.com/wp-content/webp-express/webp-images/uploads/2022/07/ Frame 3887
20 KB
21 KB
Image
General
Full URL
https://betzord.com/wp-content/webp-express/webp-images/uploads/2022/07/Arte-Betano-Pub-min-1-1-1-1-300x283.png.webp
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d33d7210417ecdd85f721cf511ab88a8db61741a010db401b3daf72b311f5fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352976
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20546
last-modified
Thu, 07 Jul 2022 01:26:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZSmwobmPogv%2FYToaSB%2FGrFpTOuscKIegF2jPxT3cWn9LA4C%2FCASa%2FVmKo9Vn9Oxo3tKq3ir%2BgRvo0Lbyl%2Bc2Ek0K%2F0Qaz1xrCuavNc2h0ui9OOqZnWuUlp9Ue0w0FHybXhXhBzbncRP%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7463b8b79c5b8fca-FRA
expires
Sat, 31 Dec 2022 00:16:49 GMT
18-com-Patrocinador-300x39.png.webp
betzord.com/wp-content/webp-express/webp-images/uploads/2022/07/ Frame 3887
5 KB
6 KB
Image
General
Full URL
https://betzord.com/wp-content/webp-express/webp-images/uploads/2022/07/18-com-Patrocinador-300x39.png.webp
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e40b32e4b6d12857b69fb4ce1bfad6635ac6d9c73b239a111d7e4e6b5814cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4790992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5322
last-modified
Thu, 07 Jul 2022 00:47:36 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtzAjeEG%2FD6N0j0%2FwWEMG0BgJKOJedbdxdn9Mp%2FYpd%2BbbrUXWhufw9BSxImhGaZtR4GHrFZHCpG3n%2BVQyy2ZU%2BUz9c4wHoaN7Qkm%2B3uI4MqV3FN2h2ol3ST1fVNABZ%2FcifPkgPV5uMZSKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7463b8b79c5c8fca-FRA
expires
Wed, 09 Nov 2022 15:29:53 GMT
Logo-Betano-1-300x115.png.webp
betzord.com/wp-content/webp-express/webp-images/uploads/2022/07/ Frame 3887
6 KB
7 KB
Image
General
Full URL
https://betzord.com/wp-content/webp-express/webp-images/uploads/2022/07/Logo-Betano-1-300x115.png.webp
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:3332 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbaa43e3576f787a48775d5d9540f45e1da35ebaec9e72bd6c925e6e4b61242d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/betano-promo-link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
555269
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6444
last-modified
Thu, 07 Jul 2022 00:49:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3V8bFk1vXNmZSg%2FXU9X6n8v%2BoAIZXOXok550cZou7IDaxCUpD4i87Ry6Zx8RddH%2FzcX7tK3y4DmuUvcsC4R4msW4uuhoEuAO2TGLoVVlHm7YTj8fR6OqF%2F9xOWDpHz2k%2Bk7hXsRmlU%2BBBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7463b8b79c5d8fca-FRA
expires
Wed, 28 Dec 2022 16:05:16 GMT
577109416815916
connect.facebook.net/signals/config/ Frame 3887
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/577109416815916?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c94104ae27a88086ca3d0ebd018a4dd6d0aeea46bdd4df55d0487f3cd3a5a54f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
oGCMpp2+64VfBmlPrDwZh5I1FNUiYCUEfZFqwshpn5A7VnaK/EAooeKUiobZAaERaBhZc/ZUIiB6bH4rwHRHfw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 234A
162 KB
52 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c0c72d886032a716c8ef235beb00e78da88f991dcb337f92131bb5167f15d62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:44 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=C1e2k9p-S49aJaF7Y16mTWLWXUSjX7ccXKVKLAFwGSuLxIMllJKnX0Jg0GqFki7acmToi-C9hKy6WD1IpDntqpYW17wvFBKfA3mYqgNKP1bBa1iQvWQT-y4tfnbUdY6SdmAa5Ahim94yrv1-i0S5KFb7D0UE4ubZL9dIe-_MDlDAdhuJHimUofq_ESrTsL6tzaYhOdFPwklgljJ_tW9305p3O9-U886oQv6f4I3KKGcyS9Tl40PkMBlgK1pQ84tj-LYPcQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
80201439
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 48E2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BB7D
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Tue, 06 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 48E2
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:40:45 GMT
l
www.google.com/ads/measurement/ Frame 48E2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQb9eSc7j1-jTr042-MR6voVFpSieRHFnYeSQZHrE472C5yw9-yYATSd0_pBQh-MZkTKPOV7JjHOOLYDtAKp7_zRtYOXQ
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 48E2
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 20:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Sep 2023 20:34:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48E2
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:45 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 48E2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQDgTQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEsAJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfSglzTxQcY9eSmizwk6j6dCeqv3-js-uQacRsrfk9qqzaQD0qhxI4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTgxNzA5NjY1MzgxNTI1NDMYkfNs&sigh=lq-OLoOX9qg&uach_m=[UACH]&cid=CAQSOwCsnQUxmFKVBX1-CHsbgylYhxO_ICRBT02ICwVwAXIhiRwQMBnhP8YyIjj1aBZDNmCs09wbypDDplxPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

notify
rtb.fr.eu.criteo.com/google/auction/ Frame 48E2
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k_i0EcY1oAHYBJ2DYgICAAAAMehkb_4U43Jw1Gd7ebQgeBBArhZjvRbk6uExEXBsoIAAEgAA&wp=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
server
Kestrel
server-processing-duration-in-ticks
298305
content-length
0
strict-transport-security
max-age=31536000; preload;
widget.js
widgets.outbrain.com/n2d/widget/ Frame EE39
32 KB
9 KB
Script
General
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-169-82.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9c18d5e3cf0aa39870b92e07cc23a28256211b9bfa135e5f41200a8939fbfa25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 07:26:52 GMT
server
AkamaiNetStorage
etag
"cc3490b62426b2e3141f0f4d56113e8d:1659598351.060609"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8961
expires
Tue, 06 Sep 2022 06:19:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame EE39
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame EE39
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:40:45 GMT
l
www.google.com/ads/measurement/ Frame EE39
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRR_aY38EW3OZNTGj51KnMFrn0cxFMQQV43rb-Y7FwmGQVZrlLw56Qgd_9VGQEz-8zr_72w_nia9k4gOFOOGcZeGZkFQw
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EE39
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 20:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Sep 2023 20:34:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE39
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:45 GMT
widget-728x90.js
widgets.zemanta.com/1661433531/ Frame 783F
11 KB
5 KB
Script
General
Full URL
https://widgets.zemanta.com/1661433531/widget-728x90.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e45932891062de514a6738f4c3be3b2d9ac0c79efe98ceba9674c773b1573f37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
E2bF2wcVXprPu97La_YduNv.uWYz03Sx
content-encoding
gzip
etag
"525626d20445cd4f5ff19a5da039fe83"
age
2847
x-cache
HIT
content-length
4508
x-amz-id-2
pAXXv676zcJdcpurhMKpYHOC7eRk2M/JLumtFAMIROS25hrUZSO0M8V3J3ue+OzWXQtKeIhzu3Y=
x-served-by
cache-hhn4078-HHN
last-modified
Thu, 25 Aug 2022 13:20:34 GMT
server
AmazonS3
x-timer
S1662430785.338647,VS0,VE0
date
Tue, 06 Sep 2022 02:19:45 GMT
vary
Accept-Encoding
x-amz-request-id
X7WTFGQNXDKEC45R
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
48
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 783F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:57:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 783F
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Sep 2022 01:40:45 GMT
l
www.google.com/ads/measurement/ Frame 783F
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCqYBRL_KHNtUxibH6i2Iy9SeCQlEFsPTXxPL_r7D6lw9-B5b3cIBEROyI5KJ0tGTY4VNldqFQdkRmaZRKY5OZ6_qfWg
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 783F
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 20:34:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Sep 2023 20:34:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 783F
142 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:45 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EE39
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Co9-9QK4WY6WHMIOW9u8P7u6vsAeYmZSNXJ2cudWKCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzoAHF_565A8gBCeACAKgDAaoEsQJP0EL8SL2vVC3eV4bKy0BhOPKiajZlGZZ_uay1i2sXKSY8rqY-BzKQyAAIAaL-F9n7FwHaG2P003D3iXs6EHx4mcSbX2JPxBoAYq5TAhenh5fNTFyJeIvjxQCc5fksq5KHR1e6cNgw3YwJDg9vgsTMf-3gPyVHprxe0C7KsuoH49o2BQUiNC2PH0xoBgTA2DN3WPZ3x_JuB-N98mY_poL5MtxPo13ocvuPw805ftLenCnpFKkj3LX2GU5UAZ7wHVig20QqDvGTOalCXSOFcQzxVaPJdDr86LC8DwYHjmaZVAEraaRyelJDiQ8_gY6ENoBDYOFrN1QcVK5u_nP1ZMAOxqmF0Bh2C903reaX0DdLRnHLLS1h-4jvrPjPMOFr09XTf4I8v0QACL0InFg-afppUuAEAYAGu9nfmsiMib9IoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjYwNDMzMTUzODgxNzMzNoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MTcwOTY2NTM4MTUyNTQzGJHzbA&sigh=YxwOD4MaPxY&uach_m=[UACH]&cid=CAQSOwCsnQUxmFKVBX1-CHsbgylYhxO_ICRBT02ICwVwAXIhiRwQMBnhP8YyIjj1aBZDNmCs09wbypDDplxPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

/
b1-eudc1.zemanta.com/bidder/win/googleadx_display/5f7982ad-2d8a-11ed-8175-b0674a4c98ee/YxauQAAMA6UH_YsDAAv3brkmkxKBdwva3lCstw/HEI7SULS2M5HOSK4PZRPOHDDC25BDKLEHPJEUJDDUHLJW6MUBH3KRDUMYOO5GEL67GXKEWI... Frame EE39
0
0
Fetch
General
Full URL
https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/5f7982ad-2d8a-11ed-8175-b0674a4c98ee/YxauQAAMA6UH_YsDAAv3brkmkxKBdwva3lCstw/HEI7SULS2M5HOSK4PZRPOHDDC25BDKLEHPJEUJDDUHLJW6MUBH3KRDUMYOO5GEL67GXKEWIPBANKTQRWZNX5XXZXLDL47M73VUJ6BMYYVGACRVRBPJFBXNJE4FQDQRZMYREFWMUR472CNUHCY735UKAZOWNTFLTZRRABJL45UUCXAZVN2D5N2VQ25N4YEW2DZ6MR7OJCMLYZJWTYPOVIN27OD4FWM4XYM2LBFUJNSVAKRPORJFEUICYCRAQOTN5FOTQJ53CU57S46J7ZWCVSV5PKDPNMB7T7NHZNRZFA7GUGHKHOBVRWCHITPR3TC6XK3YOKLCBA4EMYQHPQDF7FKE6TVVZKCQOEN3NB6A6SM5WHD6HOTUVNF3XZGQGUXNYW4UWMR5SQSJEBASIRGODNEZOPW6PMPC5SVXZ5B377NOGYRYKD6JGV27QVRK57YADTMN553HWY3O3QZBN74I2LYAZL5OL6PBE5H7MM5MMGVYE36SWGEC6E7IT2O6WP7ZSE/?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 06 Sep 2022 02:19:45 GMT
Content-Length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 783F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZkwXQK4WY6OHMIOW9u8P7u6vsAeYmZSNXJ2cudWKCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04MTcwOTY2NTM4MTUyNTQzoAHF_565A8gBCeACAKgDAaoEsgJP0I5KbdX63G264rd35ImpvraMxEpl7LqJrlvnRGaz4Iia9T9BREuXu02RzYXMtmBM2TuJW1uW7MjFf3tsgrnzkNJ3EBOq4nSKr6ULUwi4G99hDX_K9bduQJlTnJ3s8d9qQoF0m-71MHvyRL_cxP85_EtQU4UIozFtUDNTZyWFBKC9RFradtqOQSlcUEkzTvjteW6AD23puKKEI_juqpmoaT5Mct1zpubkyerB1wagDd-ixaITHX3V4s5IIKyXxCpVFWFbB7XWuhPf2l9V17dZ6MU1Vkoecl8NAX6L6lqm3pyEK5TdQl60cLaOPM3HSOsLx-urh9jmSOIjmfA8IZui2agUqDvIi-vDcaGN3f64Vj2sl8UrVd-aSIZIsQTbvoe4kAeN0N6yiS0EeZN_1jZp3V_gBAGABvmvm5nL8I_wb6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTY2MDQzMzE1Mzg4MTczMzaACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODE3MDk2NjUzODE1MjU0MxiR82w&sigh=xAP7XxIRUY0&uach_m=[UACH]&cid=CAQSOwCsnQUxmFKVBX1-CHsbgylYhxO_ICRBT02ICwVwAXIhiRwQMBnhP8YyIjj1aBZDNmCs09wbypDDplxPGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

/
b1-eudc1.zemanta.com/bidder/win/googleadx_display/5f77d769-2d8a-11ed-8810-2b373ad2fa64/YxauQAAMA6MH_YsDAAv3btYCJ2AxJ-onFhr7Sg/67OFNVECITD35OH44IKBS7UHWK7H3TWQCSUD3SDDUHLJW6MUBH3NNRFPET2PJ6S3SOFZ3PV... Frame 783F
0
0
Fetch
General
Full URL
https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/5f77d769-2d8a-11ed-8810-2b373ad2fa64/YxauQAAMA6MH_YsDAAv3btYCJ2AxJ-onFhr7Sg/67OFNVECITD35OH44IKBS7UHWK7H3TWQCSUD3SDDUHLJW6MUBH3NNRFPET2PJ6S3SOFZ3PVFPNAGNUDP2RIBDG2R53L47M73VUJ6BMYYVGACRVRBPJFFNJ2VBTC7CETWHLQ4K5Q3T6CPPUU7FLDNHWYCN6NTFLTZRRABJL45UUCXAZVN2D5MLRMMGRJA77AFV4SVDMYYO42L7WTYPOVIN27OD4FWM4XYM2LBFUJNSVAKRPORJFEUICYCRAQOTN5FPXZGH4MQQ4KT4OMLI3BOUFF6LKHZTJHSRCQE5DYJKM6KUIDIGB47AAH7TS6DFFMBNJ6LGG76OQUULQRXWI4LO3BVFHGOWU3WGIQ42TGCLJIT3YYHMEHITE3464RH64ZFUNQWCXXT4FP4MOHSMLW7S4SKOGJGKGHP4NE4G5HMQDGEBJRSYD4PK2LR4BTFKMNRQAGBACA4PF6WKCPO4STNJHBUI45BTKDB5HHD7JA3QYCQHLGUUF4Z4DUCPJXBUQSVH3SI4GYA6WZA6/?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 06 Sep 2022 02:19:45 GMT
Content-Length
0
538825164401861
connect.facebook.net/signals/config/ Frame 3887
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/538825164401861?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c8f796a154b2e99c4a9f812239d07af186c33c82342de4d223d90722ea7a6f5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Q1GF9LuH9vnNjiN6iWqIdEtzS9kO8+7wo8ScVeV+wd/OQvui3lFwImzXo/ceTF4GEy0T35CpdKB8GmB0JVTF3g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ Frame 48E2
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd442e99c05f92c858287b6bc9b4b06add841f02d1f47ec993c48e4f088b6300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BB7D
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDJPOyT5vT9PMZb7G3m4Zbg&google_cver=1&google_push=AehlK4AIY1DDt01WTb7w7CF9AO2D-nw2k4eGSBsKFj3QupjLpJkfRgiy459vPbgjAp1iB7aNjg6GWfSd6sqz9oBqmWlVeVN-Gx4
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame BB7D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECr7s21WwLutFS6ugxH_Dik&google_cver=1&google_push=AehlK4C54Mc22hZTTHWJDhsVG5dpkx5zJQdFct_B6KF8eGZp8nvwn2QFl3PQHvx6zCH7bhK3fP-uJHc6FhTcZLe-AmVp...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECr7s21WwLutFS6ugxH_Dik&google_cver=1&google_push=AehlK4C54Mc22hZTTHWJDhsVG5dpkx5zJQdFct_B6KF8eGZp8nvwn2QFl3PQHvx6zCH7bhK3fP-uJHc6FhTcZL...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7eb53307-b4df-4ea9-afc6-a7b1cf25f22e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7eb53307-b4df-4ea9-afc6-a7b1cf25f22e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ce8992fa-8c04-495d-a997-ac134f80a0cb&user_group=1&ssp=google&bsw_param=7eb53307-b4df-4ea9-afc6-a7b1cf25f22e
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4C54Mc22hZTTHWJDhsVG5dpkx5zJQdFct_B6KF8eGZp8nvwn2QFl3PQHvx6zCH7bhK3fP-uJHc6FhTcZLe-AmVp0CQ59tE&google_hm=frUzB7TfTqmvxqexzyXyLg==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4C54Mc22hZTTHWJDhsVG5dpkx5zJQdFct_B6KF8eGZp8nvwn2QFl3PQHvx6zCH7bhK3fP-uJHc6FhTcZLe-AmVp0CQ59tE&google_hm=frUzB7TfTqmvxqexzyXyLg==
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4C54Mc22hZTTHWJDhsVG5dpkx5zJQdFct_B6KF8eGZp8nvwn2QFl3PQHvx6zCH7bhK3fP-uJHc6FhTcZLe-AmVp0CQ59tE&google_hm=frUzB7TfTqmvxqexzyXyLg==
Date
Tue, 06 Sep 2022 02:19:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame BB7D
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEF-PPEML6HETzsBiogZuh1g&google_cver=1&google_push=AehlK4DFXMiG_LCPP3yeZ9m_8lBHJMYg7K4LsWEm-jdjVKGuKFffWTXj2Gyc0j19KobS96yMCzg3wQVw1yNjvATRkLl6ESs4eQ
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEF-PPEML6HETzsBiogZuh1g&google_cver=1&google_push=AehlK4DFXMiG_LCPP3yeZ9m_8lBHJMYg7K4LsWEm-jdjVKGuKFffWTXj2Gyc0j19KobS96yMCzg3wQVw1yNjvATRkLl6E...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DFXMiG_LCPP3yeZ9m_8lBHJMYg7K4LsWEm-jdjVKGuKFffWTXj2Gyc0j19KobS96yMCzg3wQVw1yNjvATRkLl6ESs4eQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DFXMiG_LCPP3yeZ9m_8lBHJMYg7K4LsWEm-jdjVKGuKFffWTXj2Gyc0j19KobS96yMCzg3wQVw1yNjvATRkLl6ESs4eQ
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DFXMiG_LCPP3yeZ9m_8lBHJMYg7K4LsWEm-jdjVKGuKFffWTXj2Gyc0j19KobS96yMCzg3wQVw1yNjvATRkLl6ESs4eQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame BB7D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELgj0GRj3s6xEHiOC4Le37s&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELgj0GRj3s6xEHiOC4Le37s&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELgj0GRj3s6xEHiOC4Le37s&google_hm=YxauQcHqlcQUC8BfJAjDaAAABF0AAAIB&google_nid=index&google_push=AehlK4CTscHjwyRvItcMZdg04hqmWOfOlaEb4...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELgj0GRj3s6xEHiOC4Le37s&google_hm=YxauQcHqlcQUC8BfJAjDaAAABF0AAAIB&google_nid=index&google_push=AehlK4CTscHjwyRvItcMZdg04hqmWOfOlaEb4tM5XoErcht-4qdyWzOWQFaaZ9a_JO5hu2UahDfFhvQS6Q6Fk1uTzMFpK6fpk9M
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkW%2BBPfLGQyjjgzs3fnJPovdnmLvQASqfgUaH0sT%2B6ehgFJQmYeL4wg5sR00HB0b139%2BGC628%2FdwuAHQtn9HwY05%2Bt0evkfv%2FNKVxV1keUJlhhWAtHmxV%2Bg2hpa%2BsRwl7Wcf77LmWI%2Bsig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELgj0GRj3s6xEHiOC4Le37s&google_hm=YxauQcHqlcQUC8BfJAjDaAAABF0AAAIB&google_nid=index&google_push=AehlK4CTscHjwyRvItcMZdg04hqmWOfOlaEb4tM5XoErcht-4qdyWzOWQFaaZ9a_JO5hu2UahDfFhvQS6Q6Fk1uTzMFpK6fpk9M
cache-control
no-cache
cf-ray
7463b8b99c216910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame BB7D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4AZ3msuJre-idLa0TBIgi-ivaEemnGqg3znNDkWD7xB4D73jHUOZHk5jTQX_3OD3Ea791Q1VWUEGk83UK3sJn8cyDAazBk&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-5604b7a8-7587-41d5-8a5b-cf577aadb447-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4AZ3msuJre-idLa0TBIg...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AZ3msuJre-idLa0TBIgi-ivaEemnGqg3znNDkWD7xB4D73jHUOZHk5jTQX_3OD3Ea791Q1VWUEGk83UK3sJn8cyDAazBk&google_hm=A1YEt6h1h0HVilvPV3qttEc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AZ3msuJre-idLa0TBIgi-ivaEemnGqg3znNDkWD7xB4D73jHUOZHk5jTQX_3OD3Ea791Q1VWUEGk83UK3sJn8cyDAazBk&google_hm=A1YEt6h1h0HVilvPV3qttEc
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AZ3msuJre-idLa0TBIgi-ivaEemnGqg3znNDkWD7xB4D73jHUOZHk5jTQX_3OD3Ea791Q1VWUEGk83UK3sJn8cyDAazBk&google_hm=A1YEt6h1h0HVilvPV3qttEc
date
Tue, 06 Sep 2022 02:19:45 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5604b7a8758741d58a5bcf577aadb447003
content-type
text/html
/
cc.adingo.jp/adx/push/ Frame BB7D
0
44 B
Image
General
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEJ8z6s3qzK5-Ipm2kZTZVWI&google_cver=1&google_push=AehlK4D04yOy2j_RDLCjg4_lZE6dEnCZJnfrbeHnQW6U1oy3vH0t20hdapHGYjzUQ34YdGzgFLZGZJcAOhMe6og6OLpLEcyrSic
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.69.128.25 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-128-25.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:46 GMT
server
awselb/2.0
spacer.gif
an.yandex.ru/resource/ Frame BB7D
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEBtpsXs_gD_7Abp_1CHNB8o?ext-param=AehlK4DzlTEJp9MPelexjrGup9KfD79uO8TZv2j6JXujDIdpFX_xO_DqPtRpDkXJGn3V59K9-_r3uqwNQhfEa6WehKfbAePMosM&partner-tag=yandex_ag&go...
  • https://an.yandex.ru/mapuid/google/CAESEBtpsXs_gD_7Abp_1CHNB8o?redir-setuniq=1&ext-param=AehlK4DzlTEJp9MPelexjrGup9KfD79uO8TZv2j6JXujDIdpFX_xO_DqPtRpDkXJGn3V59K9-_r3uqwNQhfEa6WehKfbAePMosM&partner-...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBtpsXs_gD_7Abp_1CHNB8o&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B
Image
General
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Tue, 22 Aug 2023 02:19:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BB7D
0
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KiSIYqYuhsVhvjrpsKV_fF0La8PJLETEC_ln1CyYrxy4cDM_sY4JV6n1HXM9bS974D8pRDCw
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
b1t-eudc1.zemanta.com/t/imp/impression/C3MBEWK7OXMAUSJQAQUMHFHFIYU4MS7K7GJIYXXVUINLGXQBZ6O25PXH74VH2ZKCXODBUUGZELG5O6QPEIRP5E2BBJJKTYZI3ZQ2VZYOOEY6T7NUJWPN3F4MAIPZWKFW76EXJLRK2VDVKBAIX56NNXVTSZ6HOV... Frame 783F
26 B
151 B
Image
General
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/C3MBEWK7OXMAUSJQAQUMHFHFIYU4MS7K7GJIYXXVUINLGXQBZ6O25PXH74VH2ZKCXODBUUGZELG5O6QPEIRP5E2BBJJKTYZI3ZQ2VZYOOEY6T7NUJWPN3F4MAIPZWKFW76EXJLRK2VDVKBAIX56NNXVTSZ6HOVWAHYFITV5IYRYZNYWA6V4KEARN4OENNN5MLFQAR5MLQZHGXI3OSNIE4ZF3D3WOUGABL3O23Q4VJKBXJUET55VJLB5LQLSWRVGDPBZ5AU5PDKTE2X6BBNTR437GJVVOFPBK35XAGT7XMNKCEEHLRCWHA2LQ2R3L63AAYLLEGAEHZXIDXG5S2XJNVCBXK4LBGEHHY7LBBUPGSJTURSAKVMGA/?
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:45 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 783F
3 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-169-82.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 06 Oct 2022 02:19:45 GMT
4f28d06d7c8a4572e765f7f48ccb1d215c.jpg
zem.outbrainimg.com/p/srv/sha/a9/e1/50/ Frame 783F
9 KB
9 KB
Image
General
Full URL
https://zem.outbrainimg.com/p/srv/sha/a9/e1/50/4f28d06d7c8a4572e765f7f48ccb1d215c.jpg?w=159&h=88&fit=crop&crop=center&fm=jpg
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3b20b2d23b4722435f3cd8c81d30b251291f98e27bf9b9d0382fa9bbd7634f7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1608731
x-cache
HIT, MISS, MISS
x-imgix-id
1c0a1bc44d68db19d7c1e2811e3ff1be03289f68
content-length
8783
x-served-by
cache-sjc10073-SJC, cache-vie6364-VIE, cache-vie6358-VIE
last-modified
Thu, 18 Aug 2022 11:27:33 GMT
server
imgix
x-timer
S1662430785.490883,VS0,VE164
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
x-cache-hits
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 74FE
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Tue, 06 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 783F
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffe23fccd58afaeb99a872b2094aaaa65e876ae60457d0bb6915422c94224176

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/conversion/10926351255/ Frame 3887
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/10926351255/?random=1662430781927&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&ref=https%3A%2F%2Fwww.midianews.com.br%2F&tiba=Betano%20-%20B%C3%B4nus%20Cadastro%20(M1)%20-%20BETZORD&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
33923fea797aa9edf55540266b2ca2c365b3e4cd2b273f130e8ab6513efdd5e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1242
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 234A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 02:19:45 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 234A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 02:19:45 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 234A
308 B
637 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 01 Sep 2023 02:19:45 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 234A
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 01 Sep 2023 02:19:45 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 234A
43 B
348 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=f_dKl1ZpWqWyd-VI72KXQtaSeJIX8Ekv7uofm2x9YPyuUoGfYRzPbag5a_utu5UJi9Phvb7EpgRolmegeeNuE-bjAis4wMj9whym19Pl-ElycwKfj0wHyMbyIza1StFHuPHplhNT4Ce8c-YRb2t4xKQpK4lCyzwDa5XA4ahcEbdXiN2EexjWCfPdLe8hPl7J6yXzaLytRzE58ZuoXRrv9H9s7ji4IToreU7Zd2Qre6UBxI53AMlPPEt_LeyZMYZTVS_TcddHhAILfn5cpdJrAnO5AgVHY0mtK9dbQClTbe0LB3m1-ztg0WhmsG75SvVhJjTJqDj4r3W3Bp2ncfZBYF4jR5zEvpLNfPGIZrVtG6cOqTK84rm-Sel1m1bx2Dd2aOBG3pXLxoJc8kjXu4HJEJwBxRkg0SH7iYXBWWodzwZhGAa-
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3405288
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
234816585028143
connect.facebook.net/signals/config/ Frame 3887
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/234816585028143?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
15a5d7cecb3041af48c6bfbcb42527fc00422cec34ff89afad0762c3cd7ff151
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
9HicCRmdX9F91cmWFTYiI34U0uuGCUNSpl/kI1q+SiyZlHENWlhQRZr/YqgdQ8BiAWNBhurRnjzR0Ah7JuJpdA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 234A
12 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3475689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odzURVg2sFEks59asjT%2BjRUHWScjhJE%2FLvVi9YqLiaQ%2FO%2FIcWhC%2B6PrllmRqHPoA6a7pycBQDTJNKqtTFLnQOP1aev4FRYDn2xephn50jshePe31CIzhrK9usjV11aqJtyPJNbRNZUfl6oITkbP6xlKB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7463b8b9e94b6939-FRA
expires
Sun, 27 Aug 2023 02:19:45 GMT
animejs.js
static.criteo.net/animejs/ Frame 234A
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 02:19:45 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 234A
68 KB
68 KB
Font
General
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 02:19:45 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 234A
68 KB
68 KB
Font
General
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 02:19:45 GMT
img
pix.eu.criteo.net/img/ Frame 234A
24 KB
24 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2Fe47551705bde4240a673c74cf1908518_img_vertical_1.png&v=3&w=1200&s=sSCl_wz20me2O8QAzdPYk4CH
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a13ff34f1f6805135cb084e3cb1044861ca7037ddeaff9e8359bec5cf4010ef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28639297
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
24096
expires
Thu, 03 Aug 2023 13:41:23 GMT
all
csm.eu.criteo.net/ Frame 234A
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=C1e2k9p-S49aJaF7Y16mTWLWXUSjX7ccXKVKLAFwGSuLxIMllJKnX0Jg0GqFki7acmToi-C9hKy6WD1IpDntqpYW17wvFBKfA3mYqgNKP1bBa1iQvWQT-y4tfnbUdY6SdmAa5Ahim94yrv1-i0S5KFb7D0UE4ubZL9dIe-_MDlDAdhuJHimUofq_ESrTsL6tzaYhOdFPwklgljJ_tW9305p3O9-U886oQv6f4I3KKGcyS9Tl40PkMBlgK1pQ84tj-LYPcQ&sds=2&rev=82604.2&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Sep 2022 02:19:45 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 234A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 02:19:45 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 234A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Sep 2023 02:19:45 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 74FE
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECEOUMY-GviBTBjNn1wH8zs&google_cver=1&google_push=AehlK4C83l_KVsAur_AHKsptTyXP39k0WRCOo1Fs0Nzg1tf9r5MUDqHmbSDYfylHpzEnfmxUEFPvKzDZQcGsbUY02JzcwT0mDGA
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 74FE
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMFI3S4XGWWw4i59QgMxBgc&google_cver=1&google_push=AehlK4DZ2qM2vpwoabCwKeiv6p8bUZ3CLh-oI8lQfpkwaIURj8xJbQuC2cNI5CtTxuAnoE6C0NCfw8nd7q8YBTIOHW4sua5rofHU
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 74FE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN2YF5KPRJVW4fEdN_nXmWQ&google_cver=1&google_push=AehlK4AhgssbYKkezxnnOifyaYcPE20NcRia2BOQtRISIkjH75F3P9PVtYnixgYwvycrIRy4UnQlIHVf...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN2YF5KPRJVW4fEdN_nXmWQ&google_cver=1&google_push=AehlK4AhgssbYKkezxnnOifyaYcPE20NcRia2BOQtRISIkjH75F3P9PVtYnixgYwvycrIRy4UnQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NTcxNDczNTQ0NTUzMzI2MA&google_push=AehlK4AhgssbYKkezxnnOifyaYcPE20NcRia2BOQtRISIkjH75F3P9PVtYnixgYwvycrIRy4UnQlIH...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NTcxNDczNTQ0NTUzMzI2MA&google_push=AehlK4AhgssbYKkezxnnOifyaYcPE20NcRia2BOQtRISIkjH75F3P9PVtYnixgYwvycrIRy4UnQlIHVfXI7RSPScCBqrpzI8yu9N
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NTcxNDczNTQ0NTUzMzI2MA&google_push=AehlK4AhgssbYKkezxnnOifyaYcPE20NcRia2BOQtRISIkjH75F3P9PVtYnixgYwvycrIRy4UnQlIHVfXI7RSPScCBqrpzI8yu9N
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 74FE
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECIMclgc5MaMDMyAYKKEhiA&google_cver=1&google_push=AehlK4AAKiZFMazeo_fRXitsZOKpDvoJjgtElc9LNl1vT5AsjM627CtmNl-9Zdb0LRJjtouPAlwDl...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4AAKiZFMazeo_fRXitsZOKpDvoJjgtElc9LNl1vT5AsjM627CtmNl-9Zdb0LRJjtouPAlwDlo2VkFps7cAIilzD-_uYVy9v&google_hm=WXhhdVFzQ28...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4AAKiZFMazeo_fRXitsZOKpDvoJjgtElc9LNl1vT5AsjM627CtmNl-9Zdb0LRJjtouPAlwDlo2VkFps7cAIilzD-_uYVy9v&google_hm=WXhhdVFzQ284WHNBQU51SzhRZ0FBQUFB
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
46
Date
Tue, 06 Sep 2022 02:19:46 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESECIMclgc5MaMDMyAYKKEhiA&google_push=AehlK4AAKiZFMazeo_fRXitsZOKpDvoJjgtElc9LNl1vT5AsjM627CtmNl-9Zdb0LRJjtouPAlwDlo2VkFps7cAIilzD-_uYVy9v&proto=google_ebda","cluster_id":46,"gdpr":true,"ipv4":"0.0.0.0","key":"YxauQsCo8XsAANuK8QgAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad366"}
X-SO-Ads-Time
3
X-SO-Key
YxauQsCo8XsAANuK8QgAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad366
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AehlK4AAKiZFMazeo_fRXitsZOKpDvoJjgtElc9LNl1vT5AsjM627CtmNl-9Zdb0LRJjtouPAlwDlo2VkFps7cAIilzD-_uYVy9v&google_hm=WXhhdVFzQ284WHNBQU51SzhRZ0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad366.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-IP
185.213.155.166
pixel
cm.g.doubleclick.net/ Frame 74FE
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEPOfUW0fEkzIB33TAXFxzNM&google_cver=1&google_push=AehlK4BxvTQR4TYqg-mbMQTKbqoHJkJ0mbp9q4ieg3cnwaStoJhdcUxZL...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AehlK4BxvTQR4TYqg-mbMQTKbqoHJkJ0mbp9q4ieg3cnwaStoJhdcUxZL_culxef1yxB6YrEsjHMrzAZ32pHCSw72WnVMpKszjIZ7g&google_hm=QlMuZWZhMy0xODY2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AehlK4BxvTQR4TYqg-mbMQTKbqoHJkJ0mbp9q4ieg3cnwaStoJhdcUxZL_culxef1yxB6YrEsjHMrzAZ32pHCSw72WnVMpKszjIZ7g&google_hm=QlMuZWZhMy0xODY2LTQ2NjMtOTZmZA==
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AehlK4BxvTQR4TYqg-mbMQTKbqoHJkJ0mbp9q4ieg3cnwaStoJhdcUxZL_culxef1yxB6YrEsjHMrzAZ32pHCSw72WnVMpKszjIZ7g&google_hm=QlMuZWZhMy0xODY2LTQ2NjMtOTZmZA==
Date
Tue, 06 Sep 2022 02:19:45 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
um
cs.emxdgt.com/ Frame 74FE
0
55 B
Image
General
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEC3ovjlE9qt5JKWcXa1INpY&google_cver=1&google_push=AehlK4ClNk3UF6HVdUXT5CG8hR4n7KH1-Ds9lBOUuEPAj1wy6wPJJ4jjMDdviWPb5FxA_14izf9QuXshFIAfkFmNKZTviEIv87Adag
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-length
0
content-type
text/html
/
onetag-sys.com/match/ Frame 74FE
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH8uf7WP_Vue21PzavEop3E&google_cver=1&google_push=AehlK4BpakK6Zjj-WCuC7Js-lF2rcYSp3FKhLfkb1gfWbID-qH5WNQ_fsyxxi8UomycumAGgNsOa8mUYEjl...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BpakK6Zjj-WCuC7Js-lF2rcYSp3FKhLfkb1gfWbID-qH5WNQ_fsyxxi8UomycumAGgNsOa8mUYEjl2IaLA3VOoC64NxpCTsw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 74FE
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_cOaDjck8F0wDRkq3NwNsEy1LYRftcaqZsVgBCPgNSd7flhmQl7cESpw_2wNwSgpnBAvjjNoF
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame EE39
3 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.169.82 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-169-82.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 06 Oct 2022 02:19:45 GMT
4f28d06d7c8a4572e765f7f48ccb1d215c.jpg
zem.outbrainimg.com/p/srv/sha/a9/e1/50/ Frame EE39
9 KB
10 KB
Image
General
Full URL
https://zem.outbrainimg.com/p/srv/sha/a9/e1/50/4f28d06d7c8a4572e765f7f48ccb1d215c.jpg?w=180&h=90&fit=crop&crop=center&fm=jpg
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
8ad78ed7b76b1be1296bf2c79d81318afa7eab726b1011f591ef037ef6b1728b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
991232
x-cache
HIT, MISS, HIT
x-imgix-id
28b7da76ea053ee320832c86911ddf5e9fbfde1f
content-length
9625
x-imgix-render-farm
01.1
last-modified
Thu, 25 Aug 2022 14:59:13 GMT
server
imgix
x-timer
S1662430786.620189,VS0,VE1
x-served-by
cache-sjc10078-SJC, cache-vie6342-VIE, cache-vie6358-VIE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
x-cache-hits
1
/
b1t-eudc1.zemanta.com/t/imp/impression/C3MBEWK7OXMAVO42VT4FCS7H3YU4MS7K7GJIYXVM7GJB5HKH2WHXDHWIIQDWVJAXNCXSPLUKTRXS6QPAJBQZLCUQWNN22CT7JTI6Y644QKICS35UGIZJAZIUDPML3USVXFQ6AIYP5N67EBAIX56NNXVTSZ6HOV... Frame EE39
26 B
151 B
Image
General
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/C3MBEWK7OXMAVO42VT4FCS7H3YU4MS7K7GJIYXVM7GJB5HKH2WHXDHWIIQDWVJAXNCXSPLUKTRXS6QPAJBQZLCUQWNN22CT7JTI6Y644QKICS35UGIZJAZIUDPML3USVXFQ6AIYP5N67EBAIX56NNXVTSZ6HOVWAHYFITV5IYRYZNYWA6V4KEARN4OENNN5MLFQAR5MLQZHGXI3OSNIE4ZF3DZIWW5V2B6A7L6EVJKBXJUET55VB4MDG5RRICYEUIDGNCWNZX2BIDW6TSB7Z73OFFWR7AFGNZE3ZHH7QWMSTWUWZKREQUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTNUB5BKW55XIKRQ/?
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 02:19:45 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 64D8
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
47070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Tue, 06 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EE39
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1cc3ce9cae7a120fb2d1d456fb03e532ae00bc03faaafa7c61cd57302b1dde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
174286427893315
connect.facebook.net/signals/config/ Frame 3887
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/174286427893315?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f76aa3f53fc6947f307ca9896f09e2fe4acbaa4aec299ad3f2dc9a23527888e0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
yuuq8mvARtyPbXt4ko/p2nBvEi1AkVgIMg5KB1dtaGWg+fOOQpT2LYQT/djPad6G99574gVQKByrajTbcaem9g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 06 Sep 2022 02:19:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
8.png
raw.githubusercontent.com/feliphedev/luck/main/Export/
Redirect Chain
  • https://github.com/feliphedev/luck/blob/main/Export/8.png?raw=true
  • https://github.com/feliphedev/luck/raw/main/Export/8.png
  • https://raw.githubusercontent.com/feliphedev/luck/main/Export/8.png
47 KB
47 KB
Image
General
Full URL
https://raw.githubusercontent.com/feliphedev/luck/main/Export/8.png
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0ba22569bad288617386bc7519ce0e65b7cd23cb5d8c9bd1e83371b0124dc7e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-fastly-request-id
fc1146c61f9137beedf8afc829b2e51c31d439a4
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
via
1.1 varnish
x-content-type-options
nosniff
x-cache
HIT
x-cache-hits
1
vary
Authorization,Accept-Encoding,Origin
content-length
48230
x-xss-protection
1; mode=block
x-served-by
cache-hhn4076-HHN
x-github-request-id
BEDE:8978:1B66840:1D1A956:63163F2D
x-timer
S1662430786.990897,VS0,VE145
x-frame-options
deny
date
Tue, 06 Sep 2022 02:19:46 GMT
source-age
0
strict-transport-security
max-age=31536000
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
etag
W/"c56812cafc5f5f5dd73a1048977b049aa63fee6b6d4f46b417d95a451f2f0ab5"
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:24:46 GMT

Redirect headers

date
Tue, 06 Sep 2022 02:19:45 GMT
x-content-type-options
nosniff
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
content-length
0
x-xss-protection
0
location
https://raw.githubusercontent.com/feliphedev/luck/main/Export/8.png
referrer-policy
no-referrer-when-downgrade
server
GitHub.com
x-github-request-id
EC92:196F:1E838C0:205D205:6316AE41
x-frame-options
deny
expect-ct
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
text/html; charset=utf-8
access-control-allow-origin
https://render.githubusercontent.com
cache-control
no-cache
permissions-policy
interest-cohort=()
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events *.actions.githubusercontent.com wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src render.githubusercontent.com viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
/
www.google.de/pagead/1p-conversion/10926351255/ Frame 3887
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10926351255/?random=414449120&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCs...
  • https://www.google.com/pagead/1p-conversion/10926351255/?random=414449120&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u...
  • https://www.google.de/pagead/1p-conversion/10926351255/?random=414449120&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/10926351255/?random=414449120&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&ref=https%3A%2F%2Fwww.midianews.com.br%2F&tiba=Betano%20-%20B%C3%B4nus%20Cadastro%20(M1)%20-%20BETZORD&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Qa4WY4r3IpmG9fgP-KGVkAE&cid=CAQSKQCsnQUxL7bq4T1f2pu3dENRg01geYhelm5f_5fPtykj68TTeG2X35kc&eitems=ChAI8LzWmAYQlu7pz-CI4pwZEh0AQVJMdWANWukfYw39xGkHg14I_lnbgktHaKKJvQ&random=3831245806&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/10926351255/?random=414449120&cv=9&fst=1662430781927&num=1&value=0&label=aqMsCIzjl8IDEJfHi9oo&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8v0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&ref=https%3A%2F%2Fwww.midianews.com.br%2F&tiba=Betano%20-%20B%C3%B4nus%20Cadastro%20(M1)%20-%20BETZORD&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Qa4WY4r3IpmG9fgP-KGVkAE&cid=CAQSKQCsnQUxL7bq4T1f2pu3dENRg01geYhelm5f_5fPtykj68TTeG2X35kc&eitems=ChAI8LzWmAYQlu7pz-CI4pwZEh0AQVJMdWANWukfYw39xGkHg14I_lnbgktHaKKJvQ&random=3831245806&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 64D8
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJCfyqI5g72xc8FBr8achAo&google_cver=1&google_push=AehlK4Cvr9Zkj9N1fW6ATvgVeJFaJFEHWp18rgdakaxM--8MXLKD_P8kzX0Q19SugkhSB_AhugILweUsVmLZmqROcpAuCwLVOt8
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 64D8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENCJxtlKS1Yqhla8qOBWavk&google_cver=1&google_push=AehlK4DzOhZjYwrZRC57skOdgX85mQ2BKvjoT0Aefe0qYWi4Zi_eBasdhrFBn8Wj2tlqI-4IujMddWHmdE5ccvXR...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DzOhZjYwrZRC57skOdgX85mQ2BKvjoT0Aefe0qYWi4Zi_eBasdhrFBn8Wj2tlqI-4IujMddWHmdE5ccvXR9RXNg4JVtJY
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DzOhZjYwrZRC57skOdgX85mQ2BKvjoT0Aefe0qYWi4Zi_eBasdhrFBn8Wj2tlqI-4IujMddWHmdE5ccvXR9RXNg4JVtJY
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 06 Sep 2022 02:19:46 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DzOhZjYwrZRC57skOdgX85mQ2BKvjoT0Aefe0qYWi4Zi_eBasdhrFBn8Wj2tlqI-4IujMddWHmdE5ccvXR9RXNg4JVtJY
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 06 Sep 2022 02:19:45 GMT
pixel
cm.g.doubleclick.net/ Frame 64D8
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEPulF_SUdH_IHDw-9nd6aYc&google_cver=1&google_push=AehlK4D7lQAHsadQF48rv9vVrqHyrQNshrCGrm0eUOHsj1D5c8x777-N5-d0gnV-nl8aC9Dj5YH-NBIm9m5J3kBv1sNRCA9h84U
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Rjg2NDI0RTRBMjRFNzJBQw==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Rjg2NDI0RTRBMjRFNzJBQw==
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Rjg2NDI0RTRBMjRFNzJBQw==
date
Tue, 06 Sep 2022 02:19:46 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 64D8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECaJpChm0xum8PREro-tWCo&google_cver=1&google_push=AehlK4C5Il6iwjZxNlynnp6BXJFqdl1PiTR3kjgaNkDm6cn_9EIU7TfNy_uJ3LfY29yN171URBqGkYVclG3P0fc...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wrU-CBmfRcNNUxW_nhLUgrnVm6Y&google_push=AehlK4C5Il6iwjZxNlynnp6BXJFqdl1PiTR3kjgaNkDm6cn_9EIU7TfNy_uJ3LfY29yN171URBqGkYVclG3P0f...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wrU-CBmfRcNNUxW_nhLUgrnVm6Y&google_push=AehlK4C5Il6iwjZxNlynnp6BXJFqdl1PiTR3kjgaNkDm6cn_9EIU7TfNy_uJ3LfY29yN171URBqGkYVclG3P0fct27WRFOyXrmg
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=wrU-CBmfRcNNUxW_nhLUgrnVm6Y&google_push=AehlK4C5Il6iwjZxNlynnp6BXJFqdl1PiTR3kjgaNkDm6cn_9EIU7TfNy_uJ3LfY29yN171URBqGkYVclG3P0fct27WRFOyXrmg
Date
Tue, 06 Sep 2022 02:19:46 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
sync
ssbsync.smartadserver.com/api/ Frame 64D8
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKE4wplX5SZB2LYIxFToyso&google_cver=1&google_push=AehlK4AYLW1EX6gYonN3fIZlBKBTj8LAMms5YPUtJZ0bMlpEXPsJc-mR5-mtnMkJrT6vHdVu4gZF_bXLI4aM1kkieYaaJ0idiA
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
content-length
0
v1
match.sharethrough.com/E4rooAtA/ Frame 64D8
0
35 B
Image
General
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEKnmHNpDQrXbO59Um7N816A&google_cver=1&google_push=AehlK4AACfx1MpUIc7qDVEJTk5SmDlfdy-N9GsFiqNVWhAPAQ_9AAu2TXqdyBbSuIdAVxIlWlAFm8RtjHgtk5O-u-ZVpWBuHRJSb
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.48.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-48-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
/
onetag-sys.com/match/ Frame 64D8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH8uf7WP_Vue21PzavEop3E&google_cver=1&google_push=AehlK4AxKYWHNOtW-YRrtr2sCcwEK9ij-hgPHeVsa8QybswDe3RxfmOforuWK0rwejDPxT3fDsaSbk_FygP...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4AxKYWHNOtW-YRrtr2sCcwEK9ij-hgPHeVsa8QybswDe3RxfmOforuWK0rwejDPxT3fDsaSbk_FygPCu0Q3ckxIvgMLtMER
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 64D8
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFmYAtHsmLBhQ2ZaQHn5H7EPaed9SPmXuqbtB-Dm4-rNzqebYx7fCZC3LrHTwJr1fHxGwm2KE
Requested by
Host: c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
www.facebook.com/tr/ Frame 3887
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=577109416815916&ev=PageView&dl=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&rl=https%3A%2F%2Fwww.midianews.com.br%2F&if=true&ts=1662430782214&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&it=1662430781678&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:45 GMT
/
www.facebook.com/tr/ Frame 3887
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=538825164401861&ev=PageView&dl=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&rl=https%3A%2F%2Fwww.midianews.com.br%2F&if=true&ts=1662430782215&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&it=1662430781678&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:45 GMT
/
www.facebook.com/tr/ Frame 3887
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=234816585028143&ev=PageView&dl=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&rl=https%3A%2F%2Fwww.midianews.com.br%2F&if=true&ts=1662430782216&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&it=1662430781678&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:45 GMT
/
www.facebook.com/tr/ Frame 3887
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=174286427893315&ev=PageView&dl=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&rl=https%3A%2F%2Fwww.midianews.com.br%2F&if=true&ts=1662430782217&sw=1600&sh=1200&v=2.9.79&r=stable&ec=0&o=30&it=1662430781678&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:45 GMT
/
www.facebook.com/tr/ Frame 3887
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=577109416815916&ev=ViewContent&dl=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&rl=https%3A%2F%2Fwww.midianews.com.br%2F&if=true&ts=1662430782218&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&it=1662430781678&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:45 GMT
/
www.facebook.com/tr/ Frame 3887
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=538825164401861&ev=ViewContent&dl=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&rl=https%3A%2F%2Fwww.midianews.com.br%2F&if=true&ts=1662430782219&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&it=1662430781678&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:45 GMT
/
www.facebook.com/tr/ Frame 3887
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=234816585028143&ev=ViewContent&dl=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&rl=https%3A%2F%2Fwww.midianews.com.br%2F&if=true&ts=1662430782219&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&it=1662430781678&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:45 GMT
/
www.facebook.com/tr/ Frame 3887
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=174286427893315&ev=ViewContent&dl=https%3A%2F%2Fbetzord.com%2Fbetano-promo-link%2F&rl=https%3A%2F%2Fwww.midianews.com.br%2F&if=true&ts=1662430782220&sw=1600&sh=1200&v=2.9.79&r=stable&ec=1&o=30&it=1662430781678&coo=false&rqm=GET
Requested by
Host: www.midianews.com.br
URL: https://www.midianews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://betzord.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 06 Sep 2022 02:19:45 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4F22
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi1F3N_w0leSBi4ANffdYNGfXxn5ZyOwSrfqb5EQjYCZwBMRDFiwGNZUCEUKVtLi-wM8O284eeEk_p66jImewkOtD55m2mJKzQvfyEWTmGbmnBjYBc&sig=Cg0ArKJSzC3YCnJb2XlqEAE&id=lidar2&mcvt=1002&p=259,183,379,1008&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220831&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=159180267&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662430780656&rpt=551&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F37
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdQThDweDr2rgx206NuIA22lBnuo1Y_sSUON-2-RNGj5UEAFRzXX5TzIsw3GuPHULd8xA4DU96ILPcJ1fPbufqVh51teMj1OEsyV_En1FC0b0CKFcF&sig=Cg0ArKJSzNCbjjLK1-HDEAE&id=lidar2&mcvt=1004&p=616,170,706,1140&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220831&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3242420574&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662430780587&rpt=552&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD33
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2r2Kz7ieCAY_JZohlZmVt60wIvMFl5pzWlkl_pGl0kKoNvYquzb4GQI77gtttDsWXViNwtlBwU_EqhlwUHpKWhuswCPNh8CPmY5j626jaNU1kfh6s&sig=Cg0ArKJSzOEdKaGpTUKmEAE&id=lidar2&mcvt=1000&p=259,1037,379,1417&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3084779689&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662430780667&rpt=618&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/login/ Frame 5444
Redirect Chain
  • https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34d9856de3a09%26domain...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...
0
0
Document
General
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34d9856de3a09%2526domain%253Dwww.midianews.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.midianews.com.br%25252Ff1dd7a9e9d558a4%2526relation%253Dparent.parent%26container_width%3D390%26height%3D120%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FMidiaNews%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D380
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=c9fede4f55c4b13b340cc03a35de7ed5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 02:19:46 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
pJruZW0t3FWo7yRJvMqEd/LbuBweiSxMwg6n9sUEbbanQbopiZl6yu+c3bKoYqgNHZuDbLf1404rWNwgH7vjHw==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 06 Sep 2022 02:19:46 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34d9856de3a09%2526domain%253Dwww.midianews.com.br%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.midianews.com.br%25252Ff1dd7a9e9d558a4%2526relation%253Dparent.parent%26container_width%3D390%26height%3D120%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FMidiaNews%252F%26locale%3Dpt_BR%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26width%3D380
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
AuFBYHABp4g26M5tT0shkknMjNngggLHy7xk0yxRRbYZeKuFVKP+r7QTOUIA2LNrODv6tpt05miDZSncKi4Pvw==
x-fb-rlafr
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be9bd50c9ed98c63d49345791715d05cdeb9c9410297793e4493541f905499f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 06 Sep 2022 02:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11082
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 02:19:46 GMT
/
www.facebook.com/tr/ Frame E819
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://betzord.com
Referer
https://betzord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://betzord.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:46 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 8288
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://betzord.com
Referer
https://betzord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://betzord.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:46 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame E727
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://betzord.com
Referer
https://betzord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://betzord.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:46 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 3025
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://betzord.com
Referer
https://betzord.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://betzord.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:46 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF56
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15976
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 21:53:30 GMT
expires
Tue, 05 Sep 2023 21:53:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 776F
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1fb368bf9b139a3e8579273c95e3a28890d316e2fab6813e2cd3c0f80f648f20
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RwAxbSjrDrhET30mH8Vz0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.midianews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-RwAxbSjrDrhET30mH8Vz0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 02:19:46 GMT
expires
Tue, 06 Sep 2022 02:19:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 48E2
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzpjPBI_imuj4tUPNvSmh2UWmG2s6qV4T_S0igUtDjI5mP8cAETms7npLCSMxFAwqTjg_ibsda2WWKP1yZqTK89z4&sig=Cg0ArKJSzD-ypLiwXla_EAE&cid=CAASF-RoOCe6QYv42RTqlv6dAxS2S-I3Ev1R&id=lidar2&mcvt=1003&p=320,1440,920,1600&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2050675732&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662430781575&rpt=289&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 776F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083001&jk=1626684418093761&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame FF56
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 18:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 18:44:33 GMT
generate_204
tpc.googlesyndication.com/ Frame FF56
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?FHhSdw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:19:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.eu.criteo.net/ Frame 234A
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=C1e2k9p-S49aJaF7Y16mTWLWXUSjX7ccXKVKLAFwGSuLxIMllJKnX0Jg0GqFki7acmToi-C9hKy6WD1IpDntqpYW17wvFBKfA3mYqgNKP1bBa1iQvWQT-y4tfnbUdY6SdmAa5Ahim94yrv1-i0S5KFb7D0UE4ubZL9dIe-_MDlDAdhuJHimUofq_ESrTsL6tzaYhOdFPwklgljJ_tW9305p3O9-U886oQv6f4I3KKGcyS9Tl40PkMBlgK1pQ84tj-LYPcQ&sds=2&rev=82604.2&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YxauQAAMA6QH_YsDAAv3biH2xlvyf4Vv0lWDng&u=%7CTA4fDlPFcq%2F6h3Ts6f8PyRoD9s0PQEmN0y%2BkNMw%2FEGQ%3D%7C&c1=UbEogq-ADiNBjPo1rbOP0Ehtz6KQg1hE74PursDfbSrTTODPyqm-FFa-X_uCmy4tCZpjpvEIbRNSvdMGQwUM-FQnfLwddxk8wo-5NcMGc2lyGYhniaVNV9yUJ2BncX39bqLKzv47h1jlJbFGSiF2TLWtKi1HCw0mFm1p6UoCWUMrlEn0eBbcAVZKDWmzdYzoz6pgc0f6g5Vt03dpHo14urN-2i_HlGOBbFlPZ38C0L_om369vPNtFu1EngQSie0RMulkG0lwAYw1dCepLvrlc4lC1ua8fzwfGOC3HAIogLP_Kj5d3jOyTRDn7y5Pac3PdbYdT2grmkjPmNxIkaCYUItVo3paVpf_pKFEZiaUOrgrRXphSauR55KQYi7CF6xFuV7lSHvNmFeQV2sEDyZJFHdhOZgYr5EsojiK2xiYU7wyP9TwCbnj573nGQgGOQL2xOrlsULuP0oyGWCaVlOh9YyG-DsuEiSvKVsWOUYtm09PXjp_LZMWByK2X3CxBQmP_s_H0PRkXTerqlTB9haRqtNXhoBWeJ1UZwNzzyTkwN9C3H-CykU0it4c87pco9euxrMcNGfXqrcVpP-yltdtD7J7tMeQFxp9gpw7XmvMQetCihiRJJDpJv9p2LNyrocf&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLcKQK4WY6SHMIOW9u8P7u6vsAfJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxNzA5NjY1MzgxNTI1NDOgAdW20uoDyAEJqQJ-I3pc16ewPuACAKgDAaoEswJP0EjtluxO-k-DltxGDGlIAOeb3GgkOt8s8gZIOTqeCzaGTHMc0dtUFiK9rJg5LLvC0GpTCnIiyiPGC0HNYyKqwlVH7T-qY7Q5MK9nT_L8zTywJ4Yjcc-jAgIFD0XHXepoVBPb08H19Nq115jGkmyb0i6sQ4h27sfYBjwTIPXhFZ9Nn-l0J38FXmjZpM53I5tdNYQNI6I5bB0S1Qb_QLginyb-mbb1EJKVpgwI1WRqYDwSC75e3t4oMpPPVrPG8wZMQ6JpnFUaRf48bArIYecaO20PJnXK_m9zkllIh1j3KY82g0UsskgoWIT1ehDPizZNdO3UbCs2zf7_FG5cnGzcCdl0aA8KTMfbfWon7K7X_hNN9fSnYZ6eTyiXvvdIhOG2wxPZjxEWSbSfcYVeLg_3oBYk4AQBgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjA0MzMxNTM4ODE3MzM2-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L2Xk0eqbzWMHY2W3uapYp8h27ag%26client%3Dca-pub-8170966538152543%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Sep 2022 02:19:45 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame EE39
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4ABt95kzF49v-A2J2f4k74bdO1FwKhPL3SuwoNWxf7v-RjL-wvXZ0uA67W-weSSSoUryRfJ7Qv70k2EYCr8GyGwfn&sig=Cg0ArKJSzIYepvn9G4pFEAE&cid=CAASF-RoqLEBLb90JBZJEURsVeWeIDD0C6Rj&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2829915238&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662430781579&rpt=566&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 783F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdMAcuAZN5uf2QovyhcOkt074IbLNnDi2jt_QrhXrmu6eQHkxXWzAqg57hjSKQBMJI3iU3u7xrQauIMGvXwGG9br-J&sig=Cg0ArKJSzCjSW0I_hZ3KEAE&cid=CAASF-Ro-_XuzLiC_3FJYWaXw6SH4J8nwiH_&id=lidar2&mcvt=1008&p=726,436,816,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2410036024&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662430781571&rpt=600&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083001&jk=1626684418093761&bg=!p6SlpODNAAZTikH4c4o7ACkAdvg8WqGeL8lWJpZ5ak_zSBlFLRMPv9dp0T938AiU7TxkeFD_DQ5agwIAAABjUgAAAAVoAQcKAInMEOaAxdS5f5LFiyMzyAPsrVCRGAcDjSIQNU8FovsbuVzVblGtLRiJ_Ncf93qvQFgV44AQKwCQ8u-D190Buk7j43mZknNh9IawQv1dE4En2ZZn2ufoV5ITcs9VeCpUHwbVgoWOMygOrsx67ZIxmKnH7WrSIvcgzBrsLCRT-cdl5Mu9pfQzOp7gkpkCqEyEJd2s4NAIWBdc_oBtEfp8_mWrQkGdgAXa9H8fjLDi75myiLv0-a9UwsIiHQt0w0Ek0HQX8s7SX-kfomYBIzW1PrrjU3v6413Y_pT3H4rciFspaWjr8r3arUaI3aJqzL9nnX7P6CPKUGDIUEBGM6az4AzyC_D10PCM6CmO93ddxRZUD7QlZ-zTUZf9DH7RylfYxblYx0HHZ_3m5N4fJUki5eWRyBSbOrSaZ9Iv0DrA5iXnBzZrk03vdq7K6Di5tDFVzIaL_KKH8ty90BqgiiAhgRYCazmmU6_PSIm4ozkKr0yo3tAgeNZOr_MVQkT8wy5ihvFIDaBNQ5HMfvcY_OGHtqIkYqFi9F0t4Oj0kKIAVOKwIFckiqD34-LS_O_rzDyw_CFgrcOP5f-mUQkyfwFmuAmMS9ZnMLfSuV-BpFAD6bEF8z7zKFkqKSY4MMQDqjsJwdOGA3zKbjToP-Qh5z5N6Vr-MQcUHVHJaPzd2khOMsiyH27LAuBS1nNh2GTQgfEmFZcabve7CvMswPIt_OmSV1yPPfOkNBEFqGPkQ8DU5ujDAK25buoClUT3g7BwrukYG88uwKTTrifcUo3kXY6hFQL9ciGkrNYL8nfCFu6BS0iCqeW_Hg8Wek3WxM94qT_G08eUi1LyF8pkjCKIekv0KerePfB3EK6FKAoryI19gfTsdfcekRpsJLZq9ImcOS-GnzknBPFUEZfMJI4SpNQTTINSVJR0IwUPBiZ87R-UmIPTLPqSJebbA1V4Ou6iX17_mOxHdsp-LbDPJUFpP40-FnGa7inS_e_nEgJCs1mEWSDlrUleXdhMxSMI5ktRp5mdrhzjfkB6wIr4_RjmgJv0mtla-3yNnT4tvzzv5hiIbpw_Z-5cr8VnY-tswO7E9HmpuwEHVhm6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

api.gif
v3.denakop.com/
0
264 B
Image
General
Full URL
https://v3.denakop.com/api.gif?a=10208&d=desktop&b=Chrome&o=Windows&u=aDTE0bHZQyy%2FQLKo561Mpg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=first&p=https%3A%2F%2Fwww.midianews.com.br%2F&t=1662430783580&cb=0.39593462665027945
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 06 Sep 2022 02:19:47 GMT
server
cloudflare
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
7463b8c38842690a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/
0
264 B
Image
General
Full URL
https://v3.denakop.com/api.gif?a=10208&d=desktop&b=Chrome&o=Windows&u=aDTE0bHZQyy%2FQLKo561Mpg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=side&p=https%3A%2F%2Fwww.midianews.com.br%2F&t=1662430783581&cb=0.05646615084081419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 06 Sep 2022 02:19:47 GMT
server
cloudflare
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
7463b8c38843690a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/
0
264 B
Image
General
Full URL
https://v3.denakop.com/api.gif?a=10208&d=desktop&b=Chrome&o=Windows&u=aDTE0bHZQyy%2FQLKo561Mpg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=under&p=https%3A%2F%2Fwww.midianews.com.br%2F&t=1662430783583&cb=0.0969832483619475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Sep 2022 02:19:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 06 Sep 2022 02:19:47 GMT
server
cloudflare
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
7463b8c39845690a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 01 Jan 2014 00:00:00 GMT
/
onetag-sys.com/usync/
0
38 B
Image
General
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.midianews.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pubads.tradermilionarios.co
URL
https://pubads.tradermilionarios.co/api/hit/view/medianews

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| lightbox function| validaComent number| tout_destaque number| total number| cont_banner function| exibir function| sleep2 function| atualizar_seta function| Busca function| EmptyField function| commentCapa number| isDOM number| isIE number| isNS4 number| isOp number| isDyn function| getRef function| getSty function| LayerObj function| getLyr function| LyrFn object| aeOL function| addEvent function| FSMenu function| FSMenuNode object| page undefined| fsmMouseX undefined| fsmMouseY undefined| fsmOR undefined| nsWinW undefined| nsWinH undefined| isMouseIn function| carregaPrevisao function| setExpBanner function| UR_Start function| showFilled function| getCookie function| recaptchaCallback function| Multimidia function| galeria_direita2_DoFSCommand function| Galeria function| Galeria2 function| gotourl function| fsize function| Verifica object| divMenu function| doMailling function| MM_findObjMailling function| MM_validateFormMailling function| gtag object| dataLayer object| googletag function| fbq function| _fbq object| denakoptag function| fechar object| jQuery112404200265190942558 function| Vota object| dkpbjs object| FB object| google_tag_manager object| _gaq object| _comscore function| closeI object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| onYouTubeIframeAPIReady object| gaGlobal string| google_user_agent_client_hint object| UR_Nu string| UR_Indhold undefined| li object| __buffer object| COMSCORE function| udm_ object| ns_p object| _gat object| googleToken object| googleIMState function| processGoogleToken object| google_image_requests function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_log function| bt_handle_exception undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| btServe function| bt_data_escaped object| BrightTag function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| dkpbjsChunk object| GoogleGcLKhOms

43 Cookies

Domain/Path Name / Value
www.midianews.com.br/ Name: PHPSESSID
Value: gaerbob7peefepsss86g352ao3
.denakop.com/ Name: uxid
Value: aDTE0bHZQyy%2FQLKo561Mpg%2F0
.midianews.com.br/ Name: _ga_D58P3EH9SX
Value: GS1.1.1662430780.1.0.1662430780.0.0.0
.midianews.com.br/ Name: _ga
Value: GA1.1.1043706724.1662430780
www.midianews.com.br/ Name: denakop_freq
Value: {}
.midianews.com.br/ Name: __utma
Value: 23984678.1043706724.1662430780.1662430780.1662430780.1
.midianews.com.br/ Name: __utmc
Value: 23984678
.midianews.com.br/ Name: __utmz
Value: 23984678.1662430780.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.midianews.com.br/ Name: __utmt
Value: 1
.midianews.com.br/ Name: __utmb
Value: 23984678.2.10.1662430780
.midianews.com.br/ Name: _fbp
Value: fb.2.1662430780429.1539537595
.rubiconproject.com/ Name: khaos
Value: L7PKD6LN-R-3SLK
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqsa3GeNRVoLD5APvdogVCbaTd6KyMQnavCRi4Lg8bJK6R4J44cd5ZY6emoVZiIlp//fbFq1EmQV1ww/adD15BgcqcasMdJV06NKPCqKoc5Ow==
.doubleclick.net/ Name: IDE
Value: AHWqTUlvR25AVocy7i1BKa2QcEnaixCJaeW3VTbVJ7o5D2PYajA9TwcfjU3Oe5sCBUw
.adnxs.com/ Name: icu
Value: ChgItMlZEAoYASABKAEwwNzamAY4AUABSAEQwNzamAYYAA..
.adnxs.com/ Name: uuid2
Value: 4553315644066194980
.midianews.com.br/ Name: __gads
Value: ID=345a2a3974db9c85:T=1662430784:S=ALNI_MbIY4EHH02VoecLrz8ggI34__uJKQ
.bidswitch.net/ Name: tuuid
Value: 7eb53307-b4df-4ea9-afc6-a7b1cf25f22e
.bidswitch.net/ Name: c
Value: 1662430785
.bidswitch.net/ Name: tuuid_lu
Value: 1662430785
.casalemedia.com/ Name: CMID
Value: YxauQcHqlcQUC8BfJAjDaAAA
.casalemedia.com/ Name: CMPS
Value: 1117
.casalemedia.com/ Name: CMPRO
Value: 1117
.de17a.com/ Name: guid
Value: 1.4482798719112477682
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5604b7a8-7587-41d5-8a5b-cf577aadb447-003%22%7D
.casalemedia.com/ Name: CMTS
Value: 1175
.yandex.ru/ Name: yuidss
Value: 2355511281662430785
.yandex.ru/ Name: yandexuid
Value: 2355511281662430785
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5604b7a8-7587-41d5-8a5b-cf577aadb447-003%22%7D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 9175714735445533260
.quantserve.com/ Name: d
Value: EDsBCQGEJ4EA
.quantserve.com/ Name: mc
Value: 6316ae41-c3859-93778-f209f
pool.admedo.com/ Name: tuuid
Value: ce8992fa-8c04-495d-a997-ac134f80a0cb
pool.admedo.com/ Name: c
Value: 1662430785
pool.admedo.com/ Name: tuuid_lu
Value: 1662430786
fksnk.com/ Name: AWSALBCORS
Value: sUTcuBoOV9a7GtFkxJJnTWrysJUZ63Mvw/xMk4A70i8GDYUeacNj9N3okQS/6OIHTxLaW/5Y3DthNmIr+CGilDnRFkygujEyr3zeVuzgIqc/nCYePATUTdhTu4LJ
.fksnk.com/ Name: f_001
Value: F86424E4A24E72AC
.fksnk.com/ Name: g_001
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c2b53e08-199f-45c3-4d53-15bf9e12d482.byIrdjLUkxzZwOIRd5Yz2jgexmkxNV1KfnL3lY%2FLPV4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AwrU-CBmfRcNNUxW_nhLUgrnVm6Y.lRaskSFBMKLv%2FWUKodfupT%2Fkjdkahl5z%2FyO6Tk3EHtE
.mathtag.com/ Name: uuid
Value: 46f36316-ae41-4200-8d7e-92f21ae2c05e
.mathtag.com/ Name: mt_mop
Value: 4:1662430785

6 Console Messages

Source Level URL
Text
network error URL: https://www.midianews.com.br/assets/css/royalslider/grab.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pubads.tradermilionarios.co/api/hit/view/medianews
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://s.thebrighttag.com/tag?site=1uCEzB6&H=-v57ra6
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript warning URL: https://betzord.com/betano-promo-link/
Message:
The resource https://betzord.com/wp-content/uploads/2021/12/Panchang-Bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
an.yandex.ru
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
betzord.com
c1.adform.net
c2shb.pubgw.yahoo.com
c6d672ff769c1a15cf3a0da0c4456d0e.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
cc.adingo.jp
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.emxdgt.com
csm.eu.criteo.net
d.t.tailtarget.com
d.tailtarget.com
d5p.de17a.com
dclk-match.dotomi.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
github.com
googleads.g.doubleclick.net
ib.adnxs.com
im.bluevoox.com
match.adsrvr.org
match.sharethrough.com
midianews.com.br
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pool.admedo.com
prebid-us.creativecdn.com
prg.smartadserver.com
pubads.tradermilionarios.co
raw.githubusercontent.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
s.btstatic.com
s.thebrighttag.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.criteo.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tg.socdm.com
tpc.googlesyndication.com
v3.denakop.com
widgets.outbrain.com
widgets.zemanta.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.midianews.com.br
x.bidswitch.net
zem.outbrainimg.com
pubads.tradermilionarios.co
104.18.18.126
104.96.129.145
124.146.215.44
13.225.78.101
140.82.121.3
142.250.181.226
142.250.186.66
151.101.130.132
178.250.0.139
178.250.0.160
178.250.0.162
185.184.10.30
185.29.132.241
185.86.137.108
185.89.211.132
199.232.18.132
2.18.169.82
2001:4860:4802:34::36
213.155.156.184
213.19.147.45
213.227.153.222
216.58.212.162
2602:803:c003:200::61
2606:4700:3036::6815:3332
2606:4700::6811:190e
2606:4700::6812:160e
2606:50c0:8000::154
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2008
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a02:6b8::90
2a02:fa8:8806:12::1370
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42::485
3.120.117.165
3.22.29.16
3.33.220.150
3.75.3.113
34.102.185.99
35.157.246.167
35.201.123.184
35.210.53.219
37.157.5.142
45.33.101.39
5.135.209.96
51.89.9.252
52.2.211.96
52.45.175.185
52.57.48.124
52.69.128.25
54.174.178.125
66.155.71.25
000181cab76b60688837cd1ccf89e631cd2c1e31806fe1b5b57f9d3616d70ed9
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
038bbd0e8431a0ada1eab160e7a9ebc018ead3b01f5c0cf60daf2bfc1fc70df2
04272d09647059ae97688389e94926f3d7ad4566c7f52c1fa32517e4769203fb
05dae70dc3528c34c1ce1a09fbd1ec37c64564a9d7aae686abe7787573ff08a7
079a7ccaf65998881fb2b8b9a4032cebeefa0c0e0b2e7159cefce6978ee1148a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096258c45b73e5645a9dba178dca7ae377b4ef801801cfe6573a065e0862146e
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0a5bd05f316c77f15885d8ddbf3ad20703deda79de95ef2fe938d517d21f3b10
0b81e9574347441a999ddb046f1c06fc57f750cf60551f07f733fd92a824b775
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d33d7210417ecdd85f721cf511ab88a8db61741a010db401b3daf72b311f5fa
0d84d12fc932ef29ae8429acdcc57f67b20e165e483c3e54100856475440faaa
0e1cd27ce1389ff9207ad3e0dcdaf4c44c481daa9d09761f70e6979d3c5dfee3
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
13e398f272744f06e9542c6b2d817a1a25d29f7d6cae5cfb94573cf3ec114e13
15a5d7cecb3041af48c6bfbcb42527fc00422cec34ff89afad0762c3cd7ff151
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
15d7881f8562e2522ff7c5e4ffa785208bcd4b22f14515940dab22654b1a3619
15e40b32e4b6d12857b69fb4ce1bfad6635ac6d9c73b239a111d7e4e6b5814cb
1640ab9ad5c1fd50db29befd69aa9f9ccec2df28c26ce285b3303476434140ac
17203239bbc144a37b1585eeccb0e79c1ad97ff4bfd162b2aff0242e9cd37686
19c459b0ed66b69066cef6ca25981e3c5252bb0712e6307769acdafb59ddfbf6
1a5280b4cc6aaf220be89b14e5fe43f7d4b309b9b2857cdb83300e827d1faf06
1bf2cf83ae7a23cd34f20bad42bc5031c01caff347d9134f576674b78528114f
1cb8d22365de3befdbad3c02bc2b135615c5ec2261b1b26ffc8e99c955397acc
1d4d264d7dd2a8df1c977c1a63468a7fa2c483587ccaa1bff5ddd455a1293bfc
1d837a75fde817c90c2089b11718efa16270b9144845135da2ffc4d73b06da35
1db7d44704755e9c28e1d3f515e793a8b6a85663059d041d44fd73ae3ba8d42b
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1fb368bf9b139a3e8579273c95e3a28890d316e2fab6813e2cd3c0f80f648f20
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
219480468b7ffa3679aa0ef8f86a2737453555563989d608dda82767f4273d4b
230b36d2ec336b784222bfb43e52edf098d9cf6e45cb968be9139cb6009e1250
23738fab5072fed64145d00c4e9a52db1de4014721ffc1db5f5afbe9313720b5
23874448e8d502c1299f1a6ab837ebf5f2045716ede2fa49d13c1fbb1791646d
23bcd1e945d612588a79b266bb6a01ea7cd5a641e25eae3b4575e868a369efd3
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
2aaac5256a4f623cb40a8057f74a134889a9d954abb4016f66dbf541fa101390
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb2f3e010963ad0404dfe317f1bdd9f996709d0b24c30384c4abc4ba288269d
2d51145820144285bcf5e2f592a5cd75539f19f81073b2f5bb7393498c5c95d4
2d79f67c8130541900cfd46cf7f7a22a2a91f03a61f28dab9f9c1386bcb0a880
2db825b0f7a51cd0fb3bf6867be86bb0911c303ecae1af4755f5249a0e85f0ef
30db9902d015c9533560f7040717711ac830ddebe571118a875a466ef1161e04
333fd4ee5d3f32e503dbe1e4da292916daa7bef29c5980397dbe7ebab9d73b6f
33923fea797aa9edf55540266b2ca2c365b3e4cd2b273f130e8ab6513efdd5e9
342ed53c87c79ec68b1211b84369685952d912f147600fe32b997cc23e6195e3
3573b0e184b9b8721f745d591c453b8e5b90cb210d33171aadc8481ea6b7fad0
37996581fe12adcd54d4510db1cfacfa3fd768aa01bbe5d3f9ef4b207b62cf02
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
388f16f9c4b8ec197494d734e49ce5704a9c10efcea33bc5f3c4c4e4b11de4dc
38acb2ffc662c9ca2b339bf1431e1343c40e79a1dfb7c2c5c87dce28c1dcea73
3b05a4325a8a10dfe496ce053ae7b2255e11e2eb7d91a35f6c5419749101d7be
3b20b2d23b4722435f3cd8c81d30b251291f98e27bf9b9d0382fa9bbd7634f7e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b8687c475537d90b9ccab551ba8196e47e91557513508331329be1267f205b4
4087fb9b5b3a0a9333ab44e9b852aed788c43f44f6f144a42ed99e8354d892dc
41528aafc8b560c70d3b457d90bc9a9c78e0e28e5f323590ffc74e23384da2b3
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
47687bb3c5bfbf7f754a55283e73e5ee62a676045f5450b06709591b9536cb0a
4a2cd395765349fd5ad0603553fd096b382673d3813f53c73550461426e471fa
4a8ce8033b92cd063b6990fadaed034f6933fc19fd98eed16d9342055089569a
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
4d2754e8a1714acd4f22612b5655516f5d20c46e00330b7a1c2ff359f310b1d6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
507a6deb912a1798bb4e1ab383b364024e492febcb6cab11d0f5f09ec263ffcd
51910bf7f982d809f4ee42aed8b8c903aee46a4425ae329767e71ef0b08e0d04
519fa4333b5e04f108d24a39f99810f5c978b148a31362c58898bda5510665ae
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
53654c79f1deee792bdc698e5c4b21966ffe073efacaccc02f991c8a6cd7b17e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f2c428468478ca2e92c5c1555d4c6507f93e988ce7060a8826d3efe3462631
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58023f0aaa39c2e92e4c00e18b1225d85ea70edc0ce1d413c4e8ca7c1411ba14
58407f510891934f8d9582a0396e1033aaa881b1cd62567a5eefe73b467c7a6e
58b88f2f65ed4b6ef09c637e435881935f2ab062df7027bcaa4472be089d34c9
5a23b14bd4561febae5c54111562ae7d1b2afef167812918bb937c93d5e80bdc
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
61a3e53fff84d6ca192ea53740eea2dfb9af87fcdfd50eb1c493dbb7e415b3a0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e6c4245c2c0c24172e329a0d4e16d1188a84d0ecf84bd6eb13baaba25a16c3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67833aec30fdce4680bb65816d8bab7131306cd647781f065a61b126ffa3d73f
69464b44f28303a15d39c3749af9d96d61c1ae6da851cd838d1eb07907512223
69eb443bc6694b3c17937b8b5a0c46f1354b505728ec3c3e29f453966ee37df9
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
6ae3e827093ff912ba2929226fdd8392ad58e6112466f2adbd2c2e72cd794a48
6cc75b6b10aabe3b82f29165906db978e755d807d4cb81dbbd66b759dc3aa9fc
6cc88f6ecc4a347b5cede85aca7e298a306aad67dfd4d80a59e66d254f513ba8
6e006282e0bccdbb003e146d1a914f7c1595e6eaf049d37c8798919c8abf454d
6e1fab83d5c0a9a212c97aae73af4727dac866aac5769183fac510accfc2f026
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6f18d1ae597dbf8c1d20898d604540bb18f8d2b2af607dfde0b2475420ca43b2
6f70f923b2ab16028477cab0d08b65bba7902871f49a4f6edda814da01c16449
6fbd033817ac90769da963b040d59ea7bcc27ca89feaac58c24190d096de4fe4
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73208ed0c6e013ca61d8eca5561b9e73c1c5a321bf44d890851617077404ba89
74eb63655d226b4e05d1c555fcace31e13941d8e0f2fcb1dc7dc59e2789f68e2
7691e9db5e0fc7fe8f7cfc6776b3972629e875d0c84ce7cc657273271ddfec5d
76a2f7541043a1d102be6aeee50a652ba044b3576c77c46ad500f508165aa97d
77509214fd2c40d8513031709d7bbde71809641e6d25e55fc92ff17cc487aeb3
78565aa100f2967d39274a0b41a6a02cc69b60935deb66cff3dea00a3f78d32d
792db9b277ced9b3fbf6dd26ffa1917cf0eb31b8c8f04f898e01b77cbb0c8c47
79b61357c5ad94a4a4889d84d174e4191af616f89ba30f205d85d4ed626b1bad
7b0ad030377103e7b7c66bcbdccdf92d9601def6c0afa21a4504968a8155a0e5
7c8f796a154b2e99c4a9f812239d07af186c33c82342de4d223d90722ea7a6f5
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
813174d65db921db5c12d5f02739093f3ff60d9819b3dcf80697910087cd4af8
814cd1e7250a145599e2dade4bc032e8d7d6b4283a36bbd2ed7476cb935590e4
81bcff743f08fa5b47d52abdcc77b10b70921b94a066390924792f2854ae9bab
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88226a4bba6455e7f4498455015e3543a7e5ced8cc037a598ababdfa1062d5bc
892f079f73641958d6fc0b56ee76a533ff224f2f499be1ba7d8980ba169314f6
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad78ed7b76b1be1296bf2c79d81318afa7eab726b1011f591ef037ef6b1728b
8b3431cfb87c8627d221e2f3158b9f759cc77409a57198dc91e4b7adc7d6b475
8ce281af1334fa34eae9a7cff8a183ffce1aefb5313c0934ba16147693927e51
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f87f2ab71330470e510981533d22d6ac55dcc75173a22be6ec27530397a1f81
912fb56663067a41c422af71a64d6fb1960c0a0fdd6d1245ad20954b7f7f34f6
92153e7ac944fac923e50132eef5ea8306e070921319641987e01283e666855d
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973
94451bf3f1fc1c6a1123cdf96a929b639d93ac8492ab32a72bb6363fe0026458
9468356e44d3e78eccb60a2b7d2064c20924c2e7f036770104c291a3930c99a5
951026ae17fb66f507b01f485ae76b2e56cc0cbb5bdd2664546affd7d331388a
9649f3eaa72a40b5e168856d520e02edef356e58afd63f13a13a06ae01bd6b2b
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96d1325dadff7451683beb0b0bf24ae8e84721ae35835db0977465d0ed5c544b
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
987abdc0d0c5ec8650aa0d5c62d49aad4010b0fc2737d1834ab47d219ffc7679
9a18d45bfd667fa3ed6f0f0143ee6e282125fcb6607c1f79f20f912d8247a101
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9c18d5e3cf0aa39870b92e07cc23a28256211b9bfa135e5f41200a8939fbfa25
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9d6962346a4ec1739f5a8248c3eb92e153ea396cf75419a594910d4df111176c
a04d9e53f8300a24e9e15ec1782587a232eadf639107a1810d8352cdd7e280e7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a13ff34f1f6805135cb084e3cb1044861ca7037ddeaff9e8359bec5cf4010ef4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a48c580b44c66572d8303050643f83eedafbc0cf6e72a50974e1de101b20c289
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a526f7e1a82516f99f2639fc48cd8033545c9d1ddae99c01942dede8116d4ee5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7bb79cdf59762c1f781725784af1540ab3623fef2e842a182789167fcc0f73d
a7c22e48c9ff81c2e3872a993ff4fee129432d23bd5dc8614ba5a82029e09854
aa025e2380fe9621f8ea4501a1471d3995e082c5c5f99248e122d020774949e6
aa6fb1d6c4803553e608ce1c6554dde575b089c336ca325a702ab4063d43ce46
ad5dfeb19dec30de9f0b17bbf6a8661536cf28e08389c01a010ade0f0c6df7d1
ad8de310d55df0e203652e1a1fffd48949693a18132ffabfb2fa9709cfba7ca6
ae4b20c803567c87abc0beda0cc094d8da0a5f095cd2c9320827bf67e007106d
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec33c581d5e02e4431f1afc6396a33f1637ad979a3412a2ecc237932af3c8a0
af992227dd12b34e368993cb20005359f2e014751dd48dcf25c7b81bc201523d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b281401cd2cb866f33e67b6165eb6320548563769bd9062df23a092c3c6732c2
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b4cde435f8d4e4f6c07a4330c981ed4aa78282d405d5006d4deaa24414f54db3
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
b97ae48d8861ed70484655de2d1dc43ac5f28741f9fa4a9afc3266bf822de56e
b9b869f479a2181cbc0c5d8b6e5bb8bb9cbf81d59a18d056681d8b3de448b1d4
bad0e1e1ad6979ad3c9648638b2a2b4edb9b352266567c45f54f3fcf5c9b279e
bbdb1eb69c6b5cbffaf1be2df2bcbd4a97d2823de9f4b856aae722900a5e27c7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be0d843347693f8fc5d99fa222441a925b1347c3d00e7d5b2f34edacd43caaa8
be9bd50c9ed98c63d49345791715d05cdeb9c9410297793e4493541f905499f0
bedbde9941bbaf9a7752b54096569e70c842f80a95027fafa2911fae1255b3e8
bf15e22d977cac634f2165769936e25ee21887d18c8760a908de39d24b0e4b53
bf36f5ee3b211c138d24511daef077a9e6188f9d7536b88e0fa6caf64dc173d9
c0c72d886032a716c8ef235beb00e78da88f991dcb337f92131bb5167f15d62f
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c603b78d20100985bb55078ae36b386c07acbb75d9a98f117415c8c831f60254
c84b0b9aec6b76d98c9a988b6c114405a7dcf09c15bb3e988604412591665173
c94104ae27a88086ca3d0ebd018a4dd6d0aeea46bdd4df55d0487f3cd3a5a54f
cbaa43e3576f787a48775d5d9540f45e1da35ebaec9e72bd6c925e6e4b61242d
cc3585fc68616a1df4514b8652e019b16f7f60402b07456061bdbdecccc6f071
cdbec01b9c16b19b0aff79223444a8182aff77c8946b42dfeade842d3f64b51d
cdd6bc8efe20c6f68a0aa0e11455964193da8c357d17efc6ddaaf32953fb976c
ce38172175a1df78e6a9c3250721bccbac8b5638d0fc3f8a6d54ac5f8acef3ff
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
d177d10ead2c0b8d4ba9355863e5b282a9d0c499b38e8fbe8e983f707b5f2c21
d1dc3cf8cf7fc81c77157a4573f51abc66a6f1ec914d066c01d0ae7312d0afa5
d2f2fe7e10c8a8cf933afea3f0fb4a89cf74262405024cd908e7d59f5f03c16c
d3e81686e89ad882d603e4f64d1832ba72dc57c2b58431fd558a65c17d1162ed
d76248e34bf53792738c5eb08b827b942ef43a6454ab059b1912d7a4228131d5
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d87a8abfe9fa7b7667d337357e833cdb327901ebbc2792080ddcdfedcfb92acc
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d8c595a5b0479a513c9d27f70b1df33033bf9167c1cdfcceca7ad536093e4c19
dae2874fc0990d4fcbde2281ae55c7fde320feac2586cd4835878d36fbf21595
dae40f39602ce4f090d040740ccd9fa08bf7b715ce01694fbfbff4ebc43d13ec
dd442e99c05f92c858287b6bc9b4b06add841f02d1f47ec993c48e4f088b6300
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e038e6081a638a9d238a523657a41d788c87b58c1ca2ab59724f34c54d493921
e0ba22569bad288617386bc7519ce0e65b7cd23cb5d8c9bd1e83371b0124dc7e
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e18fb623e19dbf67eaf2da9c925788c700f7f93b793b8c11e03b4e2844363ef0
e248cb2d34cb478ad0bb8b2801665869a6966195555f0c429821f55f72e46399
e28c3a2c07a25ad942d4129adb3faf0497d76960502b632cdca85bcfd835cfab
e320e9f0884f09b22a629d22d37c76fcb2fa8af2755625e9c2ba9b8d8bda861f
e3a9f01b71b0bdaf166506c4fb4f0f82da67c94ca170a1164f31f7c4735f930c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45932891062de514a6738f4c3be3b2d9ac0c79efe98ceba9674c773b1573f37
e4a64254faf739f183a340f61ebe6d78ba159256d1dc741373a9e688a88a5abb
e4d39c270152edfb6145de8a957a7cee9bd530b94b2b9db1c1b8ed0fba8098aa
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e80c08d9002b2023b276fa768d1a28f911380251fd370b969de3762b054ded99
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e893d0593dfe01dad5e00f7dd9cbfe9061e5c5e000000a67d961e3778d989be0
e9e490018b852367302eff3132df65a8aefa2e9607c3fd9ac44828111b8c9d17
edd44f7843a8171d9c8587cb47ffc3b530dda841d4891cb7fab57f04f1b338e1
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eee1ce2620eaf7f585a69794864001be0bde74b874d6a18b9f2d11f074229f2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a7bc44673757d4c6e5c244720cc64dea773d2f9693e41415d569620cf2f117
f0d9fb8b836cc9e034d892057653f8823cbbe6334f24b7f5527d74f01cf4ec36
f1cc3ce9cae7a120fb2d1d456fb03e532ae00bc03faaafa7c61cd57302b1dde3
f27dd7ec7254896b2e59fb856b110216d581d408dace29fa6b15f74dc88ebbbe
f27f075f01318877ef46a7a96c852f201b89888537081ca3e6176ee765f361d1
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3635b677d876c635672bd18b5631497e2770ff846f71a8b58c6f4a584cbd9b3
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f76aa3f53fc6947f307ca9896f09e2fe4acbaa4aec299ad3f2dc9a23527888e0
fbf2c71956006036a25395c0ed4cef711eb1228e899f7ea8f561f6b702510e73
fce72c682f13871a709e2f1c080b9e903ade3ee7a61159336e5d2518ff996e59
fcf445b5cf2f66e831a787508b926f87c0d174c4ec72a3dbc42b96660ffbaa41
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fef50df80b512700a5aa2a99410cbbd3c523956845f8bd401b1011fba9f02d6c
ff3890b6f4d743a8fce82c571c2b8a25367173d4a2e286049b7e9a03624742f1
ffae4ab2133dca46a19c118b9ee3dae1a22c3c47ed6e7b02f038052faa014f8a
ffe23fccd58afaeb99a872b2094aaaa65e876ae60457d0bb6915422c94224176