www.opovo.com.br Open in urlscan Pro
2606:4700:3033::6815:3a6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://opovo.com.br.eu2.cas.ms/
Effective URL:
https://www.opovo.com.br/
Submission Tags: krdtest
Submission: On May 03 via api (May 3rd 2021, 10:18:25 pm UTC) from JP

Summary HTTP 326 Redirects Links 106 Behaviour Indicators

Summary

This website contacted 62 IPs in 6 countries across 43 domains to perform 326 HTTP transactions. The main IP is 2606:4700:3033::6815:3a6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.opovo.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2020. Valid for: a year.

This is the only time www.opovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.157.233.49 52.157.233.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:64:... 2a02:26f0:64::210:6bc1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 94	2606:4700:303... 2606:4700:3033::6815:3a6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	143.204.101.103 143.204.101.103	16509 (AMAZON-02) (AMAZON-02)
13	52.1.252.251 52.1.252.251	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:210... 2600:9000:2104:c200:12:c12e:4e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
15	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	35.244.156.216 35.244.156.216	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	65.9.84.55 65.9.84.55	16509 (AMAZON-02) (AMAZON-02)
2	34.68.90.188 34.68.90.188	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
10	34.228.251.145 34.228.251.145	14618 (AMAZON-AES) (AMAZON-AES)
1 23	65.9.84.95 65.9.84.95	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:6c00:1f:f9d:b880:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2600:9000:210... 2600:9000:2104:3c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	54.230.183.102 54.230.183.102	16509 (AMAZON-02) (AMAZON-02)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
2 4	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.222.183.60 52.222.183.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	34.234.139.177 34.234.139.177	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
7 10	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 4	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:2218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	18.204.252.247 18.204.252.247	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700::68... 2606:4700::6810:c172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.202.105 143.204.202.105	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	35.223.116.65 35.223.116.65	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
326	62

1 52.157.233.49 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

opovo.com.br.eu2.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:64::210:6bc1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 2606:4700:3033::6815:3a6d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.101.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-103.fra50.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com

wfpscripts.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:c200:12:c12e:4e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a98c86199db062a0261c4f6ce3aded41.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.156.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.156.244.35.bc.googleusercontent.com

api.nobeta.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.55 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.68.90.188 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 188.90.68.34.bc.googleusercontent.com

forms.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.228.251.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-251-145.compute-1.amazonaws.com

webservices.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 65.9.84.95 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
live-tag.bannersnack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:6c00:1f:f9d:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)

geoip.canais.uol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:3c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.183.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-102.ham50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.183.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-183-60.ham50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.139.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-139-177.compute-1.amazonaws.com

msgws.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.208.246 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:2218 (United States)

ASN13335 (CLOUDFLARENET, US)

noticias.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.204.252.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-252-247.compute-1.amazonaws.com

stats.bannersnack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:c172 (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent00.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-105.fra53.r.cloudfront.net

stats-api.bannersnack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	opovo.com.br 2 redirects opovo.com.br www.opovo.com.br	737 KB
56	googlesyndication.com 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com tpc.googlesyndication.com a98c86199db062a0261c4f6ce3aded41.safeframe.googlesyndication.com pagead2.googlesyndication.com	388 KB
32	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	305 KB
24	webspectator.com wfpscripts.webspectator.com webservices.webspectator.com msgws.webspectator.com cdn.webspectator.com	124 KB
22	bannersnack.com live-tag.bannersnack.com stats.bannersnack.com stats-api.bannersnack.com	3 MB
11	google.com adservice.google.com www.google.com mts0.google.com	72 KB
9	googletagservices.com www.googletagservices.com	294 KB
7	cloudfront.net d335luupugsy2.cloudfront.net	112 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	229 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com	7 KB
5	ampproject.org cdn.ampproject.org	108 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	5 KB
5	google-analytics.com www.google-analytics.com	54 KB
4	hubspotusercontent00.net f.hubspotusercontent00.net	4 MB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	google.de www.google.de adservice.google.de	1 KB
3	openx.net 2 redirects us-u.openx.net	830 B
3	rdstation.com.br forms.rdstation.com.br pageview-notify.rdstation.com.br popups.rdstation.com.br	40 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	criteo.net static.criteo.net	51 KB
2	cloudflare.com cdnjs.cloudflare.com	19 KB
2	criteo.com bidder.criteo.com gum.criteo.com	296 B
2	facebook.com www.facebook.com	450 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	facebook.net connect.facebook.net	97 KB
2	navdmp.com tag.navdmp.com	9 KB
2	googletagmanager.com www.googletagmanager.com	72 KB
1	twitter.com analytics.twitter.com	662 B
1	uol.com.br noticias.uol.com.br	1 KB
1	advertising.com adserver-us.adtech.advertising.com	193 B
1	creativecdn.com prebid-us.creativecdn.com	178 B
1	2mdn.net s0.2mdn.net	72 KB
1	quantcount.com rules.quantcount.com	428 B
1	t.co t.co	456 B
1	uol.com geoip.canais.uol.com	416 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	nobeta.com.br api.nobeta.com.br	12 KB
1	google.ch adservice.google.ch	799 B
1	jsuol.com.br c.jsuol.com.br	49 KB
1	googleoptimize.com www.googleoptimize.com	36 KB
1	cas.ms opovo.com.br.eu2.cas.ms	834 B
326	43

	Domain	Requested by
92	www.opovo.com.br	www.opovo.com.br
34	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.opovo.com.br 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
18	live-tag.bannersnack.com	7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com live-tag.bannersnack.com
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.opovo.com.br www.googletagservices.com
15	securepubads.g.doubleclick.net	www.opovo.com.br securepubads.g.doubleclick.net www.googletagservices.com opovo.com.br.eu2.cas.ms
12	wfpscripts.webspectator.com	www.opovo.com.br webservices.webspectator.com
10	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
10	webservices.webspectator.com	wfpscripts.webspectator.com webservices.webspectator.com
9	www.googletagservices.com	api.nobeta.com.br securepubads.g.doubleclick.net 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
8	www.google.com	www.opovo.com.br securepubads.g.doubleclick.net 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
7	d335luupugsy2.cloudfront.net	www.opovo.com.br d335luupugsy2.cloudfront.net
6	fonts.googleapis.com	www.opovo.com.br securepubads.g.doubleclick.net 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com live-tag.bannersnack.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects wfpscripts.webspectator.com www.opovo.com.br
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	f.hubspotusercontent00.net	live-tag.bannersnack.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com opovo.com.br.eu2.cas.ms
4	ib.adnxs.com	2 redirects s0.2mdn.net googleads.g.doubleclick.net
4	7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	www.google.de	www.opovo.com.br
3	stats.g.doubleclick.net	www.google-analytics.com
3	mcasproxy.azureedge.net	opovo.com.br.eu2.cas.ms mcasproxy.azureedge.net
2	static.criteo.net	s0.2mdn.net static.criteo.net
2	stats-api.bannersnack.com	live-tag.bannersnack.com
2	stats.bannersnack.com	live-tag.bannersnack.com
2	cdnjs.cloudflare.com	d335luupugsy2.cloudfront.net
2	www.facebook.com	www.opovo.com.br
2	connect.facebook.net	opovo.com.br.eu2.cas.ms connect.facebook.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	www.gstatic.com	www.opovo.com.br 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
2	tag.navdmp.com	www.opovo.com.br api.nobeta.com.br
2	www.googletagmanager.com	www.opovo.com.br
2	opovo.com.br	2 redirects
1	gum.criteo.com	static.criteo.net
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	cdn.webspectator.com	wfpscripts.webspectator.com
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	analytics.twitter.com	static.ads-twitter.com
1	noticias.uol.com.br	c.jsuol.com.br
1	mts0.google.com	7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
1	msgws.webspectator.com	wfpscripts.webspectator.com
1	a98c86199db062a0261c4f6ce3aded41.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ajax.googleapis.com	webservices.webspectator.com
1	vars.hotjar.com	static.hotjar.com
1	bidder.criteo.com	s0.2mdn.net
1	adserver-us.adtech.advertising.com	s0.2mdn.net
1	prebid-us.creativecdn.com	s0.2mdn.net
1	pixel.quantserve.com	www.opovo.com.br
1	script.hotjar.com	static.hotjar.com
1	s0.2mdn.net	api.nobeta.com.br
1	rules.quantcount.com	secure.quantserve.com
1	t.co	www.opovo.com.br
1	geoip.canais.uol.com	c.jsuol.com.br
1	secure.quantserve.com	wfpscripts.webspectator.com
1	forms.rdstation.com.br	d335luupugsy2.cloudfront.net
1	static.hotjar.com	www.opovo.com.br
1	static.ads-twitter.com	www.opovo.com.br
1	api.nobeta.com.br	www.googletagmanager.com
1	adservice.google.ch	securepubads.g.doubleclick.net
1	c.jsuol.com.br	www.opovo.com.br
1	www.googleoptimize.com	www.opovo.com.br
1	opovo.com.br.eu2.cas.ms
326	66

This site contains links to these domains. Also see Links.

Domain
mais.opovo.com.br
radios.opovo.com.br
fortaleza.novabrasilfm.com.br
fdr.org.br
www.populares.com.br
www.anuariodoceara.com.br
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
adorofutebol.com.br
assine.opovo.com.br
opovo.com.br
especiais.opovo.com.br
people.opovo.com.br
populares.com.br
empregosecarreiras.opovo.com.br
bpop.populares.com.br
compredopequeno.opovo.com.br
blogs.opovo.com.br
www.blogdofariasjunior.com
agirbrasil.com.br
comunidadenerd.com.br
cosmonerd.com.br
www20.opovo.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 02	`2021-05-01` - `2022-04-26`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-12` - `2021-06-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.webspectator.com Go Daddy Secure Certificate Authority - G2	`2020-05-12` - `2021-07-11`	a year	crt.sh
*.jsuol.com.br Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
api.nobeta.com.br GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
forms.rdstation.com.br R3	`2021-03-31` - `2021-06-29`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
geoip.canais.uol.com Amazon	`2020-08-05` - `2021-09-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
bannersnack.com Amazon	`2020-09-10` - `2021-10-12`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
uol.com.br Cloudflare Inc ECC CA-3	`2021-04-28` - `2022-04-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-09-06`	2 years	crt.sh
popups.rdstation.com.br R3	`2021-03-19` - `2021-06-17`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.opovo.com.br/
Frame ID: 938A09F689A584356BB8864CF162ED9B
Requests: 166 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Frame ID: B5320047565523231C89B13427348EF7
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Frame ID: 1106704CE588329790E095F8D6FAE842
Requests: 21 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 6BA83D8AA9D6081DECF8F59595721E96
Requests: 1 HTTP requests in this frame

Frame: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2EE7FF2E4318E030A09AEE07BEDD42E9
Requests: 10 HTTP requests in this frame

Frame: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B1A5C74A9DD1129ABC405F98EB0AE81B
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuOQqQ6kwzfw_szp1QSG-8uzCuKoSRIqk3x_Etmaw1HFiQnhjhAfJy3Clo-t_CMUk7hOMF8iK0Ungio8mY4yA8DMDanycE5HVXhsqPlB8vxxwfyTzTFxxRV3ZXka_BESHKo3HcUXKdTTb45KI8Rq3dPe-yYFikMYY2YkSqj7AdVrJR8zfC9wKsA0NBJE-CVXxUEBgcIh6YZtSVRlQB7eFNMLQCh9oTkHOFpUGGs_Exw2otyFEeNFhRYOcOYn6iuC3Tmamk1B9__tFZX_wTw2CMwVFSvHFzWsHFM3h-90-TMwdl-4pa2Tcf6narSg&sai=AMfl-YSoWNpZ_v5G6FUBXPHUK4OSXRisp44wrqvou6z87n0RQjOlgAbhauUNKtOiDme_EwEO6eGwftMB6N1B1eN2oF9vkuXBTS91nJLav_qaxbdQPdqFfFytBj7hcK2Pt4l2&sig=Cg0ArKJSzK1_HNg3hPWkEAE&adurl=
Frame ID: 2159F32EC869C2AE095E2FD89EB38A6E
Requests: 9 HTTP requests in this frame

Frame: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D46B0B2DF076733B0A035B987093127F
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDWP5UzuZPb1UYRm2Us5lSKwvks4x9euXA9XYjeOP5IuiPCgsDN8QykZTyIrGrtpYRD7JEvkMj5gUtiz8zu93N8TnaKDeLbbHazbPrrTqaITwc0aU_GsTdNJT5NPDl_1mJ_ehatAFJgwEilxEyn5IY2qRQfjgldYjxiG841fOpSrB0ZrkiOYApfZMqyHoNUVfE9OaQu2xnatuLwAQj4-Xwf3L_5eu59jM8BqvY6rO9oYsLO9m6XSGshCeDGmtVtqIHHR0VNf62vXhlyajxzxZ2RzOhgrCYR0C2OPzX&sai=AMfl-YT7mrS2mYVNRtEEgdaBv_N-qCTIvq5ioD4kpRu-Ei10EBYYJp47zSn53hfhXRsC2a9zS4a_fQq2t1StJc5XAcUPkFEqomN5J7KLr6-S14Vs08pKWWjV7WeOPzGZjdL3&sig=Cg0ArKJSzPVoZ8n2J5hEEAE&adurl=
Frame ID: 95D163333FD8A74D0B19A69757E08936
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuq9iBTv1wiZTKKFzAJ59dhVdaWCpdWVQuerZ0S2oZWrrViG42yJVO9Vllo8mo1BS2jhM-EzeiFtIoi8Udtu76cTosX04fYponfeXCqCwIMdjMFDTTUMVXJnlX5CUh-BhLnr6E9BBdk78ECcidK05Tp1Ilp3PADsv0nIChFDzWdb-lXjhu6gJvR17Jgx0T8nTWG7N52enIyZ0lG3GuC5Lej2UsuyGfVVgBbWEw1Z1VSxmi2KRE9sIN25bl7_Yhk6ZwOoOVLxjg7xy9VZqjqwDFmYsruHwIfw4V-MTX&sai=AMfl-YS2ux3Bzhd9eRt3lSw3cWp-r9t42dSl7xr1XOrSebmgqTooM1pYreLD5eA_R5YYCb0k-dbfa8arKzB-nKG7iC4WFaKmHhpLSqMxfAhsZZfdlFhVwEJqCblBW2eRQGPv&sig=Cg0ArKJSzPZDBuYUchUWEAE&adurl=
Frame ID: C3982794D5349712A806470D826CAA9C
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 81B027678F1999DEF0A5064BCA38301F
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbPyzqb9LJonu8lQbVihGCfD9KlhJOpx6Q3uG9pSXQ2Tn-orB-S2uHvtj46Sam7dpPwIBbk-2RPlaQ-PMSkauG_NybNt7Rv3VyuMeeaMlXp94Hg9fgxl1QXXkKG6oMLe3bZ0qSGZaA29dY-sOji39eXHepBEvWeAxkei9UZFEW-e-29eiRaQTybjiBJuptf_VJqdmGDuayhZYhdn2RiGbweI9snJtNjfCsp325X6rhxndmkuNFuHjbTbDCOimTmaHpIdx_i9122nRb-OyFN37vEz_qhR_vH5bvlHys9j-FUpL4fzqTLI_dzwY&sai=AMfl-YROWpi2dHu1nwngZzP9ZCOSv_a5UzAJiaVRxigGSWT7c7IXJN8VIQZJxAjyqOgoyMCQFLia6_r2b8UKQCk3Zl_S4BUJCa1GMZXFaCUunv8cxP9umZfEG-GmdEKZi9vJ&sig=Cg0ArKJSzDZGvTOeSGToEAE&adurl=
Frame ID: F7EC6FC9ED04801A41E1C47488B855ED
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNX72mb88WM9IXbzYJgs_LDlVspasRv7TjzVPqxAX05FVbWkVXTF_uKOFyZbjyaX7qnwQ4qD0NZcNMkLb8jpfauhmrEKjQ
Frame ID: 703596DF8260F185D8D2CD2D1DDCAC1E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNW05Ogy9NQKQZGowXr43JTvJVO9opfqcjCCEJ1oynrhNMODQWTiw8RWUZo4CW_9eEoAAUYEgfcFWYRcHRWfKu2yQeKkrQ
Frame ID: DF3A878E9447B6EC79D291C1AA9C357C
Requests: 5 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/bg_home_noticias&eolid=5633797351&eci=138341605907&ct=%7B%7D&w=1750&h=720&wsRotSlot=&isda=0
Frame ID: 68F8D2574D2E584EC6EA61E1C9DD78DC
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=null&eci=null&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=1
Frame ID: C1BDF864AAA4788B330F312F4F8DEC2E
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5683055452&eci=138348381137&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Frame ID: B10CEEDC4F885FCAFA1B16528CB14696
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Frame ID: 965CDDC0E8A59D56DBE3B8D7C3C1B81E
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: D57129EC492C8665B7FBB060C825084A
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374947&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Frame ID: 0986515BBCE80839398360F128EC9A31
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Frame ID: 958BD51B61976D261B9D36A7F431B11B
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: 44CE6F134AF606B796EFC18815AF9DAF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6DAF40B106CF2ABD6FE3E6F3DCC2846E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 486CE905C2808FBDFDC66C6B255BB428
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB337B299B4CEA69B45096AE30BC0180
Requests: 3 HTTP requests in this frame

Frame: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
Frame ID: 7766B5803D00BCCDA086396B66C7A055
Requests: 13 HTTP requests in this frame

Frame: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
Frame ID: 0444E78B652D81FD5B84E2D43392ED60
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 57A1A7C3E6D0A35D1AFDCCBDF024C77A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.opovo.com.br
Frame ID: 6504F8C0BF49ED997B0DBEBE33D9C631
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://opovo.com.br.eu2.cas.ms/ Page URL
https://opovo.com.br/ HTTP 301
https://www.opovo.com.br/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

326
Requests

100 %
HTTPS

61 %
IPv6

43
Domains

66
Subdomains

62
IPs

6
Countries

11055 kB
Transfer

15361 kB
Size

0
Cookies

106 Outgoing links

These are links going to different origins than the main page.

URL: https://mais.opovo.com.br/jornal
Title: Jornal O POVO

Search URL Search Domain Scan URL

URL: http://radios.opovo.com.br/opovocbn/
Title: O POVO/CBN

Search URL Search Domain Scan URL

URL: http://fortaleza.novabrasilfm.com.br/
Title: NovaBrasil FM

Search URL Search Domain Scan URL

URL: http://fdr.org.br/tvopovo/
Title: Canal FDR

Search URL Search Domain Scan URL

URL: http://www.populares.com.br/
Title: Populares

Search URL Search Domain Scan URL

URL: http://www.anuariodoceara.com.br/
Title: Anuário do Ceará

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OPOVOOnline
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/opovoonline?lang=pt
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opovoonline/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCj-RTZE-V3Q6jleatRR9k2A
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/opovoonline/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://adorofutebol.com.br/
Title: Tabelas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/
Title: op+

Search URL Search Domain Scan URL

URL: https://assine.opovo.com.br/?utm_source=home&utm_medium=orange&utm_campaign=colors_test
Title: ASSINE

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/
Title: Notícias

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/politica
Title: Política

Search URL Search Domain Scan URL

URL: https://opovo.com.br/noticias/checagemopovo/
Title: Checagem O POVO

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/mundo/
Title: Mundo

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/fortaleza/
Title: Fortaleza

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/saude/
Title: Saúde

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/economia/
Title: Economia

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/tecnologia/
Title: Tecnologia

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/brasil/
Title: Brasil

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/curiosidades/
Title: Curiosidades

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/ceara/
Title: Ceará

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/
Title: Esportes

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/
Title: Futebol

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/times/fortaleza
Title: Fortaleza

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/times/ceara
Title: Ceará

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes/futebol/times/cearenses/
Title: Cearenses

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes/futebol/copadomundo/
Title: Copa do Mundo

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/maisesportes
Title: Mais Esportes

Search URL Search Domain Scan URL

URL: http://opovo.com.br/divirtase/
Title: Divirta-se

Search URL Search Domain Scan URL

URL: http://opovo.com.br/vidaearte/
Title: Vida & Arte

Search URL Search Domain Scan URL

URL: https://opovo.com.br/blogs/
Title: Blogs

Search URL Search Domain Scan URL

URL: http://especiais.opovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: http://people.opovo.com.br/
Title: People

Search URL Search Domain Scan URL

URL: http://populares.com.br/
Title: Classificados Populares

Search URL Search Domain Scan URL

URL: http://empregosecarreiras.opovo.com.br/
Title: Empregos e Carreiras

Search URL Search Domain Scan URL

URL: https://opovo.com.br/falecomagente/
Title: Fale com a gente

Search URL Search Domain Scan URL

URL: http://bpop.populares.com.br/
Title: BPOP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OPOVOOnline/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/opovoonline/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opovoonline/?hl=pt
Title: Instagram

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/olimpiadas-2021/2021/05/03/como-eram-os-jogos-olimpicos-da-antiguidade--que-deram-origem-as-olimpiadas.html
Title: Como eram os Jogos Olímpicos da Antiguidade, que deram origem às Olimpíadas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/carlos-mazza/2021/05/03/assembleia-debate-projetos-de-andre-fernandes-e-dra--silvana-para-impedir-suspensao-de-aulas.html
Title: Assembleia debate projetos de André Fernandes e Dra. Silvana para impedir suspensão de aulas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/reportagem/2021/05/02/startups-do-ceara-ganham-impulso-com-a-pandemia.html
Title: ReportagemStartups do Ceará ganham impulso com a pandemia

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas
Title: Colunistas

Search URL Search Domain Scan URL

URL: https://assine.opovo.com.br/
Title: Assine e tenha acesso a uma nova experiência multistreaming.

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/leda-maria/2021/04/29/inventario-da-flora-cearense--uma-riqueza-lancada-dia-7.html
Title: Leda Maria Inventário da Flora Cearense: uma riqueza lançada dia 7

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/romeu-duarte/2021/05/03/edificio-brasil.html
Title: Romeu Duarte Edifício Brasil

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/eliomar-de-lima/2021/05/03/vereador-mjulierme-sena-vai-entrar-na-justica-contra-faixas-de-pedestre-coloridas.html
Title: Eliomar de Lima Vereador Julierme Sena vai entrar na Justiça contra faixas de pedestre coloridas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/alan-neto/2021/05/03/bahia-segue-fregues-do-ceara.html
Title: Alan Neto Bahia segue freguês do Ceará

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/clovis-holanda/2021/05/03/entre-vivos-e-mortos--quem-da-mais-medo.html
Title: Clovis Holanda Entre vivos e mortos, quem dá mais medo?

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/ricardo-moura/2021/05/03/consorcio-nordeste-cria-alternativas-para-falta-de-politica-nacional-de-seguranca-publica.html
Title: Ricardo Moura Consórcio Nordeste cria alternativas para falta de política nacional de segurança pública

Search URL Search Domain Scan URL

URL: https://compredopequeno.opovo.com.br/
Title: Clique e conheça

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/economia/2020/12/28/assinantes-o-povo-mais-ganham-descontos-em-mais-de-60-servicos-no-clube-op+.html
Title: CLUBE OP+ Assinantes O POVO têm descontos em serviços

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/
Title: JORNAL

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/reportagem/2021/05/03/tasso-e-suas-chances-na-disputa-interna-do-psdb-para-definir-o-presidenciavell.html
Title: Tasso e suas chances na disputa do PSDB para definir o presidenciável

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/cidades/2021/05/03/leitos.html
Title: Ceará chega a mais de 5 mil leitos extras para atender pacientes com Covid-19

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/paginas-azuis/2021/05/03/wally-menezes---ifce-e-uma-instituicao-que-quer-fazer-com-as-outras--mas-tambem-sabe-fazer-sozinha.html
Title: Wally Menezes: "IFCE é uma instituição que quer fazer com as outras, mas também sabe fazer sozinha"

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagensespeciais/
Title: REPORTAGENS ESPECIAIS

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/28/agrotoxicos-banidos-na-europa-por-alta-toxicidade-sao-usados-no-brasil.html
Title: Agrotóxicos banidos na Europa por alta toxicidade são usados no Brasil

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/30/pandemia-acelera-oportunidades-para-startups-no-ceara.html
Title: Pandemia acelera oportunidades para startups no Ceará

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/27/tecnologia-quer-proteger-produtores-de-conteudo-contra-o--copiar-e-colar.html
Title: Tecnologia quer proteger produtores de conteúdo contra o "copiar e colar"

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/
Title: SÉRIES E DOCS

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/memoria/walter-benjamin-2020/2020/09/27/walter-benjamin-e-asja-lacis--correspondencias.html
Title: Walter Benjamin e Asja Lacis: correspondências

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/flip/
Title: Assine e leia a Edição Digital do O POVO

Search URL Search Domain Scan URL

URL: https://opovo.com.br/noticias
Title: Notícias

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes
Title: Esportes

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/05/03/atriz-maria-flor-lanca-primeiro-livro-de-ficcao.html
Title: LANÇAMENTO {/if} Atriz, roteirista e diretora Maria Flor lança seu primeiro livro de ficção

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/05/03/vumbo---o-melhor-da-agenda-cultural.html
Title: Confira a agenda de atividades culturais para esta segunda-feira, 3

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/05/03/doramas--a-febre-dos-dramas-asiaticos.html
Title: dramas asiáticos {/if} Sucesso de audiência em streamings, doramas conquistam lugar no coração do público

Search URL Search Domain Scan URL

URL: https://blogs.opovo.com.br/ancoradouro/2021/01/11/papa-francisco-abre-ministerios-do-acolitato-e-leitorato-para-mulheres/
Title: IGREJA Papa Francisco abre Ministérios do Acolitato e Leitorato para mulheres

Search URL Search Domain Scan URL

URL: http://www.blogdofariasjunior.com/2021/02/conheca-as-nove-infracoes-de-transito.html
Title: Blog do Farias Junior Conheça as infrações que não irão mais gerar pontos negativos na CNH

Search URL Search Domain Scan URL

URL: https://blogs.opovo.com.br/tomodachinerds/2021/02/01/filme-macross-delta-zettai-live-ganha-novo-trailer/
Title: Tomodachi Nerd's Filme Macross Delta ganha novo trailer

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/opovo-doc/atravessar-a-pandemia/2021/03/21/episodio-5--vida.html
Title: Profissional de saúde diabética e hipertensa na linha de frente

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/historias-transformam/amor-transforma/2020/08/03/episodio-1--mulheres-transgeneros-nascidas-em-lares-evangelicos.html
Title: Episódio 1: Mulheres transgêneros nascidas em lares evangélicos

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/ceara/ceara-a-mesa-culinaria/2021/02/18/episodio-7--molho-de-tomate-ao-pesto-alencarino.html
Title: Episódio 7: Molho de Tomate ao Pesto Alencarino

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/entrevista/ciro-nogueira/2021/04/03/o-homem-que-vai-vacinar-o-pais-e-bolsonaro---diz-ciro-nogueira.html
Title: "O homem que vai vacinar o país é Bolsonaro", diz Ciro Nogueira

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/entrevista/luiz-henrique-mandetta/2021/03/04/entrevista-exclusiva--luiz-henrique-mandetta.html
Title: "Bolsonaro sempre jogou contra", conta Luiz Henrique Mandetta em entrevista

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: https://agirbrasil.com.br/
Title: Vamos agir

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/borboletas/
Title: EXPEDIÇÃO BORBOLETAS

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/violencianainternet/
Title: Violência na Internet

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/osvoosderuediger/
Title: Os voos de Ruediger

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/energialimpa
Title: Energia Limpa: o Ceará contribuindo para o futuro energético sustentável do planeta

Search URL Search Domain Scan URL

URL: https://people.opovo.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/04/18/mulheres-que-gestam-a-terra.html
Title: Mulheres que gestam a terra: escritoras indígenas cartografam vivências femininas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/03/28/a-casa-no-isolamento--dicas-para-redescobrir-o-conforto-no-lar.html
Title: A casa no isolamento: dicas para redescobrir o conforto no lar

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/03/14/o-prazer-do-texto.html
Title: O prazer do texto: escrita como arte, ofício e memória

Search URL Search Domain Scan URL

URL: https://comunidadenerd.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://cosmonerd.com.br/listas/6-motivos-para-assistir-cidade-invisivel-na-netflix/
Title: Cidade Invisível | 6 motivos para assistir a série brasileira na Netflix

Search URL Search Domain Scan URL

URL: https://cosmonerd.com.br/filmes/critica/mulher-maravilha-1984-critica/
Title: Mulher-Maravilha 1984 l Um filme para aquecer o coração

Search URL Search Domain Scan URL

URL: https://comunidadenerd.com.br/literatura-e-hq/2020/08/9999157-turma-da-monica-e-jovens-titas-se-encontram-em-animacao-do-dc-fandome.html
Title: Turma da Mônica e Jovens Titãs se encontram no DC Fandome

Search URL Search Domain Scan URL

URL: https://empregosecarreiras.opovo.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/23/conexoes-humanas--em-tempos-digitais.html
Title: Conexões humanas em tempos digitais

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/23/educar-as-novas-geracoes.html
Title: Educar as novas gerações

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/16/os-caminhos-da-transformacao--digital.html
Title: Como seu negócio chama atenção?

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias
Title: Notícias

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/acervo/
Title: Acervo

Search URL Search Domain Scan URL

URL: http://assine.opovo.com.br/
Title: Assine

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/revistas/
Title: Lab282

Search URL Search Domain Scan URL

URL: http://fdr.org.br/
Title: FDR

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/hotsite/cartoes-o-povo/index.html
Title: Clube O POVO

Search URL Search Domain Scan URL

URL: http://opovo.com.br/
Title: O POVO Online

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://opovo.com.br.eu2.cas.ms/ Page URL
https://opovo.com.br/ HTTP 301
https://www.opovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png HTTP 301
https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png

Request Chain 142

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1620080290465&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620080290465&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWlSQxWi27O7WkdfR2dGjY&google_cver=1

Request Chain 256

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJB2o39VLgftJCbvpnOhFQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA3v8tYGCHI3Vj44VHVbCo&google_cver=1

Request Chain 259

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc= HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHdL-BLEw1Y_X1r6hZYct_U&google_cver=1

Request Chain 260

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzIzMDIwODAwNDE2NTc5OA%3D%3D

Request Chain 261

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBABnkvbaJ0uzZPWU14x1_M&google_cver=1

Request Chain 262

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjExODkxNjItMzQzOS0yOTI2LWMyZjUtZWQzYjk3NjJhYzA1

326 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
opovo.com.br.eu2.cas.ms/ 1006 B
834 B 198ms
38ms Document
text/html 52.157.233.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://opovo.com.br.eu2.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.157.233.49 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

8a8f27d5f642fbfe0360dd006fe85893f660355b21fa662e47a9a5e690f0bce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: opovo.com.br.eu2.cas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Mon, 03 May 2021 22:18:08 GMT
x-mcas-request-id: d06c6f02ea8d164c7595186a06769d8c
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
pragma: no-cache
expires: Mon, 01-Jan-1990 00:00:00 GMT
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.199.30/js/ 5 KB
5 KB 116ms
6ms Script
application/javascript 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-store-helper.min.js
Requested by: Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://opovo.com.br.eu2.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 03 May 2021 22:18:08 GMT
last-modified: Sun, 25 Apr 2021 09:30:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D907CCBCE49DA3
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: faf88c0d-801e-008c-5638-3a198f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=6871
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.199.30/html/ Frame B532 281 B
727 B 7ms
7ms Document
text/html 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovo.com.br.eu2.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovo.com.br.eu2.cas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Sun, 25 Apr 2021 09:26:20 GMT
etag: 0x8D907CC2FCC987A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e2cffc70-401e-00f7-5338-3a723f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=4927
date: Mon, 03 May 2021 22:18:08 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.199.30/js/ Frame B532 64 KB
65 KB 7ms
6ms Script
application/javascript 2a02:26f0:64::210:6bc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bc1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d6a6a7549df79275ef415ba50f979f9b2da8663e174a62a0e4030022ba9acad

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 03 May 2021 22:18:08 GMT
last-modified: Sun, 25 Apr 2021 09:30:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: F1ttwOaWglR5SfRGFzgA5Q==
etag: 0x8D907CCBC9C8B7C
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: faf88e04-801e-008c-0338-3a198f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2231
x-ms-version: 2009-09-19
content-length: 66024

GET
H2

200

Primary Request / Show response
www.opovo.com.br/
Redirect Chain

https://opovo.com.br/?
https://www.opovo.com.br/

109 KB
24 KB

36ms
27ms

Document
text/html

2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a659d37e470d2b48eccf066f2e145b6581f6f8f054f09593871ec7237c939f2

Request headers

:method: GET
:authority: www.opovo.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://opovo.com.br.eu2.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovo.com.br.eu2.cas.ms/

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 03 May 2021 21:46:21 GMT
vary: Accept-Encoding
x-fivecom-rewrite-portal: home
cache-control: public, max-age=120, s-maxage=604800
x-varnish: 132155692 132646423
age: 1849
via: 1.1 varnish-v4
x-ua-device: desktop
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-cache-status: HIT
cf-request-id: 09d5e87fb700004ec89bb85000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i7mvDf5WKFew4OkpiLpXcAePNQW23jDO3GpTd%2F%2F6FSiRxQm%2BOULnPQjpIH8gJqGmgD8mzl%2Fpsti6SF4%2BUR79RBaAI1ctEATLVQ9LUO%2BJQELiizf0Yi%2BP6ndnYXkn"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 649cdd12ba294ec8-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 03 May 2021 22:18:09 GMT
content-type: text/html
set-cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; expires=Wed, 02-Jun-21 22:18:09 GMT; path=/; domain=.opovo.com.br; HttpOnly; SameSite=Lax; Secure
location: https://www.opovo.com.br/
x-varnish: 133335009
age: 0
via: 1.1 varnish-v4
x-ua-device: desktop
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 09d5e87cf900004ec82205f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wuZ0qR91uAd7GrLgHtr7AusAF2Pw4P7zldVTymnxglYLTvTcJHBFbVoRB3VnTcejVfxXw1LkBvC107m%2BHrH6AABh0FddGGRvlw7sJ%2BXOs%2FcUAumxxCGOiDE%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 649cdd0e5b284ec8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23310373-1

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0605a98ab68622e377dbe055e59c85c1a0ee09f173eb73b5c42978857d7057d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35839
x-xss-protection: 0
last-modified: Mon, 03 May 2021 21:28:53 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 22:18:09 GMT

GET
H3-29 200 owl.carousel.min.css
www.opovo.com.br/includes/assets/online/geral/css/libs/ 3 KB
2 KB 27ms
16ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/libs/owl.carousel.min.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Request headers

:path: /includes/assets/online/geral/css/libs/owl.carousel.min.css
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442654
content-type: text/css
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e87fdb0000d6c19a9c0000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: W/"5d16257a-d1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m8XAcIGc5p5pOPRwRKpIl5S6I5z6zRPow4aIcp4UsCwQv%2Fw0ngI3gyLDxTESYL1TbhtiwdChlUqXyeVwpJM5lC8BRuI6ES42%2BIl%2F28mJ1dzbSovw4%2FES24o6n4Qs"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 779194621
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd12ff87d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 base.css
www.opovo.com.br/includes/assets/online/geral/css/ 126 KB
23 KB 29ms
19ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd822e612a9671c3105c5aeffccbc836004b4fb2b1fb703471de1cf8dfa3973

Request headers

:path: /includes/assets/online/geral/css/base.css
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 525998
cf-polished: origSize=163486
content-type: text/css
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e87fda0000d6c1e1243000000001
last-modified: Tue, 20 Apr 2021 14:06:11 GMT
server: cloudflare
etag: W/"607edfd3-27e9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nz7DMyaqbgnJODD1H7oT7bYSIYG%2Fjas%2B%2FlYPil%2FGUhKZOmnQcC6zhz3rdqxHNlnvhDNCCvCYLlYN9T%2Fqpyfn%2BZzhNrGbDdXyW14tg8lqOO0rKFlJeqU1cuLKtQWt"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 612775751
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd12ff80d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 home.css
www.opovo.com.br/includes/assets/online/home/css/ 38 KB
7 KB 28ms
18ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f8832a07c6d150b1e679d807e16734655e3dd45483b601b99fe5fdca25d22b

Request headers

:path: /includes/assets/online/home/css/home.css
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320101
cf-polished: origSize=49736
content-type: text/css
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e87fda0000d6c1a03bc000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-c248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x17HVa2MsaMs0XzeNTQQ0j5xA3jk3mkGJFUF5kiYHZfZYefSH9THXLea0%2BjutkNisn2TwQbrlSle3mpzdsLQF59Gix2A5uiJzAPzT3dI9zpL30E0Badpd0feeKqP"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1019873261 1015515561
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd12ff82d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 5 KB
707 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT%20Serif:400,400italic,700,700italic

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 22:18:09 GMT
server: ESF
date: Mon, 03 May 2021 22:18:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 22:18:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
694 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,500,600,700

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d74e57a16f307dccbaa3dd0bfcd61d6228c5683e9728266379672b2611f3ac6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 21:42:00 GMT
server: ESF
date: Mon, 03 May 2021 22:18:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 22:18:09 GMT

GET
H2 200 tm42111.js Show response
tag.navdmp.com/ 12 KB
4 KB 38ms
21ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm42111.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ca58bf23e819a415daa325aa0e3a6ad83bc86395468c9ca0c240ecacf2cbc6

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2347
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 09d5e87fe20000c2d1ae2e5000000001
last-modified: Thu, 10 Jan 2019 14:46:02 GMT
server: cloudflare
etag: W/"5c375aaa-2e25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 649cdd130918c2d1-FRA
expires: Mon, 03 May 2021 22:39:01 GMT

GET
H3-29 200 advertisement.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 43 B
784 B 34ms
24ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/advertisement.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c6f5ba88cad1d6fef6754b17eff1abfb532089184774d12678b8ce6dccb04f1

Request headers

:path: /includes/assets/online/geral/js/plugins/advertisement.js
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320101
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 09d5e87fdb0000d6c18399a000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9bg%2BIiyHO%2BJ41D4ddLZRKuYyzm9QlTWVqrNerw5x18ZEZ6c5pBEfggWDMd4X8VfIwj7ESVCMd5nA%2BZlWktv44rOSKReNplcPrmoVFyqclF5560r7i93BcRpdMixn"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1019708769 1018527960
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd12ff85d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 ico-flamengo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 73ms
63ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-flamengo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e555478d721db554d486dc7c2ae2d3f4add3ab554cc81edb702d7f797da132d1

Request headers

:path: /_midias/reduced/menu/ico-flamengo.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328366
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1450
cf-request-id: 09d5e880c10000d6c179b32000000001
last-modified: Fri, 30 Apr 2021 02:59:15 GMT
server: cloudflare
etag: "608b7283-5aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mX77M%2Fj4Co86fCj1vQroDgW9tIeQi5i9ro8fAEwB%2BoJhqNEpO7zQdsl9SOWVcy5s3llaT%2FUDoeVt9VMg7t1lazdwj%2FGug6cbCQXKLp2HNAtu1HicKd9umoUQN3xw"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 69407536 67411348
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146920d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-atletico.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 70ms
60ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-atletico.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eca44b7d480b8ea047f020f2f08763b3e4bbfab06fabf96f0e9f241a75f0a9

Request headers

:path: /_midias/reduced/menu/ico-atletico.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328366
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1380
cf-request-id: 09d5e880c10000d6c1e41f0000000001
last-modified: Fri, 30 Apr 2021 02:59:16 GMT
server: cloudflare
etag: "608b7284-564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=arOFuUQi%2FpJqx4qLIiWl%2BXzoerXgRbJusoY2khCqu6bjz4N25QQCLwMIXla8u58YlljhARs1MEXn58BufdY4Z7V8pHFSi9cgqDdxtnEPLKwi2qBmgG3UGLuLhEMq"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 69179335 68722577
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146922d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-corinthians.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 77ms
67ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-corinthians.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6ff70d2b7dbbf999cd7817983d70b7a40bb33d63d3b663beb2e4386d4acbd1

Request headers

:path: /_midias/reduced/menu/ico-corinthians.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328367
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1463
cf-request-id: 09d5e880c10000d6c1762be000000001
last-modified: Fri, 30 Apr 2021 02:59:17 GMT
server: cloudflare
etag: "608b7285-5b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dLzijIeAokAm%2F53pygKQA6Lzz65tZdinAjAwtZlNtjmKcgzENVQWG9heOfJqY5ROJYrVWFu3jAH4eJ3wC6SOX99xBowqu8rbZOJAzuu3RnHQGVjZh%2BZisYjQ1Y7P"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 70484411 64108251
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146923d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-botafogo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 42ms
32ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-botafogo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c6350cc772c351bbeef48b5faddfb34239ea9942ffb9567e35a7dd64001303

Request headers

:path: /_midias/reduced/menu/ico-botafogo.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442649
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1434
cf-request-id: 09d5e880c20000d6c178b92000000001
last-modified: Wed, 28 Apr 2021 19:18:53 GMT
server: cloudflare
etag: "6089b51d-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WNRRYq5p%2BbLWpC%2Fi4llM2VX5sxBB%2BSpQ%2FeyJunlSFi20BpKumEz0iPxCJDV4NvlCa1Um15a5%2FR2ZNX2JcN6jtGzAXqJhsyKFXeLROW0RHo6CKhxnm6qDQsvdbyS3"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 937497135
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146925d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-cruzeiro.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 42ms
32ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-cruzeiro.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ab42fd2738b6f7e360ecbcf60ed7c532d75e944e85a009a3397f4d7a67c10f

Request headers

:path: /_midias/reduced/menu/ico-cruzeiro.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328366
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1611
cf-request-id: 09d5e880c20000d6c16b9b2000000001
last-modified: Fri, 30 Apr 2021 02:59:18 GMT
server: cloudflare
etag: "608b7286-64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qxlPSDZXgDM1VdsbakeNqmVVM6J9OvOPRG1PhMK2KsAIXk76kaGZkgdlne7HbGxxPhuYgK0pV0mromM%2FgzjFDd2SGo80BM1lG0hH9esLwabQNgCowGFsLz4frPzn"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 72089980 64108254
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146926d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-fluminense.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 43ms
32ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-fluminense.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3260ada7a202c54ba790f33e3252c611357eab584bec55f788a13a4e9d861e5b

Request headers

:path: /_midias/reduced/menu/ico-fluminense.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328367
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1441
cf-request-id: 09d5e880c20000d6c1982a4000000001
last-modified: Fri, 30 Apr 2021 02:59:18 GMT
server: cloudflare
etag: "608b7286-5a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lUvPwv5m2vFC8tMLliVUwA6PhU74x6dV2UJlDLnfLgE2HCPAB5pFGKZdZeHWaii5D3w%2Ft1KD9kQDqVUDTSIuZSYCXeVHcvfN1XjNKjZFDVa7l%2B0jVlcv8kcaaPX8"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 71893369 64596152
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146927d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-gremio.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 45ms
35ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-gremio.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8938c6b87446f08d0a7f530f2ea3ac840374ca40d79166f6ecaadfa9b9db407b

Request headers

:path: /_midias/reduced/menu/ico-gremio.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328366
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1644
cf-request-id: 09d5e880c20000d6c1d4a22000000001
last-modified: Fri, 30 Apr 2021 02:59:19 GMT
server: cloudflare
etag: "608b7287-66c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fnKJmn2bI0ikgb241P9k7M3sI9rPQLPSkkZfILS%2BtG4OqZR1QhDJ%2Fb3MX99dLI4zJ6xXZBAmzi2qtvo4XMGkUMsVgVyQaXbPYtoR8NGqoAnNhPtNTQUYsO2%2B2RQK"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 69212363 64596158
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146928d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-internacional.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 45ms
35ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-internacional.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03b44c6b400fac519d88ade3058e23c041edcff0494789275a4afb79f717e06

Request headers

:path: /_midias/reduced/menu/ico-internacional.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 525969
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1537
cf-request-id: 09d5e880c20000d6c1840aa000000001
last-modified: Tue, 27 Apr 2021 20:08:18 GMT
server: cloudflare
etag: "60886f32-601"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mPqPaLesTgslBFJjgz%2BiE3nnZO87LJuYrINGqWK9x9u9GWzQSQ%2B4f6YUs3gIY%2Bko6l3EnLREyVKaiZHkqqs3hbtUz7OvrU2ThZsqa6XJSoq%2FvV85TQ9y9yeTNby8"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 765529502 762715041
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146929d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-palmeiras.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 46ms
36ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-palmeiras.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbe8a6f452d3d2a87f60e32668acdaab4e62e50b2ee0b8050d3b3828775f61f

Request headers

:path: /_midias/reduced/menu/ico-palmeiras.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328366
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1495
cf-request-id: 09d5e880c30000d6c1869a6000000001
last-modified: Fri, 30 Apr 2021 02:59:20 GMT
server: cloudflare
etag: "608b7288-5d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XUdwoQ%2FpqI0Qg0%2FPuuI%2B2DpPr4eGPBh0VfSIX9TBNSQqBskO37s5VGDaDaGisETFLi3c96iCY6a%2F1UTTCJTLnt9E9HBfUxUUN5FqzPlyQy8rNk0uls%2Fk7Ek7aS8b"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 71893375 69114788
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14692ad6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-santos.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 46ms
36ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-santos.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f3ed2e08a43cbdaa2c32f0dca58bf95277a89e2b857399ad11d4e0fb656673b

Request headers

:path: /_midias/reduced/menu/ico-santos.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328366
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1525
cf-request-id: 09d5e880c30000d6c1ca0be000000001
last-modified: Fri, 30 Apr 2021 02:59:21 GMT
server: cloudflare
etag: "608b7289-5f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yWK8Bqno6PNjbqR2kc%2F9hkbkE%2Fjsfj2uvQweB7KFH1DNW6pNUMZQto%2B9VnUNIakP9IfoBZnrnoYj5dGwgluUSs2bcil%2BZvjzp9RD38jutjEeMww1AhZ07lkVsWDT"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 69212359 69306540
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14692bd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-saopaulo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 46ms
36ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-saopaulo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b008731a86ba82dd977825f31b0ba566fd3c693897d3928690cc2582a6f9063b

Request headers

:path: /_midias/reduced/menu/ico-saopaulo.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328367
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1452
cf-request-id: 09d5e880c30000d6c1a616f000000001
last-modified: Fri, 30 Apr 2021 02:59:21 GMT
server: cloudflare
etag: "608b7289-5ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JtvXAuaNT5F9jE4TojQXCICzluiY6ZXw8B%2BKbORu%2BrSggi6L13AZ9vYy39ejaHXIjuZoxL2ZPcaYi5YuliJ0biHovm3j%2B0EKBWXzabERgxmOR2Apzgo4pscSt8wJ"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 70484413 68722583
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14692dd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-vasco.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 47ms
37ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-vasco.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba7fd787c02199e104993472f1cb118b9c77d4db60f3b85149d941d496dc2f8

Request headers

:path: /_midias/reduced/menu/ico-vasco.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328367
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1400
cf-request-id: 09d5e880c40000d6c19f372000000001
last-modified: Fri, 30 Apr 2021 02:59:22 GMT
server: cloudflare
etag: "608b728a-578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=omqCol7PPirwgqeGPDDERdSzTz0braDqcd2weg1GdSD1IGFGPXnc%2FKiyOqU4FXIfkkd0wXYerji1FwoHbrpO%2FSizHNKQ8F1WwBrJ%2Fcey05KSmXerdiiY%2F1jFg8hW"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 71893371 64596161
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14692fd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_alunos_pandemia-15243707.jpeg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 47ms
37ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_alunos_pandemia-15243707.jpeg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6949d68f3f6dbc6f79c8b976f5607c8b09745c260d758d813165799b1618d2ce

Request headers

:path: /_midias/reduced/home/1_alunos_pandemia-15243707.jpeg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7704
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7104
cf-request-id: 09d5e880c40000d6c1c03bc000000001
last-modified: Mon, 03 May 2021 20:04:14 GMT
server: cloudflare
etag: "6090573e-1bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FRQJCHKOeD88dm6XrOeYs1qhgAyKtc20W6fy3H6KuOJm4Rrsc4d2KqvHhDuZalJcC1Lz0I2xTQ8hylEtRAsYradgDyPvlvLvroelqz2kCxf0KMpui082VczkORVF"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 121143969 119572836
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146932d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_paulo_gustavo_nega_orgia_em_festa_aniversario-15531074.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 66ms
56ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_paulo_gustavo_nega_orgia_em_festa_aniversario-15531074.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c211f287b1f7fd5e5a36cc2f19605e2ca0f79c265cbc529699f2289a209e09ca

Request headers

:path: /_midias/reduced/home/1_paulo_gustavo_nega_orgia_em_festa_aniversario-15531074.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5140
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5406
cf-request-id: 09d5e880c40000d6c1e5150000000001
last-modified: Mon, 03 May 2021 20:47:22 GMT
server: cloudflare
etag: "6090615a-151e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W6tqV1svK%2BKvzBUBf%2F88rEq29vmgoJZR4vtfJ3oSxz256Gr5m76CO0wYBBaruQ4bTwF2o%2BQ1q7ZG%2BCE0PxMkAYeZyi33bi429NclyYYW2koRWAnQLGUvRQZnVjAo"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 123832687 126714930
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146933d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_clovisholanda_2021-15447451.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 47ms
37ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_clovisholanda_2021-15447451.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1e776b76de2f3c5d26073ae5f6bf1b9d1a32a7e94c1df92fef491d7e6f6df59

Request headers

:path: /_midias/reduced/home/1_clovisholanda_2021-15447451.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2210
cf-request-id: 09d5e880c50000d6c19fabc000000001
last-modified: Mon, 03 May 2021 21:08:22 GMT
server: cloudflare
etag: "60906646-8a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OL3tlmX1TRcZkIUrK%2FHv6XnNLCFBQmi8S%2FW573U9gpDGrP2WVQ8SjpEbdDsbdS%2B2zPHpq4B0FdLFThIsX1iHUxc5lXXu7XrlaI5qKHcteoIywshebAYYdxDx8qCM"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958575 129238580
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146935d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_ricardomoura-12638143.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 47ms
37ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_ricardomoura-12638143.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648b481680f07ae3dc05c1a7b23b24a5e2787f1835ec62b00f37ac31f504aa2f

Request headers

:path: /_midias/reduced/home/1_ricardomoura-12638143.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2085
cf-request-id: 09d5e880c50000d6c1b5958000000001
last-modified: Mon, 03 May 2021 21:08:22 GMT
server: cloudflare
etag: "60906646-825"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sy%2BlF2QvuPLnxEFIejLLBU6qpj1KrVckO72Mcs94zVQ6W11ITylTXNLqGTG%2FfeOlx3CDB0IUP96rrvCTJE5opHHSRaa%2B7SYTpOZTZtcqN05be0KKYLoWKgLAYo2I"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319893 128649380
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146936d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_ledamaria-12638099.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 48ms
38ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_ledamaria-12638099.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0acdc8dcedf20ab2aaa7164d7cac2404d4a3b28c1f3f672d55d93f58dd2aab06

Request headers

:path: /_midias/reduced/home/1_ledamaria-12638099.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2450
cf-request-id: 09d5e880c50000d6c1ba0ce000000001
last-modified: Mon, 03 May 2021 21:08:22 GMT
server: cloudflare
etag: "60906646-992"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KekJacIRhPqHjkIs41VcdvzOgQMEeBkasbeQuK%2BldD5kAwRZozgdinUXnUx%2FfEJz7%2FDRN0pLbJ5GAOfsiIsDPXIPO06AV7fC4Y1F6z3Pv9gOMIrKMTK0tW%2FH%2BqYW"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958565 129990976
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146937d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_romeuduarte-12638154.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 48ms
38ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_romeuduarte-12638154.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c733825660c04a6ecba84c81d78acbfce90b6ee2ac52b87c7c451990470e927

Request headers

:path: /_midias/reduced/home/1_romeuduarte-12638154.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2113
cf-request-id: 09d5e880c60000d6c1e9068000000001
last-modified: Mon, 03 May 2021 21:08:23 GMT
server: cloudflare
etag: "60906647-841"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ryibP4vG1vCLzolgL%2BsqHoAfwZ4njUNhwAEo%2FIJuzxG%2FP7YOFkwp5Nhc8W3rkNJQrVntQDK%2BYw6n6ViSC4bXah3h9vjT7ZSf9NXbCK%2FrDxoHFIZLdgJ5aE2vy2LU"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319891 128649371
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146939d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_eliomarlima-12635148.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 48ms
38ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_eliomarlima-12635148.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec8bb1d17ac0d8da1cf6a6ec112cd74daa86a27325b559a2618b9f1bacfe451

Request headers

:path: /_midias/reduced/home/1_eliomarlima-12635148.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2196
cf-request-id: 09d5e880c60000d6c1d02e7000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-894"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xb5qwflePLiWTdMIph%2Ff63KMwZ1axw9fVtu5EVsTqQvfAkNwXvQRkZCe810mCyoo6pge%2F8xp0lfN4Xg320TEQJfPRNKTUvqOvVvhT%2Bjo%2FB1PV8rS%2BvPVQkIbPCKq"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319901 129990982
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14693cd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_alanneto-12638417.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 53ms
43ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_alanneto-12638417.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519b64efdeaa973ab35bfa1aa18b46aa729018adb9d73c34abe01132615bbc15

Request headers

:path: /_midias/reduced/home/1_alanneto-12638417.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2411
cf-request-id: 09d5e880c60000d6c1a2ae5000000001
last-modified: Mon, 03 May 2021 21:08:22 GMT
server: cloudflare
etag: "60906646-96b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v2eHHoY2CHzEG317Dek3W1EFA9m%2FOnul7Ws2%2BlQROCL02YTVnGOFCDOVM7n6edcoX29aW7r2gURawRhhItlR84jugMUoczPEhpWjDGz1Hc5jFpNZGQtazzvUF2HP"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958567 128649368
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14693ed6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 logo-compre-dopequeno.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 9 KB
10 KB 54ms
44ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/logo-compre-dopequeno.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2121d2e43da18179a9a66cd77212546662297925068bf7004095d1c3ca7d659

Request headers

:path: /includes/assets/online/geral/imgs/logo-compre-dopequeno.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9054
cf-request-id: 09d5e880c60000d6c190aa7000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: "607754f1-235e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EZdzaSSZTAF7T7bOHd5M9W%2FLRv4bRjnDJeHm5PuEsXCmCxbcaMEDoRSzHhvdD%2FvJ1MwgfrshzHquC3GIeviYokKBTVQRLuGVJJihb5tm2PGNdjbw4LwqlAt4qdrN"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1021051711 1019839030
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146941d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_img_8742-15240289.jpg
www.opovo.com.br/_midias/reduced/home/ 10 KB
10 KB 61ms
51ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_img_8742-15240289.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e39af3de89b6501803047a1914936eb4ed96adf20e22443eb198432aea56d9

Request headers

:path: /_midias/reduced/home/1_img_8742-15240289.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7704
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9942
cf-request-id: 09d5e880c70000d6c1a51d9000000001
last-modified: Mon, 03 May 2021 20:04:15 GMT
server: cloudflare
etag: "6090573f-26d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=asCL01sm8CW389aI0tWkab9a5HiosboeBbkUlagFVv0YM9fMEtice8%2F5b4PaEPIYupC8zBcZMasVBagLzYIMmWszXjo5z%2F0ZQy%2BajA%2FqdhUBYyoIc9TX5V4dLcob"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 121143977 117149355
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146942d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_dr__jairinho_henry_borel_monique_medeiros_da_costa_e_silva080420212773-15577247.jpg
www.opovo.com.br/_midias/reduced/home/ 9 KB
10 KB 54ms
44ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_dr__jairinho_henry_borel_monique_medeiros_da_costa_e_silva080420212773-15577247.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 208a618ce499f1b8056ba6f60210d13598960b415ecdb8a0b2df83351cfe0c02

Request headers

:path: /_midias/reduced/home/1_dr__jairinho_henry_borel_monique_medeiros_da_costa_e_silva080420212773-15577247.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7899
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9210
cf-request-id: 09d5e880c70000d6c1839a8000000001
last-modified: Mon, 03 May 2021 20:04:14 GMT
server: cloudflare
etag: "6090573e-23fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wi1UGM2D1%2Bm4uvGYEsyEA3vPn161%2B%2BybHJNxOtAi8HS%2BMmL5IVTrNg7N56a3Q99KpKEYwM6%2FoIReHrHtmvLy8pvICWffMts8mRRPbgrMEbERQj3uheFODdkkJ7H2"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 117148544 120095705
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146943d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_whatsapp_image_2021_05_03_at_07_52_34-15641783.jpeg
www.opovo.com.br/_midias/reduced/home/ 20 KB
21 KB 65ms
55ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_whatsapp_image_2021_05_03_at_07_52_34-15641783.jpeg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270e39cf744bea04cb6e334150f79c1eb699f93bf1ec5c7b77eec67464d3fc98

Request headers

:path: /_midias/reduced/home/1_whatsapp_image_2021_05_03_at_07_52_34-15641783.jpeg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5752
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20578
cf-request-id: 09d5e880c70000d6c1b40af000000001
last-modified: Mon, 03 May 2021 20:38:41 GMT
server: cloudflare
etag: "60905f51-5062"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mik2X4f4WqxlNgsR3hcXCk9CwgWGB6tkCYfFc%2BiiVQiOS9tQVHIKfHKHDcBUE6PgOHZ9%2B2E8fPcg49sJdZbFsesd4X8VsWtHUGMZcy09wT5ALybLawh54RlUMWaI"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 124815538 124160575
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146944d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_whatsapp_image_2021_05_03_at_16_43_16-15647688.jpeg
www.opovo.com.br/_midias/reduced/home/ 10 KB
11 KB 54ms
44ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_whatsapp_image_2021_05_03_at_16_43_16-15647688.jpeg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d131070b1c12e3d13d58eb01603d0cf61c8aa16fa0a644a810b578c25210a7

Request headers

:path: /_midias/reduced/home/1_whatsapp_image_2021_05_03_at_16_43_16-15647688.jpeg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4701
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10554
cf-request-id: 09d5e880c80000d6c1cc8dd000000001
last-modified: Mon, 03 May 2021 20:54:12 GMT
server: cloudflare
etag: "609062f4-293a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2mEV5uRccGy9zAXW4V4Ys%2BaRlTr15vMGcWXNbJLBkllGuGEtv%2BrpAotkkprF1v9goO5OxfqUJ%2FLquL271tZVhfwog2dO%2Bc6rNRtzTFzc00b0Cb4Arb370981cP0M"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 127534805 127567019
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146945d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 54ms
44ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d579e961b90e0bd49545a105bf64af4a0df16d5305bda2334651462d78200f9b

Request headers

:path: /_midias/reduced/home/1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5590
cf-request-id: 09d5e880c80000d6c17db5f000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-15d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0QdC6VpqKlS8sCicwtmZjHYMGciofy6aFTO7Zy6MlcD50C7gud9FlSs%2FoBmFc%2Fm89y53beEY1KjAi7uuLYoUWBDk%2BronBU%2FatxsDn%2BYAgtnkc9rLlXs6q99NGloD"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319895 129958088
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146946d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_clubeopmais-14477185.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 67ms
57ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_clubeopmais-14477185.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe9772d95cbe28e814b4e2106f9d42eb1e711d209707c73d36fe754465b7387

Request headers

:path: /_midias/reduced/home/1_clubeopmais-14477185.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7168
cf-request-id: 09d5e880c80000d6c1e124e000000001
last-modified: Mon, 03 May 2021 21:08:21 GMT
server: cloudflare
etag: "60906645-1c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ltVQaB7XfW4rxCEkZy9gatdA6%2BDTdbbNiE2%2FHgUcuT%2FaDLHhWfYFj3m6dx6dvjXZd9gJK3l466Figmu3u6RHieuSa4mQvJVV9zPqdALJkMCWivd5JZFIvpJVSLpE"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958577 128649377
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146948d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_trator_agrotoxico_foto_franck_barske_pixabay-15577102.jpg
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 74ms
64ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_trator_agrotoxico_foto_franck_barske_pixabay-15577102.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab888b64ffc504de0179c5c7a67fb7bd0c1780d15b465eca6cc432e069e1e065

Request headers

:path: /_midias/reduced/home/1_trator_agrotoxico_foto_franck_barske_pixabay-15577102.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2176
cf-request-id: 09d5e880c90000d6c17e26d000000001
last-modified: Mon, 03 May 2021 21:08:21 GMT
server: cloudflare
etag: "60906645-880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BVGjec3ZYZkW76h4Or2k1ebr3wpbgeBugFrb8phi63g9AVhOC5aEY86VuNqzYaeQe3wIFLW581Ur4pqlbPUBxIEGQYLXVTV6rDR%2F0wYT7C1kpDIGIGuiAObllBlw"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958571 129990985
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14694ad6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_startup___capa_01-15617220.jpg
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 54ms
45ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_startup___capa_01-15617220.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 790d71668d92c45868e2128e2ee8480db1afeb342f44172ee097e71fc26994b4

Request headers

:path: /_midias/reduced/home/1_startup___capa_01-15617220.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 09d5e880c90000d6c1d2858000000001
last-modified: Mon, 03 May 2021 21:08:21 GMT
server: cloudflare
etag: "60906645-8ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zXTkHxro0Q%2FPbaX6lr2BNDPGdIerJLdxYCdFaIha87EEfWWO91qNCHCa3shb194%2FvMCDt7Sc6iahdYfG9Re0TTnG7idLmkBTueGJHSWal%2Bup%2FjCTZzASXqlmhpET"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319897 128847065
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14694cd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_capa_01_01-15588151.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
3 KB 69ms
60ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_capa_01_01-15588151.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c68dc10b5c3627a75af30a5208dabf36afb0d78a6b9a61b59fe10f502d55f94

Request headers

:path: /_midias/reduced/home/1_capa_01_01-15588151.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2832
cf-request-id: 09d5e880c90000d6c17f1ac000000001
last-modified: Mon, 03 May 2021 21:08:21 GMT
server: cloudflare
etag: "60906645-b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1BlXXsXYTCOsZqI5S%2BE010LZH%2F0gD5XKgu%2FzULAMw9asByJ090ffMzI5wCgSCREV2LKVdVMifPUzWonEfmp7UbaFXyXvbaJKbolyAo%2BEmjawn9%2BRY5%2FnQytbSASD"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958579 129990988
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14694ed6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_walter_benjamin__e_asja_lacis___capa-13659194.png
www.opovo.com.br/_midias/reduced/home/ 15 KB
15 KB 60ms
51ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_walter_benjamin__e_asja_lacis___capa-13659194.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017ee2612ecc9b8246c951158c0982c263679899b0bb803a101d06e5be06151d

Request headers

:path: /_midias/reduced/home/1_walter_benjamin__e_asja_lacis___capa-13659194.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3945
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15156
cf-request-id: 09d5e880c90000d6c1a03c6000000001
last-modified: Mon, 03 May 2021 21:08:21 GMT
server: cloudflare
etag: "60906645-3b34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vTitxiBO9%2BNdmw1%2FlOKi6kwoYMMGrGOgnr7%2Btz6hyFdcbd9o%2FYLSHDUJvlQROCWtIC2Dv9KurzxvBh69mu8RgMTORiJSifSlUm5tJBERTeQB57n7fXnH9Dvir0Gi"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958581 128847062
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146950d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 capa-jornal.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 47 KB
47 KB 70ms
60ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/capa-jornal.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14108e25edfa81b17888975728e2d284650900547552a3b445b3d216976a327

Request headers

:path: /includes/assets/online/geral/imgs/capa-jornal.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47816
cf-request-id: 09d5e880c90000d6c1840ab000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: "607754f1-bac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5QXOzhEUTVQZY%2FwdXd5aEvKtlMO5QVMflkLMyO7H%2BgVNIknhOiHzrR2pqAvJcVeRhKeuqcvMkPlgat%2BKY1OqeZzzsWKrW3lYny9KjCEjDxQIBXyLSolgkt8bLf7B"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1011256401 1009977434
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146952d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_shutterstock_1766372960-15630192.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 54ms
45ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_shutterstock_1766372960-15630192.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ed184ea97442b0807258a214ba6c2873e96904d7f9e90cb16fcf95d3c3d32e6

Request headers

:path: /_midias/reduced/home/1_shutterstock_1766372960-15630192.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5260
cf-request-id: 09d5e880ca0000d6c1c3ac4000000001
last-modified: Mon, 03 May 2021 21:08:22 GMT
server: cloudflare
etag: "60906646-148c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ahxr%2Fkt5hBbTo%2FpiRYfc5mOraHIZlrd6NaGzeW7MHr9CpxO%2BbNakQQAiKTY4L09zC6oO5iPwUfcUNXmg7yjdZF544Mch%2BSbEX6HwTg0%2BMoaBifsijiPlfokkEDzI"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958569 129990979
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146954d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_vacina_coronavirus_covid_19_covid19_butantan_coronavac_sinovac-15525293.jpg
www.opovo.com.br/_midias/reduced/home/ 9 KB
10 KB 66ms
57ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_vacina_coronavirus_covid_19_covid19_butantan_coronavac_sinovac-15525293.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ad26baf9fd0f1d9aa59a0ac97df62f3db53650f0a0847b8cebd803da217588

Request headers

:path: /_midias/reduced/home/1_vacina_coronavirus_covid_19_covid19_butantan_coronavac_sinovac-15525293.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7238
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9440
cf-request-id: 09d5e880ca0000d6c1982a5000000001
last-modified: Mon, 03 May 2021 20:05:42 GMT
server: cloudflare
etag: "60905796-24e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9m4AvjYyhoaXZSxh124ZdysiKx%2FawVrsFg5PPN1fys7TVJugP8i8QSFHaCKVdQ4BaeBgIxX2ba1sAZ%2B7G0zTi5U5eSqLbz%2FmFIBuTU2rcyB9F2drK6CJlTX9mERP"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 122946923 118263708
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146956d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 button-opovo-cbn.png
www.opovo.com.br/images/imgs/portal/ 5 KB
6 KB 70ms
60ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/images/imgs/portal/button-opovo-cbn.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b3fdf7132afb85d663fd4bc49a66d6b864a8f6dbfe8e861908b6395207979e

Request headers

:path: /images/imgs/portal/button-opovo-cbn.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320100
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5301
cf-request-id: 09d5e880cb0000d6c1869a7000000001
x-fivecom-rewrite-redirect: 1
last-modified: Fri, 31 Aug 2018 19:29:57 GMT
server: cloudflare
etag: "5b899735-14b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tNq%2BGFPmH%2BOE8YczCJVnBMmD%2Bqp07aG2cdie%2BMmGHtRUY7fd3oZZ5DEHtj5pl51rC1i1nBQYfBpKIChmO4qCa8ss4%2BS5NH8QQRbGE1Ax6V7MuSsMCIyoVMASLoC%2F"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1019708810 1013745463
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146957d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_img_0151-15407824.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
4 KB 72ms
63ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_img_0151-15407824.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d837ae4d398c29de53365a7f43ab77bd13d780aadc44fdfd168fee83f17708d6

Request headers

:path: /_midias/reduced/home/1_img_0151-15407824.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7705
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3320
cf-request-id: 09d5e880cc0000d6c1ca0bf000000001
last-modified: Mon, 03 May 2021 20:04:15 GMT
server: cloudflare
etag: "6090573f-cf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mDE8WD0oaFhFHd86Sax38UHS%2FjPGJaNNo8tCHcyl%2BYx99eyx5f8n44WemNocJSptUduVrxzbhamfaAAwOhn9xkR0k8P9Uvm4hWqHMCoxAFquA2FJYILRQTFxRE%2Bl"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 121143988 118262643
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146958d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_ceara_salvador_treino-15643095.jpg
www.opovo.com.br/_midias/reduced/home/ 12 KB
13 KB 60ms
51ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_ceara_salvador_treino-15643095.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e27a1e740d0c0cb9d821960708e91a8f51ad37c3e9b21b70b172bfb306bfa38

Request headers

:path: /_midias/reduced/home/1_ceara_salvador_treino-15643095.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7705
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12498
cf-request-id: 09d5e880cc0000d6c1a6170000000001
last-modified: Mon, 03 May 2021 20:04:15 GMT
server: cloudflare
etag: "6090573f-30d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uFghgHOdBDK4S7kA9emhm1JDisHXmHnXeqoLdsWQ1s0GugOwZubOPpbd8f5MO9qUyVo6KH0PpZ66qsnFNOxySMy22551z37PVLL%2BcGv3bKSMUMFkZsmC4r0Sjiwf"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 120783126 118262649
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146959d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1__mg_9465-11873260.jpg
www.opovo.com.br/_midias/reduced/home/ 22 KB
23 KB 60ms
51ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1__mg_9465-11873260.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0b815da34e348481b3b4e65deb65d9b29710005b2911d02348e705c481013e

Request headers

:path: /_midias/reduced/home/1__mg_9465-11873260.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7897
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22370
cf-request-id: 09d5e880cc0000d6c189af7000000001
last-modified: Mon, 03 May 2021 20:04:13 GMT
server: cloudflare
etag: "6090573d-5762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dOBYCA%2BcE9JI1qwhplfligkKWo%2BpxXeBCOqUYHKRPrlcxIdNMZfpFk5V260nRDY9KdRrOFRWa4rbv0Ar0sf2sJg5L7RaW8K2noXjHdHli4mc%2FM6WGg31a74F1FLa"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 116333520 120161350
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14695ad6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
37 KB 31ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

806d23c9d99220323b66207a5ab4e8068d6ecc805a287fd6a6ee2e71ed9789ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37677
x-xss-protection: 0
last-modified: Mon, 03 May 2021 21:28:53 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 22:18:10 GMT

GET
H3-29 200 1_capa_ja_nao_me_sinto_so-15641750.jpg
www.opovo.com.br/_midias/reduced/home/ 8 KB
9 KB 54ms
45ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_capa_ja_nao_me_sinto_so-15641750.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5e4c1d90b974a7d5db331660b4968e3ea489126a620883871c36c9bcdf436b

Request headers

:path: /_midias/reduced/home/1_capa_ja_nao_me_sinto_so-15641750.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5753
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8210
cf-request-id: 09d5e880cd0000d6c1d8ade000000001
last-modified: Mon, 03 May 2021 20:38:40 GMT
server: cloudflare
etag: "60905f50-2012"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rj46Nmbg96PaRcpIGLPz7Ohs9kaAKXfqdcOtzM%2FgIN4Qf4gs4pv6xuVWGaiRFvi5CjRWcRuKmYTL1nH2DQ2diJfba6hiYlRQBb1p7ZZl4pKp6QBgmztGvvR3fhwi"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 124815545
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14695bd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_captura_de_tela_2021_04_30_a__s_16_49_23-15626476.png
www.opovo.com.br/_midias/reduced/home/ 15 KB
15 KB 73ms
64ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_captura_de_tela_2021_04_30_a__s_16_49_23-15626476.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493e79568e69eac3706f1a6fc02bb1643b7141b60c359d392e5317cfe44334c5

Request headers

:path: /_midias/reduced/home/1_captura_de_tela_2021_04_30_a__s_16_49_23-15626476.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14940
cf-request-id: 09d5e880cd0000d6c1e5151000000001
last-modified: Mon, 03 May 2021 21:08:22 GMT
server: cloudflare
etag: "60906646-3a5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f7NQ1ShEPrabmUPFrsxRFL%2BK20FgrYaTrDTccK0TjKxWo%2BolsxbpGS1Tl3JbvEjcW9aEXinSrd%2BW6aSN%2BYqEkPIIWVKxi3pQuJUUNDFzMW%2Bh4sWQEqKdzw4fG49r"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958573 129533486
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14695dd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_brinde_brothers_bbb21-14732588.jpg
www.opovo.com.br/_midias/reduced/home/ 15 KB
15 KB 57ms
49ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_brinde_brothers_bbb21-14732588.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bf35563d8740ad785d2c53cb5410135509f8c57e8bc1dd0c9f94cfddfecf2cc

Request headers

:path: /_midias/reduced/home/1_brinde_brothers_bbb21-14732588.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15066
cf-request-id: 09d5e880cd0000d6c170224000000001
last-modified: Mon, 03 May 2021 21:08:19 GMT
server: cloudflare
etag: "60906643-3ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Z7jpttizp%2FsKSD1KKvAOUAVukDZKLL03CJIccVckGkY1RnedUJo%2Fl4Z9HhbWdqcLUW53wCr2WcqIpmN3bjjG3gB4qqx1NDTzcbl8A1JA6jRzfvmxoOCjptObkaE"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319899 130319402
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14695ed6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_fiuk_chora_ao_lado_de_gilberto_401373_36-15642844.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 75ms
67ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_fiuk_chora_ao_lado_de_gilberto_401373_36-15642844.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d6de04465b55f810d13b8838bb50b046b3532a78fb2018e56a3af4c7e18128

Request headers

:path: /_midias/reduced/home/1_fiuk_chora_ao_lado_de_gilberto_401373_36-15642844.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7705
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7050
cf-request-id: 09d5e880cd0000d6c19fabd000000001
last-modified: Mon, 03 May 2021 20:04:15 GMT
server: cloudflare
etag: "6090573f-1b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6CNrFxczYI9hULVQUy%2Fa6xbda37Ka%2BA4sP9v1Ytzhf9MH8yDHbEo9z9Ez3%2BYUkcsHMAejt5TMg2wzOYhnuFbPygPuXfMjxl1caXeGdZtdzHueJx%2B1eSv2w9nPTJF"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 121144012 117575955
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146961d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_000_8xu7tu-14503412.jpg
www.opovo.com.br/_midias/reduced/home/ 6 KB
6 KB 75ms
67ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_000_8xu7tu-14503412.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 043f2ffa258f7e930bcb6f5dba61677e89dd83a9c6836dabc287f552c45baf9c

Request headers

:path: /_midias/reduced/home/1_000_8xu7tu-14503412.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5642
cf-request-id: 09d5e880ce0000d6c1b5959000000001
last-modified: Mon, 03 May 2021 21:08:19 GMT
server: cloudflare
etag: "60906643-160a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dqkSxkZzgffhCUCKt40mPl2Px0JfBj2o9KhdkoSC8LCmfRQlEaEJ8XHaq1d66E0qh8qCyz8nwL4sheQFflxe%2Betk5yG3%2Fya3mDxbFht9L7husQrqp1HjFY1dJp%2Fd"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958583 128847077
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146963d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_reprodrucao_google_blog_do_farias_junior-14778733.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 76ms
67ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_reprodrucao_google_blog_do_farias_junior-14778733.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594daf03c1101103eddb292d1d583d676128ce34437974d935d36cd13105b2be

Request headers

:path: /_midias/reduced/home/1_reprodrucao_google_blog_do_farias_junior-14778733.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7582
cf-request-id: 09d5e880ce0000d6c1c92cf000000001
last-modified: Mon, 03 May 2021 21:08:19 GMT
server: cloudflare
etag: "60906643-1d9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UKMeWtR53NTXrlgvSXDvrrtJmYa7J%2FKWGM3F3ElAWFh4rE%2FAAJBoMsFZmCnsd2yhQ%2FwbnGKN6CCWNpOHg9IUSAR%2Bz9feuljdm8JQwlov5mAAvb5f1Ep5Nywr%2FWL%2F"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319913 129533498
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146964d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_macross_1_1_740x416-14778766.jpg
www.opovo.com.br/_midias/reduced/home/ 14 KB
15 KB 77ms
69ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_macross_1_1_740x416-14778766.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd3ebc4f4b8632daa70fcabfc113a813769ba38e0dce48763b9c6fed713c4b8

Request headers

:path: /_midias/reduced/home/1_macross_1_1_740x416-14778766.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14450
cf-request-id: 09d5e880ce0000d6c16e300000000001
last-modified: Mon, 03 May 2021 21:08:19 GMT
server: cloudflare
etag: "60906643-3872"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BRHReSFbPkR0mnKN%2BEfkEDydqfgMmYxqvv3ul7iZVSs7q94b9sf16%2BNnzu8cvcZ%2BkDdBY4V52Zb%2ByyeY1j3EH0itNvAMzk0zDyFNY5GEPM2GXdRPeA1mWTezpSG6"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319911 129533480
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146965d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_atravessar_a_pandemia___ep5___capa-15232010.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 78ms
69ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_atravessar_a_pandemia___ep5___capa-15232010.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e6603549555580b680f86b03c2ab7b601f933688409c412990b230f200008dc

Request headers

:path: /_midias/reduced/home/1_atravessar_a_pandemia___ep5___capa-15232010.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5504
cf-request-id: 09d5e880cf0000d6c174370000000001
last-modified: Mon, 03 May 2021 21:08:19 GMT
server: cloudflare
etag: "60906643-1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JndThT%2Bwi5BcfhJhq%2FjdWElW0wIFIlays1SUvfEOwNGCEQPE2ddcfEzCzEM6oGc75UQ7twK4OsErl%2BHW2ZJm2Oz88qSp4bL3ktDofYRbks0yEF3pzYJda6uT65BB"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129500025 129533495
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146966d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_amor_1-12568115.png
www.opovo.com.br/_midias/reduced/home/ 11 KB
11 KB 78ms
70ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_amor_1-12568115.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99434f8dfcf70714ea945af372182735fa0c5b1a996655355376ff3048aea4a2

Request headers

:path: /_midias/reduced/home/1_amor_1-12568115.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10853
cf-request-id: 09d5e880cf0000d6c1d02e8000000001
last-modified: Mon, 03 May 2021 21:08:19 GMT
server: cloudflare
etag: "60906643-2a65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=39aEmXybFRF5u6WtCUZO1f%2FUd9iewo%2FVIMCCkZ%2FG7Y8OLVkAn%2BtGVAdtl63oYBJhvsuwM1Eay8LUuNV3e5btvpgwAQ1%2BbT%2FkOetma9OGa%2B2zedWG%2FxY8z%2BOJcCdT"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958585 128847083
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146968d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_ceara_a_mesa___ep7___thumb-14941892.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 80ms
72ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_ceara_a_mesa___ep7___thumb-14941892.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed78b01a625c033cbf227def15cf08c316d252892c7436253a0533d8069da8d9

Request headers

:path: /_midias/reduced/home/1_ceara_a_mesa___ep7___thumb-14941892.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7192
cf-request-id: 09d5e880cf0000d6c1839a9000000001
last-modified: Mon, 03 May 2021 21:08:19 GMT
server: cloudflare
etag: "60906643-1c18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZoLEmmyRvWRpa6z1s0P5BN17VK%2BmzPjRDeVJ0zta5JGzTYcoAeCDKgTRK%2BN6D83nqVz5a68VaAEUa7zzTGAaXQ7iZKmmMZfYsieKFPBMgYKW03%2BMNYkEShcMjpSp"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319915 128649388
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146969d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_ciro_nogueira___capa-15357090.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
5 KB 80ms
72ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_ciro_nogueira___capa-15357090.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7e6ee51f395018bd02c4fa3914ce146476b44a0c7282d1c5b972fbff6b8664

Request headers

:path: /_midias/reduced/home/1_ciro_nogueira___capa-15357090.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
cf-request-id: 09d5e880d00000d6c1b40b0000000001
last-modified: Mon, 03 May 2021 21:08:19 GMT
server: cloudflare
etag: "60906643-10b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Ba4wHmwYUs8mUnsSmWJ1YILXiJB6lkYSjA4JIBLADtPdl2mO4CZ7juvoARtL%2FQC%2BEt2vkSyEwv50UPDICOANBegQvg5ezyzQEV%2FOz76%2BUNXKNh%2F9qEMQg%2BX%2B9ock"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129500023 129533489
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14696bd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_mandetta___capa-15054922.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
4 KB 80ms
72ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_mandetta___capa-15054922.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fab1be6082e6740df9de7635b96d4e93c66fb8fcdc9f86072dcd29c6159be1d

Request headers

:path: /_midias/reduced/home/1_mandetta___capa-15054922.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3344
cf-request-id: 09d5e880d00000d6c1bb99c000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2rvMCK%2FHYum7sop6UpegaqTRC7tCIgN4OwbUH9KNDLwLw8PbdOeTXwrSuR0ESBv5M2jFo6ZVyKEOz%2B3YVs%2FndnpV7ITf3%2BTgzgbF3fIQ0xXbLjEoZBKJQTsfyIeX"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958587 128847071
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14696dd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_vamos_agir-15645641.png
www.opovo.com.br/_midias/reduced/home/ 8 KB
9 KB 80ms
73ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_vamos_agir-15645641.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9710b6abe21b465b8ad441e4c535956222a7cdac36eb5ad5e578a9359194eac8

Request headers

:path: /_midias/reduced/home/1_vamos_agir-15645641.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7705
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8387
cf-request-id: 09d5e880d00000d6c16a892000000001
last-modified: Mon, 03 May 2021 20:04:15 GMT
server: cloudflare
etag: "6090573f-20c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Egzh0CTNxfcMyGcV8j60BEs7%2FQPgwFMi9%2BiQdgWq24Ccs1H%2B9WClV%2FkIBKas0GtIYcM9hs9FAMybnTyJtFq7NtndoOuofsLAtyLLStZXXyfDWms0I%2BUPY9otE9ix"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 120783160 120096513
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14696ed6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_botanica_principal17-11548231.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
4 KB 81ms
73ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_botanica_principal17-11548231.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9298f88a525ce9829ebe9ba4cf4692da2f12b278579999aa9453ed570b02b4a0

Request headers

:path: /_midias/reduced/home/1_botanica_principal17-11548231.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3744
cf-request-id: 09d5e880d10000d6c179b34000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oXFlZWSAkU5T39MZ4DDl9MWCkRbeqoZh2kdbJrISHcvoigJg7KzT9ERGSqj%2BT4VNTtt0%2FDQKgBQrjOrWFfADGUSSbWdyzJFh0ylKGUhQ4k8VJ1eyBShbrzmeraCs"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958589 128649383
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14696fd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_violencia_internet-12264957.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 81ms
73ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_violencia_internet-12264957.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6709016dd2b93604284c2125b0b3859f14235bec1b914a07a21f0f810dddaca

Request headers

:path: /_midias/reduced/home/1_violencia_internet-12264957.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5408
cf-request-id: 09d5e880d10000d6c1cc8de000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-1520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EH%2FVjpTgFwAntn8OiG5rSpgBFLdSSyzCQYSNf5lbkiaGW8pNTb%2BvsBO1AjAJQQPTzhoSbwqEObz4WKIAQi6IGN7XxEoSkl0eslImCpd43OPXdIP7eLHrTPWkCaIQ"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958593 126292641
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146972d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_alemao_kitesurfe_idoso__9_-10301272.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
4 KB 82ms
75ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_alemao_kitesurfe_idoso__9_-10301272.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bdb6f8aa5a7bc7d329c8ef830a1ed2c19194e59d91b3316192aae5ffbc4cfe5

Request headers

:path: /_midias/reduced/home/1_alemao_kitesurfe_idoso__9_-10301272.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3838
cf-request-id: 09d5e880d10000d6c1e41f2000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lebbufa1h8O5iBwyWTwTnX%2FcabqUQVW1BlRtVWNtQwRytlvZS8raMRHX3xQdliXDWj3sbpTYMYkpY%2BKjQdio83%2BdqXM6FjeNU5S7yqGm20%2FjJme5MZGaQDzqcGDJ"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129500027 128847074
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146973d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_energia_limpa_2-15307955.png
www.opovo.com.br/_midias/reduced/home/ 23 KB
24 KB 83ms
75ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_energia_limpa_2-15307955.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86c5f6541755bcc63cab085cae7679be3583e6afefe5e336f977f4a8f5a59f4

Request headers

:path: /_midias/reduced/home/1_energia_limpa_2-15307955.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23868
cf-request-id: 09d5e880d20000d6c1d4a24000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-5d3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oLQIHqJzSabXPgWyeNT3G9EDToCpBGYWA9Opj6HGePFLoLLPyj5S4YwIx3oLDRrd%2Fgbfa8X6psLhcqi7zc%2BMycH9cL1HlBfJFa7%2Fs2v8Rm%2B2kz%2B1Wws3ZMvQLctP"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129958591 129533492
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146974d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 pause.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 83ms
75ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/pause.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094f185cfcb993d51c2047ca1ba82e1b4609fac9cdec41a4c464c55e5c4bef1f

Request headers

:path: /includes/assets/online/geral/imgs/pause.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 475611
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1708
cf-request-id: 09d5e880d20000d6c1e906a000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-6ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8%2BFoJMgUEO0F0CKK4%2F%2FkersnFkiBbBnn0StvsSWIEyz97%2B%2BfB0kS35QiNfrYxbnRRIW1aue4jEZ4ea4il05SIGGk%2BwogdtWMxUmtsJvwGWJW1y6cr7VHeKaneEKb"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 702677002
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146975d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png
www.opovo.com.br/_midias/reduced/home/ 17 KB
18 KB 84ms
77ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20026aa84c648fe8d0c406c01f503a37037ed007a4f63279abdd27fb8e69614

Request headers

:path: /_midias/reduced/home/1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17592
cf-request-id: 09d5e880d20000d6c1e1250000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-44b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qaTqlZRpkhZZLyBBKkQpuaCr7mie2MkCF43UeDxMGju6gB8KXvsGNmNvPs1Ze2n4ghcFtGxwrFfasJZ5bnhFG0GbFmOKOxjagT9M64y%2BM18cJ8TMRpsxaHSLgz8C"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319920 129533483
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146976d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 comunidade-nerd.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 3 KB
3 KB 84ms
77ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/comunidade-nerd.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090e68adead733e6c4f72552fe5d5808ea5ae87d937ed40de5a3ad72284ae1b6

Request headers

:path: /includes/assets/online/geral/imgs/comunidade-nerd.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320100
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2840
cf-request-id: 09d5e880d30000d6c1be32e000000001
last-modified: Thu, 22 Aug 2019 17:18:36 GMT
server: cloudflare
etag: "5d5ece6c-b18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BcYCpiyfmZmYl7BiATg%2F8p5E%2BZNUtdBU2rylJ6zOOYF7JLNOb6CWtEX1ZFRnNIOWLXufCfOpGx6hXqrgUBmUH36CGz%2BHduZSI8WGW6%2BM9Winth45oXYe5PG0dNTs"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1017774202 1019839045
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146977d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_cidade_invisivel-14730994.jpg
www.opovo.com.br/_midias/reduced/home/ 8 KB
8 KB 84ms
77ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_cidade_invisivel-14730994.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7ac24fc14f0e3646d4c3e1cecfdf596cf3dbae1e5fcdc43239a1b69585bbe7

Request headers

:path: /_midias/reduced/home/1_cidade_invisivel-14730994.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7942
cf-request-id: 09d5e880d30000d6c17f1ad000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-1f06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aAS9fdN8IzEKCs6phqYD1ZhO5ccneokOuBZ2%2FUe8INAwDi2E%2FuOQhIrZ%2F5ITDsBwcw8lzTs0%2BNYBTqGpc2Mt0pQNvIT9%2FajnXxSb71BG1%2FZLic%2B0AYbFzyWhLfnC"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 130319922 128847080
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146979d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 empregos-e-carreiras.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 3 KB
4 KB 85ms
77ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/empregos-e-carreiras.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3e883baafd0aa9d5f7e1ba2b49d6a9c458e2085bc0575d00a31d5bde3e5ac5

Request headers

:path: /includes/assets/online/geral/imgs/empregos-e-carreiras.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320100
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3141
cf-request-id: 09d5e880d30000d6c1840ac000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-c45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2OZTgTDVHEG8kyx2QKMtJ5cvem75oa%2F0svmjgKdXRbQKhYV7SG4QlISjB%2BsMBCl0lOe%2FLoMy5q4Lng3G1UYuxF25Gud%2BWIrZnASKanlnoGqAvbagVZkf%2FXwOMNHf"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1011256407 1013745466
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14697ad6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_3-14145342.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 85ms
78ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_3-14145342.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9197f7576ef57637c5e474669fd48214472afadac777b047225ce6ca48cf41cf

Request headers

:path: /_midias/reduced/home/1_3-14145342.jpg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3946
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7538
cf-request-id: 09d5e880d40000d6c19a9cc000000001
last-modified: Mon, 03 May 2021 21:08:20 GMT
server: cloudflare
etag: "60906644-1d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pBdOHLhpRIApsYu6TTVmhl%2F%2FZVdyxqqU0lZEtdrCXsTgsiEFrKI2TPOTwd1QaUwyJKoYaH8ExfSzkqr3IrHjIU5BZfs0XM8JyI1yG8y4d%2BnP3sWwzpS%2B8tVDC8uN"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129500029 129958091
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14697cd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29

200

o-povo-online.png
www.opovo.com.br/includes/assets/online/geral/imgs/
Redirect Chain

https://opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png

6 KB
7 KB

13ms
13ms

Image
image/png

2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713

Request headers

:path: /includes/assets/online/geral/imgs/o-povo-online.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290; _gat_gtag_UA_23310373_1=1; _gat_UA-23310373-1=1; _fbp=fb.2.1620080290433.550575146; __trf.src=encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiaHR0cHM6Ly9vcG92by5jb20uYnIuZXUyLmNhcy5tcy8iLCJleHRyYV9wYXJhbXMiOnt9fSwiY3VycmVudF9zZXNzaW9uIjp7InZhbHVlIjoiaHR0cHM6Ly9vcG92by5jb20uYnIuZXUyLmNhcy5tcy8iLCJleHRyYV9wYXJhbXMiOnt9fSwiY3JlYXRlZF9hdCI6MTYyMDA4MDI5MDQ0OX0=; __qca=P0-163150995-1620080290493; _hjTLDTest=1; _hjid=aaf3aaa4-d96a-4b0f-b127-3f85dd11fcc2; _hjFirstSeen=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442652
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6467
cf-request-id: 09d5e883840000d6c17e296000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-1943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SCN3agMe62AKyCkZZEZW7J4V1blC7mJDFf0Zssj3pR41X7jfYsO28gj9bfvdcp%2F7ReqJPCrCkdBwgGVjwFL%2BqY8jcwPndEu3znJedKDR%2F7sM6xp0hVBUDmcWJQRk"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 780602420
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd18df0ed6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

Redirect headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-origin: *
cf-ray: 649cdd14697dd6c1-FRA
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880d50000d6c19f375000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=URYTXsDrd0dbI%2B8ipr4rBkI%2B1mrJwmHoDEIOqNqFnH%2BsE31vZRqYMklubwPCPw3ZZNGmQzN47hqCW10UgWrFu%2FhzLBVL61zbJ18CV%2BfzuY2nCK6dQSikwsI%3D"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 133335058
location: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
cache-control: no-cache
content-type: text/html
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.6.2/ 386 KB
113 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.6.2/firebase.js

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88865e7ddaf27e6a197673760e1da312c5525f54af05cdcd9fa04bd07fa71c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 10:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Nov 2017 23:34:08 GMT
server: sffe
age: 388340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115681
x-xss-protection: 0
expires: Fri, 29 Apr 2022 10:25:49 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 91 KB
36 KB 35ms
15ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P5LXTSR

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

771b10af101d3ab6015b381063947cd41dcb1c3fc278593d8771eb953ca02b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36026
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:09 GMT

GET
H3-29 200 jquery-1.12.4.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/libs/ 95 KB
33 KB 20ms
20ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Request headers

:path: /includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442651
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880480000d6c1a51d4000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-17b90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ofDOjtcSrk0LsipB%2Bi9ODrN0miaVXylbCtaDEBsDQwbyy1jNvVSrp9ywnBmxKTiY04QgQF%2F1kdAyVjVJ0xoPyZzKwLAB%2FZMbv%2F1vjM7kIfQYNIO7vseEIf6bGsig"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 781223010
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd13a84ed6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 custom.js Show response
www.opovo.com.br/includes/assets/online/geral/js/ 2 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/custom.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15273ff1ac56f84eebc440688d39df383582d67ab9970a5ee5f2ed3ecdff2ba8

Request headers

:path: /includes/assets/online/geral/js/custom.js
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2695
cf-polished: origSize=4326
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880500000d6c16e2fa000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-10e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s9ixUcGVNMLh1B6EpoZ1pPU%2BBb23M%2BvuEEgU9VFzEJ%2FbnyWndMrrnJD82qIZEmH6Pa1ZEf4CdzMgKWCWMQa9yQU5qRiumdIXcbbem4A5f0xO%2BURIXk1QFLrjLmTY"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 467108935
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd13b85fd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 owl.carousel.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/libs/ 43 KB
11 KB 15ms
15ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/owl.carousel.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Request headers

:path: /includes/assets/online/geral/js/libs/owl.carousel.min.js
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442651
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880630000d6c1a51d5000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-ad3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L71vb6eNSiThZdJ4w2hpx3E6A9I4ifiHK%2FqStm4i%2FhlqiDQ9gv9WVKfjlanfRbcLY0xhsf%2B8VMTqvxKOfeoJmayfyhJjilqFPUe4Kr2wiLD00YgzXUJ5TaKkf5Kg"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 782305035 780640274
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd13d878d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 main.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/ 8 KB
3 KB 14ms
14ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/main.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e7822c35cdcf0e2ac5552f0ca767aed13b2cbf54d914ad8233c6b524ea85af

Request headers

:path: /includes/assets/online/geral/js/main.min.js
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880740000d6c1d2854000000001
last-modified: Fri, 26 Feb 2021 14:37:07 GMT
server: cloudflare
etag: W/"60390793-21b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WlxILSi5CuFS0p0JkR5NcSQ5uNqszBbjAXfXZ3R6P7nXlFYNliuLkwcvLTYGJDosWQCAlxfearxBKquYxjkkOMa1N1l2OEPprwEC0ZoMkE97QQksK%2BAC0GcDEBek"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1019873278 1009977428
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd13e890d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 home.min.js Show response
www.opovo.com.br/includes/assets/online/home/js/ 2 KB
1 KB 13ms
13ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/home/js/home.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818ec7e02e904eab6a9638557e17c3df7a981788dea3378baec71818df4aaf66

Request headers

:path: /includes/assets/online/home/js/home.min.js
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880830000d6c1932b5000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-69e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XVUEyGtO6lWlMdaRNjsbMGsuWCJio1LedwPqjFQCHjh7VO46vaJJsvOL%2FordZ7wNaP4uEnP9KCdD1GsnMN5YrPFoIDTAdnhSkCc4lYPD9nK%2F1qrw0Xx3UvqYGRPU"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1019708785 1020625469
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd1408acd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 check.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 127 B
844 B 15ms
15ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/check.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f58395f1404bd66a6685d12bf19baf7d6f340ad331b3388f5bf6f0cc463db7

Request headers

:path: /includes/assets/online/geral/js/plugins/check.js
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442612
cf-polished: origSize=159
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880920000d6c1be32b000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=itg6TSwQUTgJWVksZ%2Fz8MxdLPhk%2FxQZN5tRwxZW7cTshyN4j8CtsCeR3eBfwLEvCYaRzQkOYh2arsO4jFht8GYVZXfVUMs02wzEWLqEJp%2FECcb4gepvJxBy5uil7"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 781223022
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd1418c3d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 web-push-notification.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 2 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/web-push-notification.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfc998b6b2333e071601dbff62e890651f439e66179d3eb000241eefb17d85c

Request headers

:path: /includes/assets/online/geral/js/plugins/web-push-notification.min.js
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880a30000d6c17436e000000001
last-modified: Mon, 08 Jul 2019 13:38:17 GMT
server: cloudflare
etag: W/"5d234749-8bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Ff0NQE0kG6Pyl29FiuKjGxmqjAsUpPSqhcUvO3Afuv9y7Tx%2BRqSQUBVLPpLFFPcLUg8gjR7d%2BUcrjnslc9E4nPkyDyWxMS7wUID4KmQjAifHdg%2F4JjIo9o%2F6Jg8C"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1019873283 1011025592
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 649cdd1438e4d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 306ms
244ms Script
application/javascript 143.204.101.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54f93e9c10e60babfaaa671b990efaf804977c25a6de037d725376a240126d3d

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kcnXPsDERBBih5wkmjjg45SZOibEm2zo
content-encoding: gzip
last-modified: Tue, 01 Dec 2020 13:23:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"098e519f228be66f4ce201f3e941f897"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
x-amz-cf-id: c1sWTk6H2usiWZz7AYlDf7tIMXuOnV4d3FO9TxoNHxcKlVRxSio4qQ==

GET
H2 200 rdstation-forms.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/ 178 KB
48 KB 120ms
29ms Script
application/javascript 143.204.101.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23addc956464503578d051fa820a2c4529f2291dca055b2d62b054bb81cf8f88

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:02:46 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 14:02:28 GMT
server: AmazonS3
age: 1498525
etag: "7889178e61b8b03e10382e87fab9e3fc"
x-cache: Hit from cloudfront
x-amz-version-id: 8CuM2JQKANE3Qpwom.AL839TzNihCz7P
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: max-age=315360000, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 48643
x-amz-cf-id: 9d7gmM9mrFw_q6ZlsfLSNM2qB0o9Wg9_NhIkC7YYKt0VYRGrbUmlZg==

GET
H2 200 ws-TWHDNHFV.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
934 B 363ms
109ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cb7ef62603ce68e806e9f3f9fd2312c388263059871b9d0e690231ebf4256e07

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
last-modified: Wed, 31 Oct 2018 17:31:20 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"cca06fd081c7423a71325d0ea0324fb7"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 / Show response
c.jsuol.com.br/assets/ 142 KB
49 KB 254ms
15ms Script
text/javascript 2600:9000:2104:c200:12:c12e:4e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c200:12:c12e:4e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 43a07afa251885987480611f7a5f76c48949eb6556122ccffc2c6de6cb558707

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 10:23:51 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 10:23:46 GMT
server: marrakesh 1.16.6
age: 4708459
etag: "aec28d28f5b18ad6af40f8ca9f9de17a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=31536000, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: AMS1-C1
content-length: 49477
x-amz-cf-id: BBI-I_APtisF1fbd8rvnHR9ovTjnMJoVs-ocu8Cqvq8PsR2i-TesqA==
expires: Thu, 10 Mar 2022 10:23:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 13ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23310373-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2254
date: Mon, 03 May 2021 21:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 03 May 2021 23:40:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 67ms
25ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

1ce53d8ecdceefac029b4e05aac15a7ad0d7eac2b3a33f1824da8ae4c4f8be13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "861 / 109 of 1000 / last-modified: 1620079826"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21202
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:09 GMT

GET
H3-29 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ 300 KB
106 KB 36ms
35ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 03 May 2021 22:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:09 GMT

GET
H3-29 200 sprite.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 25 KB
25 KB 86ms
79ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/sprite.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dd8c3796600c28cb55f80e3b365e818144fc506624f1825538091e7eab9f15a

Request headers

:path: /includes/assets/online/geral/imgs/sprite.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442652
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25133
cf-request-id: 09d5e880d50000d6c1982a6000000001
last-modified: Mon, 15 Feb 2021 17:06:17 GMT
server: cloudflare
etag: "602aaa09-622d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BSQfq%2Fl7%2FYSWEnKq4w4WEK9ncpsssFhsKRLDdkzs3mdrnmY3mk%2Bepk%2BtFep82elNh0ExMdya%2FIBLxJIxjVlWPsmrGpz6Tw%2Bf2ByaHl0YJzyNK7rcdjnKS8BEop9K"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 781484461
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14697fd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-italic.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 35 KB
36 KB 85ms
79ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-italic.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d48f5f637187fe83bff6165783efb3dac15cb3d10ba166d92f37312dba9a4ad7

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
:path: /includes/assets/online/geral/css/fonts/oswald-italic.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442649
content-type: font/woff
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36200
cf-request-id: 09d5e880d40000d6c178b94000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-8d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ykfcCTasVYhur%2F7UOFXzcnQkDCEe65lNR%2F65uxLW6rRxtVyZ%2FaoaSSNZ22K7llRsQgG7rJe9IEA%2FQbAb22z9fzVBYRaAFllkDebK3QXFH976WvZXCbzzilzlJLNw"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 780602414
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd14697ed6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 o-povo-online.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 6 KB
7 KB 85ms
83ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713

Request headers

:path: /includes/assets/online/geral/imgs/o-povo-online.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 442652
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6467
cf-request-id: 09d5e880d60000d6c1ca0c0000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-1943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sgx3hEBPHEyfX9Z91PvzicBsiYb4QbfxkhlhmM2bQ3%2BShEp4fC7zrmY4eYAg2xoJ9PAs3xkYRuWUixhj9PjK0VWT6fQppI1e%2BxwpsMvJhTJMA7qHsWO76jrXjjZh"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 780602420
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146983d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 opmais-menu.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 84ms
83ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/opmais-menu.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c357602ca06d0f50246880e2594b175c3ac470110ed13ea8336e149d78e2de

Request headers

:path: /includes/assets/online/geral/imgs/opmais-menu.svg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328539
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e880d60000d6c1a6171000000001
last-modified: Wed, 14 Apr 2021 20:47:46 GMT
server: cloudflare
etag: W/"607754f2-946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PeYqWHMc9LOoRl69YWOequTOn2kyuz4f4%2FErBbsDvHjU4CRLLT3CdZMynZI2H22wlZ%2B5m2xqjOzZKNa7SFp96Z6GvsdOBFyqTCxqCfnRs1zA2GqXrIZpcopW4Xa%2F"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 998180690
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 649cdd148984d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-regular.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 27 KB
28 KB 81ms
81ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-regular.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e43467ea5d461a0509fc8b4f4fc544fc0fe66d4caaa9004b830a2c589466601a

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
:path: /includes/assets/online/geral/css/fonts/oswald-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320100
content-type: font/woff
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27752
cf-request-id: 09d5e880d50000d6c1a2ae7000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-6c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cWiQh4l8Qpzu6pOKzEEm15IIiUd6yiLUNGkt3bcULL4cp3Xy69fzj%2FXjVJsHxC1e2j587iU2McL87s8KdAZVEBNGLu%2Fq231a57CsLV6VqPVLbQEgsfz763tgUnXt"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1019708812 1009419938
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146980d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-light.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 27 KB
27 KB 81ms
81ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-light.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69de99231158e36ac4ce5d52a93af7a1574a4f79a8fd79b0d21b49d85105c3a6

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
:path: /includes/assets/online/geral/css/fonts/oswald-light.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320100
content-type: font/woff
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27212
cf-request-id: 09d5e880d50000d6c1e5890000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-6a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sbLIH5DvtwHpFkqou56mX9u%2FAkuiS9Ph9MeMBIPEnHHys3dd2YQBa2g01PqsI%2FC0%2BtWoKADeCVKGHBXOoyRJ%2FWW%2FcWfILADgTylBaODZHMJn9Wn3amlNsTdrE692"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1020756643 1011025598
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd146982d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 52ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 47ms
11ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 274 KB
45 KB 1042ms
1041ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2162795348329942&correlator=2044125666668359&output=ldjh&impl=fifs&eid=31060838&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210503&iu_parts=10216148%2C29%2Cbillboard_home%2Cbanner_bottom_desktop%2C2124%2C28%2C24%2C25%2C20%2Cteste_digitalpremium%2Cselo_jornal_home%2C30%2Cout_homeportal%2Clb_portal_home%2Cbg_home_noticias%2Cbg_home_jornal%2Cbg_home_esportes%2Cbg_home_divirtase%2Cst_portal_assine%2Cvi1_imoveis_home_populares%2Cvi2_imoveis_home_populares%2Cvi3_imoveis_home_populares%2Cvi1_veiculos_home_populares%2Cvi2_veiculos_home_populares%2Cvi3_veiculos_home_populares%2Cbe_portal_home&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F9%2C%2F0%2F18%2C%2F0%2F19%2C%2F0%2F20%2C%2F0%2F21%2C%2F0%2F22%2C%2F0%2F23%2C%2F0%2F24%2C%2F0%2F25&prev_iu_szs=300x250%7C336x280%2C970x250%2C468x60%2C300x250%7C336x280%2C300x60%2C300x60%2C300x60%2C970x90%7C728x90%7C970x150%7C728x300%7C970x250%2C1190x250%2C300x60%2C1x1%2C680x540%2C1x1%2C1750x720%2C1750x720%2C1750x720%2C1750x720%2C1190x250%2C290x300%2C260x280%2C260x280%2C260x280%2C260x280%2C260x280%2C260x280%2C1x1&ists=40961&cust_params=t%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1620078381&dt=1620080290026&dlt=1620080289737&idt=224&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C205%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C192%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4119730198%2C3278770389%2C765604454%2C894174196%2C2321965323%2C1611662773%2C318812021%2C2678070680%2C2257760347%2C2022424191%2C671498278%2C1008266836%2C4034438472%2C2530977655%2C1404135940%2C1363791537%2C567913026%2C1572472801%2C3121468511%2C2792545042%2C736315307%2C233207977%2C3653363857%2C557447621%2C3288225154%2C1754881613&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.opovo.com.br%2F&ref=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1190x150%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1190x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1717621182.1620080290&ga_sid=1620080290&ga_hid=925587003&ga_fc=false&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

823d1ec4c0ea5db30f9d8186d06d23012216da713d5a083a4a65ce667f59a063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46504
x-xss-protection: 0
google-lineitem-id: -1,-1,5675760410,-1,5395992609,5683055452,-2,-1,-2,-2,-2,-2,-2,5633797351,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138347374947,-1,138337188415,138348381137,-2,-1,-2,-2,-2,-2,-2,138341605907,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 59ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 24ms
6ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 logo-opmais-col.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 18ms
17ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/logo-opmais-col.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25ce31806de1eee3a851d1bc47e269def862c12fc7a6150f08c579f86f71014

Request headers

:path: /includes/assets/online/geral/imgs/logo-opmais-col.svg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e881520000d6c179b3b000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-954"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZFWjDQttltzBsgV98fWzdIYMUnuyBAAvEAaM%2FBWhxXEMLGWcClyUqu4Io5UQNUkQG3jMOpGwyRbsSLCzAw7XkGC8qcfBr9aKVknOpgO5zg0oDyNYlx73D4Bu3oYG"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1011256411 1015515584
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 649cdd155aadd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 chave.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 1 KB
1 KB 13ms
12ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/chave.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a45590a3bf9f39d72dd53301f9897396f2dfb19dc1d38f0beabc965c8351a2b

Request headers

:path: /includes/assets/online/geral/imgs/chave.svg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e881530000d6c1d2861000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-59b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AFi9IDwO6scdL3Bl3l%2Bi%2B5vQdF0Gmt94%2B%2B9SBXuLNKyemq2WsDROEYVVNjumxIJbc5jT7F47ReaQjDFp5nS%2BmaDeDT3PkeGSmKWSov1P4pvGEimFHg4L05mRhOXx"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1011256413 1006701164
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 649cdd155aaed6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 cadeado-cta.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 510 B
1008 B 13ms
12ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/cadeado-cta.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b4692dfccb38aa3b791b809c6475ccf144079687c9d9569849b93af6d03c89

Request headers

:path: /includes/assets/online/geral/imgs/cadeado-cta.svg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e881530000d6c16b9bc000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-1fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HRp1iXuHEDF1Yb0Jw8Uluf9OMf6BUi1dgspNAiMifH9mUbAlXJ0CrcPYh6WygNJYOX8T2TLob5dKxFy38gUKxwry3lqivV9mivlxiPAbAH%2Fxf1Zn%2FIv8DN3FP9VR"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1020756647 1020625502
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 649cdd155ab0d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 chave.svg
www.opovo.com.br/imagens/ 1 KB
1 KB 12ms
12ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/imagens/chave.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7323a82847be2df6a9510ec0ddcedebeb02b019f5ee092cd2da501ee094ad02c

Request headers

:path: /imagens/chave.svg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320099
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e881530000d6c17f1b6000000001
last-modified: Wed, 17 Jul 2019 18:55:05 GMT
server: cloudflare
etag: W/"5d2f6f09-59b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pl%2FFiviB4LYXyUtlpzaCHp4Y61%2B7LTLFwqHoVviEVxDf4U2K5i%2BUsbJuCEw%2BywUsST2gOy7FzQ17oNyl9FbhJHxxx4wqy%2BaCkFSalnjBiVJdxTk03O%2FvIHc8f1Cb"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1020756645 1016299729
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 649cdd155ab1d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 32 KB
32 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 10:30:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:03 GMT
server: sffe
age: 388087
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
expires: Fri, 29 Apr 2022 10:30:03 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T6KFSVV&t=gtag_UA_23310373_1&cid=1717621182.1620080290

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bacbb83008c40eb7e5159756c78659cbbc5691f1153c6936d961a412e80f997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35967
x-xss-protection: 0
last-modified: Mon, 03 May 2021 21:28:53 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 22:18:10 GMT

GET
H2 200 nobetaads&id=opovo.inter Show response
api.nobeta.com.br/ 35 KB
12 KB 195ms
163ms Script
application/javascript 35.244.156.216
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.156.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.156.244.35.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1b2fc79536c8ab2f98419ead1cc323c8945371c6e5019ed79f593e877d48a8ab

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 16:39:25 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=604800
alt-svc: clear
content-length: 12488

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
25 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: dO5wWXVnVbkXmIXvXhpKMakXxIuk0QW05qx7pC4nqHcOzWCqYiX2YWBEN/Y4wUeIEzLVaVSU2Xb5mUKEUupuzg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 03 May 2021 22:18:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 carta-portal-newsletter.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 4 KB
2 KB 15ms
15ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/carta-portal-newsletter.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18441c7811abba1194a8130a3ec786d24b4a9d8ae6e8486147e47856b5ca0d1

Request headers

:path: /includes/assets/online/geral/imgs/carta-portal-newsletter.svg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 320098
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e881a00000d6c16e30b000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-e6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TJBGsEWy3d4p8DlevRjo7uS0cmg5icVcfF0VajnFZHHrh2NZSTyVWyEsa79TxNMY9e8f04a0iTNLz7eYg1J88rjcZfWpav5Vv5MC5YVvTONlahaaTmNt0PYftcVe"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1020756652 1015515593
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 649cdd15cb48d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ceara.png
www.opovo.com.br/includes/assets/online/esportes/imgs/ 4 KB
5 KB 24ms
24ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/esportes/imgs/ceara.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc27093a7206bc10971963a8ce40453a4f0c6a01754559009c6f00cb3498d65

Request headers

:path: /includes/assets/online/esportes/imgs/ceara.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328367
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4600
cf-request-id: 09d5e881a00000d6c1ba0da000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-11f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s9vBeZX%2FnAO358ZOyqvU8bWL3K1et5x1JW12joiEEbdTabbVdZaczp74Z5EYJBnhw9g702lcv9h1nDnDrbKoRyroVUgkXXgIgVcFEZM3ENwnXinNsBj2PS8T161e"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 999067033
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd15cb49d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 fortaleza.png
www.opovo.com.br/includes/assets/online/esportes/imgs/ 5 KB
6 KB 12ms
12ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/esportes/imgs/fortaleza.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bba4ee8766e7683a421df6e1c097c303b940d05b3f8139a01bc0ec910d9b6c8

Request headers

:path: /includes/assets/online/esportes/imgs/fortaleza.png
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 328367
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5293
cf-request-id: 09d5e881a00000d6c1bb9a8000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-14ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dL8yk4wo0MS0FxoBMZgay3x4AVvNGKQzUkIljBOu%2FR%2BX%2BfKi8ONWjrDo6bKjDnDp2rEEsht32sqUjOGtk80mJ81XwLSFpbniZ1V7zPNOXCpVoL2qk5Y4vpnSsUyp"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 998180779
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 649cdd15cb4ad6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 top_esportes.json Show response
www.opovo.com.br/_files/json/ 1 KB
1 KB 21ms
21ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/top_esportes.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799e325a27aef6ef42037daae3cb419a6931173c2b09210a8b386db96461f39a

Request headers

:path: /_files/json/top_esportes.json
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 265
content-type: application/json
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e881b20000d6c1cc8e9000000001
last-modified: Sun, 02 May 2021 04:34:04 GMT
server: cloudflare
etag: W/"608e2bbc-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6SCP5OgdOTMeYFtYakO%2F86fT0E1XmEvodeGoY5fj2yD2syyglm9hZbTQaFY6I9HuBLUevUqSWh9uXx7WKZJpJ9E6EJWi0zGWPRzkZxXUKsXVrL%2FYElzGUFBw7WxY"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 29984504 32113212
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 649cdd15eb62d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 200307651652585 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 60ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/200307651652585?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67f308c82c94beab0f19774ad46800bf75374459d800718fc2684c3fedd5a639

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: JklJ37mzf6VrvZE+CG3B8luE2cNJ4/C1lnZsBkIpJDDw+DPpDRjvOveFsfJhNmzRlwifF6fKBqJmuJMRQLi3aQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 03 May 2021 22:18:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 opovo_online.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 7 KB
3 KB 15ms
15ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/opovo_online.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e7384be3ec1e42038e5e414d62684acee8a12c0be98fd8b4ccb480d20c9435

Request headers

:path: /includes/assets/online/geral/imgs/opovo_online.svg
pragma: no-cache
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 319807
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e881e20000d6c1a51e9000000001
last-modified: Wed, 14 Apr 2021 20:47:46 GMT
server: cloudflare
etag: W/"607754f2-1d7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n01T1g3DPad3MlWk84u2jPDzi5rvPCrQDnYhXTJkZV411MRn5sPis72PcP5mrshGf1qoAE3jYaDFZfwGqnomREMVhW7r0WgUD1cy2j5dq1AR1PT4YKSQIoEK9M2r"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1021051937
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 649cdd163bacd6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 68ms
22ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 77196
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1620080290.340148,VS0,VE0
x-served-by: cache-hhn11529-HHN

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=925587003&t=pageview&_s=1&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAUADQAAAAC~&jid=2075343974&gjid=814180781&cid=1717621182.1620080290&tid=UA-23310373-1&_gid=1337148515.1620080290&_r=1&gtm=2ou4l3&z=2050396664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=925587003&t=pageview&_s=1&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAUADQAAAAC~&jid=1589690639&gjid=1538427582&cid=1717621182.1620080290&tid=UA-23310373-1&_gid=1337148515.1620080290&_r=1&gtm=2wg4l3WBWHQHX&z=1624772662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 404 destaque_home.json Show response
www.opovo.com.br/_files/json/ 145 B
718 B 700ms
700ms XHR
text/html 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/destaque_home.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290; _gat_gtag_UA_23310373_1=1; _gat_UA-23310373-1=1
:path: /_files/json/destaque_home.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 649cdd168bfed6c1-FRA
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e882130000d6c17f1bd000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CmOM26tiDTFndf%2BP5A%2F1rSXLdq8oAesLFKD%2FxcZBHbyyH2zb%2Bkj8QkGMpcirsXcOobn99xCrTrVvOTypziP49uLzyUTlyLRggGYuy6RA1O1XuvJpS8JhLzXsahPy"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 129768584
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html; charset=utf-8
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 top_home.json Show response
www.opovo.com.br/_files/json/ 3 KB
2 KB 12ms
12ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/top_home.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b80e4e8ad44f6731194e67f048cc16ac44e846f47004c1d1bd43f8e85110ca62

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290; _gat_gtag_UA_23310373_1=1; _gat_UA-23310373-1=1
:path: /_files/json/top_home.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 225
content-type: application/json
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e882140000d6c1d4a34000000001
last-modified: Sun, 02 May 2021 04:34:18 GMT
server: cloudflare
etag: W/"608e2bca-d5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PWoKSZ2i5EWdJW244nsDi8hKn47C6CpWJAE9VzpfDjoqRYXBM1HvHi2GUfJ8FrepC3TnjUFGAa1lvlZbkmIlScWaGCvS4UgJwjE6sJJKHUBFQXNocmdYY0pkcwM8"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 30901488 31162681
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 649cdd168c01d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 trend_topics.json Show response
www.opovo.com.br/_files/json/ 9 KB
3 KB 731ms
730ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/trend_topics.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275010df0c29146776d4137aa99564ee11c42658fd1e41afe22a8fef48c67b9d

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __cfduid=d1fee0fe3646d04f62853040eb2afd2051620080289; _ga=GA1.3.1717621182.1620080290; _gid=GA1.3.1337148515.1620080290; _gat_gtag_UA_23310373_1=1; _gat_UA-23310373-1=1
:path: /_files/json/trend_topics.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
via: 1.1 varnish-v4
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
content-type: application/json
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d5e882160000d6c1e58a0000000001
last-modified: Sun, 02 May 2021 04:44:05 GMT
server: cloudflare
etag: W/"608e2e15-25e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GAvVCP6XBKFFx23s9bJRv89FNoFtIktEaf4c8qt0XSWMZwywPFfvAxTjnVCkn%2FJ81%2BhVpQDt%2F5dbhkX0YzIb0P6RUz8fhaRvAFvbDEnJ%2FRmADTiU2zfWUurhgVvf"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 30901490 27856132
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 649cdd168c06d6c1-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 hotjar-199973.js Show response
static.hotjar.com/c/ 3 KB
2 KB 128ms
56ms Script
application/javascript 65.9.84.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-199973.js?sv=6

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

677abb499ec70dc5df680ff4d89b0713c526824b9863651c22a4ae01e1b53c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
etag: W/cabf8272137c55e86b2cb8cd4f33cfb2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1532
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
x-amz-cf-id: XKwMEmEgLJnfjynCRZJZ8u3mwSp-F5dpO1uZsLbCVaG_bKB8_lSbJw==

GET
H2 200 escolha-de-newsletter-5b7e7a60e997e46fe455-html Show response
forms.rdstation.com.br/ 39 KB
39 KB 386ms
122ms XHR
text/html 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.rdstation.com.br/escolha-de-newsletter-5b7e7a60e997e46fe455-html
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 52ecb1bb746a09526edf118c79dd612045a3e411317ec429a3ad440475f79101

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 May 2021 22:18:10 GMT
content-length: 39755
content-type: text/html

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 16ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=2075343974&gjid=814180781&_gid=1337148515.1620080290&_u=aChAAUACQAAAAC~&z=57426321

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 03 May 2021 22:18:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=1589690639&gjid=1538427582&_gid=1337148515.1620080290&_u=aCjAAUADQAAAAC~&z=327383598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 03 May 2021 22:18:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 3 KB
2 KB 492ms
115ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=TWHDNHFV&h=https%3A%2F%2Fwww.opovo.com.br%2F&t=1620080290349
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 98c82da015cdd0682e691be4e0c7461791002c2027d7e987f80d8004efac1d3c

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:10 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 75ms
24ms Script
application/javascript 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:48:23 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: CUHyHNZrsmXxQC-Ze5b2g05-yLdSLL21rCleJPtgmdEut5tpcp2vxA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 25ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 10 May 2021 22:18:10 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 28ms
28ms Script
application/javascript 143.204.101.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 01:29:47 GMT
content-encoding: gzip
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
age: 74903
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: P7ZR_5vcz7VWVSl6P0ObveBYnEtFKKRi61limlKmALowAZr4x5GfQQ==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 28ms
28ms Script
application/javascript 143.204.101.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e1d05b67320d633e28903abf74d8d6d447bb482ca6cf25e8b75c011bba11191

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fvUeuGFBK7nhwvE_ycf2sTAfAQff3DpI
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 17:57:29 GMT
server: AmazonS3
age: 33966
etag: W/"79eba5359f199f99d84acbac958db7bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
date: Mon, 03 May 2021 12:52:05 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hw2Em-amJnIUyIs-hrw37UZYW8JTehy1ABZcdigPLxEaIGSu1cIWIg==

GET
H2 200 index.jsonp Show response
geoip.canais.uol.com/ 32 B
416 B 1090ms
648ms Script
application/javascript 2600:9000:2104:6c00:1f:f9d:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
Requested by: Host: c.jsuol.com.br
URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6c00:1f:f9d:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 8a5d5b04058d52772fc46f83376da4139e4b135d4c73ae262a19faac21860678

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
server: nginx/1.10.1
x-amz-cf-pop: AMS1-C1
vary: Accept-Encoding
x-forwarded-for: 2a01:4f8:192:5414::2
content-type: application/javascript; charset=UTF-8
via: 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-cache: Miss from cloudfront
x-amz-cf-id: goz669m77udJxmI6z-ONjWKwobxrEuUr0wFweEUgz4y9fdiqQUms5g==
expires: Mon, 03 May 2021 23:18:11 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=2075343974&_u=aChAAUACQAAAAC~&z=1509992147

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=2075343974&_u=aChAAUACQAAAAC~&z=1509992147

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=1589690639&_u=aCjAAUADQAAAAC~&z=1609729071

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=1589690639&_u=aCjAAUADQAAAAC~&z=1609729071

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
362 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200307651652585&ev=PageView&dl=https%3A%2F%2Fwww.opovo.com.br%2F&rl=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&if=false&ts=1620080290435&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1620080290433.550575146&it=1620080290270&coo=false&exp=l1&rqm=GET

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 03 May 2021 22:18:10 GMT

GET
H2 200 adsct
t.co/i/ 43 B
456 B 168ms
127ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3wvj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.opovo.com.br%2F

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 03 May 2021 22:18:10 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3ee571920faab743e3fb0332d2c5930aee6929242ce56bbc256d968aad447acc
x-transaction: 40ea0c45295ef051
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
428 B 43ms
13ms Script
application/javascript 2600:9000:2104:3c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 12:32:57 GMT
via: 1.1 362b298821815168614ba932732916eb.cloudfront.net (CloudFront)
age: 35114
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: yAxhY49M5udm3WLOCyjeTekjTJ8XIQtmR6mzd1ltUFoPtOGn6-RO3A==

GET
H2 200 prebid4.17.0.js Show response
s0.2mdn.net/dfp/517466/4406976690/1606854627803/ Frame 1106 222 KB
72 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e6a8af98d6fbff175f0a9521f1f9c92a045df3040dff49955b8a7ab6705806b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51280
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72927
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 20:30:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 04 May 2021 08:03:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1106 61 KB
21 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

929d55f44b6859b8385961bea281e980a7cf294adff1a1c036568cbf3c65ae5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "861 / 809 of 1000 / last-modified: 1620079826"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21205
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:10 GMT

GET
H2 200 tm38259.js Show response
tag.navdmp.com/ Frame 1106 13 KB
4 KB 18ms
17ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm38259.js
Requested by: Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11cf5c1245d3c47555619c67ceb9ae543a7e8c56346e007147e1671652abbedc

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1392
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 09d5e8829d0000c2d185267000000001
last-modified: Tue, 30 Apr 2019 20:21:02 GMT
server: cloudflare
etag: W/"5cc8ae2e-32bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 649cdd176f35c2d1-FRA
expires: Mon, 03 May 2021 22:54:58 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1620080290465&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%...
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620080290465&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F...

64 B
327 B

33ms
32ms

Image
image/gif

65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620080290465&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: xyBp3VPv18K_ZEgUePjMRg1dKYMecxCcVAt8iZ27sfa8duJ22kAVNw==

Redirect headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620080290465&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F
content-length: 285
x-amz-cf-id: BAtemjGNuVcue34YXA5DNvgmpAAZG3JoH0DO0RaML5-2kWgHrGOeiw==

GET
H2 200 modules.acd1e3ca8924f78252e3.js Show response
script.hotjar.com/ 219 KB
58 KB 84ms
30ms Script
application/javascript 54.230.183.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.acd1e3ca8924f78252e3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-199973.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.183.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-102.ham50.r.cloudfront.net

Software

Resource Hash

259606f4b4d145e9df6691631e3d4c0f6c4fa9e1aa8698de748c9f074dfd15bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 11:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39482
x-cache: Hit from cloudfront
content-length: 59051
access-control-allow-origin: *
last-modified: Mon, 03 May 2021 11:19:25 GMT
etag: "7c1b312e3af8869f398ea1f0f7cf2501"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8d3c7354f6dd468c356ac4e604ec81fc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FfbzdPIS8pGEMEP26NySpSu6CjGsJoVU4Xg2KUbUeE1Iih__L32vjw==

GET
DATA 200
OK truncated
/ Frame 1106 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b41b48a3d15971ea519172e34c9119773e1ae2cd958aedd72ae3562a3a2c62d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 1106 1 KB
2 KB 24ms
24ms Script
application/javascript 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 21:48:23 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: XIEPIFGI9y9tsf39Jen6AV087xn0MOMEbxcSodiSiS9Q15nyrTpZEw==

GET
H2 200 pixel;r=357289841;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.opovo.com.br%2F;ref=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F;uht=2;fpan=1;fpa=P0-163150995-1620080290493;pbcn=u;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=357289841;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.opovo.com.br%2F;ref=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F;uht=2;fpan=1;fpa=P0-163150995-1620080290493;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=opovo.com.br;je=0;sr=1600x1200x24;dst=1;et=1620080290493;tzo=-120;ogl=locale.pt_BR%2Ctitle.%2Cdescription.%2Ctype.article%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Awidth.150%2Cimage%3Aheight.206%2Cimage.https%3A%2F%2Fwww%252Eopovo%252Ecom%252Ebr%2Fincludes%2Fassets%2Fonline%2Fgeral%2Fimgs%2Fopovo-online-img-og%252Ep%2Curl.https%3A%2F%2Fwww%252Eopovo%252Ecom%252Ebr%2Fhome%2Findex%252Ehtml%2Csite_name.Home

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1106 300 KB
106 KB 28ms
28ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:10 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 1106 0
178 B 516ms
172ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.opovo.com.br
date: Mon, 03 May 2021 22:18:10 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1106 144 B
1 KB 133ms
72ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

099a459c4c53de372b0ac39bae945609703ccb5c35773eebe44a6efb0f7e3eb8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:10 GMT
X-Proxy-Origin: 91.132.136.84; 91.132.136.84; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: e8f12bfe-8c52-411a-a157-d2ac31ed879f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.opovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 501 ADTECH;v=2;cmd=bid;cors=yes;alias=9d13f57cebc2a4;misc=1620080290530; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11471.1/5252473/0/0/ Frame 1106 0
193 B 382ms
362ms XHR
text/plain 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11471.1/5252473/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=9d13f57cebc2a4;misc=1620080290530;
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:10 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1106 0
146 B 106ms
38ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.17.0&cb=8736350306
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.opovo.com.br
date: Mon, 03 May 2021 22:18:10 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 6BA8 1 KB
1 KB 104ms
34ms Document
text/html 52.222.183.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-199973.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-60.ham50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: rLqPsTsd4mc6U1ClE9en8qJ2buSi8IdiRV0l5dLpl4PQIFPbSkMjXw==
age: 2959658

GET
H2 204 b
sb.scorecardresearch.com/ Frame 1106 0
335 B 39ms
39ms Image
text/plain 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=28130334&ns__t=1620080290536&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: w63vqgPNNAY-KXXX5esUa4q8HrxXQjUbgtJsLl2T8fANQi33PliLQw==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 2 KB
1 KB 119ms
119ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A37F4399D7AA3355&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1620080290845&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=TWHDNHFV&h=https%3A%2F%2Fwww.opovo.com.br%2F&t=1620080290349
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: e87e3824f14022ba4a9d099e3fbc4b802a677cc00bc684fbb507e633fe1518de

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:10 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200307651652585&ev=Microdata&dl=https%3A%2F%2Fwww.opovo.com.br%2F&rl=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&if=false&ts=1620080290938&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo%22%2C%22meta%3Adescription%22%3A%22Not%C3%ADcias%20de%20%C3%BAltima%20hora%2C%20an%C3%A1lises%20pol%C3%ADticas%2C%20neg%C3%B3cios%2C%20opini%C3%B5es%2C%20esportes%2C%20entretenimento%2C%20podcasts.%20Tudo%20isso%20%C3%A9%20O%20POVO.%20%20Somos%20multiplataforma%2C%20comunicando%20h%C3%A1%20mais%20de%2090%20anos%20a%20hist%C3%B3ria%20do%20Cear%C3%A1.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%22150%22%2C%22og%3Aimage%3Aheight%22%3A%22206%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fincludes%2Fassets%2Fonline%2Fgeral%2Fimgs%2Fopovo-online-img-og.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fhome%2Findex.html%22%2C%22og%3Asite_name%22%3A%22Home%22%2C%22article%3Atag%22%3A%22%22%2C%22article%3Apublished_time%22%3A%222021-05-03%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%22%2C%22article%3Aauthor%22%3A%22https%3A%2F%2Fwww.facebook.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fbusca%2F%3Fq%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1620080290433.550575146&it=1620080290270&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 03 May 2021 22:18:10 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 111ms
110ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A37F4399D7AA3355&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1620080290845&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A37F4399D7AA3355&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1620080290845&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 17:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362833
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 17:30:57 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 211ms
210ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A37F4399D7AA3355&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1620080290845&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 212ms
212ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=A37F4399D7AA3355&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&sr=direct&ts=1620080290845&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Wed, 06 Mar 2019 17:07:49 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 23796

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1106 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1106 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1106 483 B
285 B 104ms
104ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3548502355374588&correlator=4111800195610701&output=ldjh&impl=fifs&eid=31060841%2C31060735&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210503&iu_parts=150684666%2Copovo.alert&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C468x100%7C320x50%7C336x280%7C250x250%7C320x100%7C300x250%7C300x100%7C468x60&fluid=height&eri=5&cookie_enabled=1&bc=31&abxe=1&dt=1620080291051&dlt=1620080290455&idt=106&ea=0&frm=23&biw=1600&bih=1200&isw=470&ish=290&oid=3&adxs=-12245933&adys=-12245933&adks=2027262203&ucis=zd53ff5unxgo&ifi=1&ifk=3747141809&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.opovo.com.br%2F&top=www.opovo.com.br&vis=1&dmc=8&scr_x=0&scr_y=0&psz=472x136&msz=0x-1&ga_vid=1717621182.1620080290&ga_sid=1620080291&ga_hid=1244127067&ga_fc=true&fws=388&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

80b153fa787bf51a60d38c8362d731bfb2237eb5e721748f8521be0cd0e8995c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a98c86199db062a0261c4f6ce3aded41.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1106 0
0 52ms
13ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a98c86199db062a0261c4f6ce3aded41.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 1106 0
0 16ms
15ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 14 KB
3 KB 13ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3632604
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2295
cf-request-id: 09d5e884f400002c4ef2bbe000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-38aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E2ykASiv2GjluvyeYuZU1wm41uRv2kxVILfqUyoMYvfDOcMOesJ%2B%2BLTqcZaprc%2Fd5UBAwxFCjul9eVJGMwN0d3qZfktfZi%2BIalRWJbVhoRRSOuO%2B1VpMAaNDFJDYGD%2Ba3g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 649cdd1b180b2c4e-FRA
expires: Sat, 23 Apr 2022 22:18:11 GMT

GET
H2 200 ajax-loader.gif
d335luupugsy2.cloudfront.net/images/ 847 B
1 KB 28ms
28ms Image
image/gif 143.204.101.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/images/ajax-loader.gif
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:08:46 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Wed, 29 May 2013 14:22:07 GMT
server: AmazonS3
age: 7333766
etag: "af962b37779a443a77ab836b3b7a93f5"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 847
x-amz-cf-id: Xz3nRDbg1tBqxeATrE80C9nUET7cED0-9ePGJ5lHnU7OMzPJbvG4eA==

GET
H3-29 200 container.html Show response
7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2EE7 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 03 May 2021 22:18:10 GMT
expires: Tue, 03 May 2022 22:18:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 container.html Show response
7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B1A5 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 03 May 2021 22:18:10 GMT
expires: Tue, 03 May 2022 22:18:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2159 0
0 57ms
57ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuOQqQ6kwzfw_szp1QSG-8uzCuKoSRIqk3x_Etmaw1HFiQnhjhAfJy3Clo-t_CMUk7hOMF8iK0Ungio8mY4yA8DMDanycE5HVXhsqPlB8vxxwfyTzTFxxRV3ZXka_BESHKo3HcUXKdTTb45KI8Rq3dPe-yYFikMYY2YkSqj7AdVrJR8zfC9wKsA0NBJE-CVXxUEBgcIh6YZtSVRlQB7eFNMLQCh9oTkHOFpUGGs_Exw2otyFEeNFhRYOcOYn6iuC3Tmamk1B9__tFZX_wTw2CMwVFSvHFzWsHFM3h-90-TMwdl-4pa2Tcf6narSg&sai=AMfl-YSoWNpZ_v5G6FUBXPHUK4OSXRisp44wrqvou6z87n0RQjOlgAbhauUNKtOiDme_EwEO6eGwftMB6N1B1eN2oF9vkuXBTS91nJLav_qaxbdQPdqFfFytBj7hcK2Pt4l2&sig=Cg0ArKJSzK1_HNg3hPWkEAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 2159 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:10:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 2159 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:08:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2159 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 2159 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5rV4msx-RlF2y7DmfL_3L5qIOj1_SzF5x1etkPVlyKHcAbjGNLaZvRduy3Zi4Qsfws7cq
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 11050609698760252885
tpc.googlesyndication.com/simgad/ Frame 2159 11 KB
11 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11050609698760252885

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4653897fa212130fb903edef7589c0e0e8fd2e7b89140eca46359c1110bf2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 11:20:33 GMT
x-content-type-options: nosniff
age: 39458
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11118
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 19:04:11 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 11:20:33 GMT

GET
H3-29 200 container.html Show response
7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D46B 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 03 May 2021 22:18:10 GMT
expires: Tue, 03 May 2022 22:18:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 95D1 0
0 54ms
54ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDWP5UzuZPb1UYRm2Us5lSKwvks4x9euXA9XYjeOP5IuiPCgsDN8QykZTyIrGrtpYRD7JEvkMj5gUtiz8zu93N8TnaKDeLbbHazbPrrTqaITwc0aU_GsTdNJT5NPDl_1mJ_ehatAFJgwEilxEyn5IY2qRQfjgldYjxiG841fOpSrB0ZrkiOYApfZMqyHoNUVfE9OaQu2xnatuLwAQj4-Xwf3L_5eu59jM8BqvY6rO9oYsLO9m6XSGshCeDGmtVtqIHHR0VNf62vXhlyajxzxZ2RzOhgrCYR0C2OPzX&sai=AMfl-YT7mrS2mYVNRtEEgdaBv_N-qCTIvq5ioD4kpRu-Ei10EBYYJp47zSn53hfhXRsC2a9zS4a_fQq2t1StJc5XAcUPkFEqomN5J7KLr6-S14Vs08pKWWjV7WeOPzGZjdL3&sig=Cg0ArKJSzPVoZ8n2J5hEEAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 95D1 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:10:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 95D1 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:08:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95D1 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 95D1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDHUfujouOeE5f1JmZ3zlEREYe5lgwIe6qmXJTyxkfQgyQ4UXMH3HoAKrDBWpWzKtn1kIl
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 14432587810747166405
tpc.googlesyndication.com/simgad/ Frame 95D1 10 KB
10 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14432587810747166405

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a376f672c12525ddb21faadbf8f4b31422c99bd44b16c723d018b7ff7e2a5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:21:28 GMT
x-content-type-options: nosniff
age: 302203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10364
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 22:14:54 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 10:21:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C398 0
0 56ms
56ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuq9iBTv1wiZTKKFzAJ59dhVdaWCpdWVQuerZ0S2oZWrrViG42yJVO9Vllo8mo1BS2jhM-EzeiFtIoi8Udtu76cTosX04fYponfeXCqCwIMdjMFDTTUMVXJnlX5CUh-BhLnr6E9BBdk78ECcidK05Tp1Ilp3PADsv0nIChFDzWdb-lXjhu6gJvR17Jgx0T8nTWG7N52enIyZ0lG3GuC5Lej2UsuyGfVVgBbWEw1Z1VSxmi2KRE9sIN25bl7_Yhk6ZwOoOVLxjg7xy9VZqjqwDFmYsruHwIfw4V-MTX&sai=AMfl-YS2ux3Bzhd9eRt3lSw3cWp-r9t42dSl7xr1XOrSebmgqTooM1pYreLD5eA_R5YYCb0k-dbfa8arKzB-nKG7iC4WFaKmHhpLSqMxfAhsZZfdlFhVwEJqCblBW2eRQGPv&sig=Cg0ArKJSzPZDBuYUchUWEAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame C398 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:10:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame C398 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:08:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C398 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C398 0
0 17ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLt_szUkDvbynjcKkWCZP3FebqnEgu_32s6Uatgf4ny3hburGOsYaTPzNXaYJby_9H8Hen
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 11037313757424906374
tpc.googlesyndication.com/simgad/ Frame C398 20 KB
20 KB 11ms
8ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11037313757424906374

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e839ebca59800c075c4a55aa5798a17b648d63ed4072de13e51eb9db8773b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 18:15:10 GMT
x-content-type-options: nosniff
age: 14581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20362
x-xss-protection: 0
last-modified: Mon, 03 May 2021 17:55:20 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 18:15:10 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 81B0 190 KB
54 KB 44ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 132373
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 81B0 12 KB
5 KB 49ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 132373
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 81B0 87 KB
27 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 132373
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 81B0 27 KB
9 KB 39ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 132373
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 81B0 40 KB
13 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 132373
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Sun, 02 May 2021 09:31:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 09:31:58 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 81B0 3 KB
578 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 22:07:10 GMT
server: ESF
date: Mon, 03 May 2021 22:18:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F7EC 0
0 57ms
54ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbPyzqb9LJonu8lQbVihGCfD9KlhJOpx6Q3uG9pSXQ2Tn-orB-S2uHvtj46Sam7dpPwIBbk-2RPlaQ-PMSkauG_NybNt7Rv3VyuMeeaMlXp94Hg9fgxl1QXXkKG6oMLe3bZ0qSGZaA29dY-sOji39eXHepBEvWeAxkei9UZFEW-e-29eiRaQTybjiBJuptf_VJqdmGDuayhZYhdn2RiGbweI9snJtNjfCsp325X6rhxndmkuNFuHjbTbDCOimTmaHpIdx_i9122nRb-OyFN37vEz_qhR_vH5bvlHys9j-FUpL4fzqTLI_dzwY&sai=AMfl-YROWpi2dHu1nwngZzP9ZCOSv_a5UzAJiaVRxigGSWT7c7IXJN8VIQZJxAjyqOgoyMCQFLia6_r2b8UKQCk3Zl_S4BUJCa1GMZXFaCUunv8cxP9umZfEG-GmdEKZi9vJ&sig=Cg0ArKJSzDZGvTOeSGToEAE&adurl=

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame F7EC 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:10:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame F7EC 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:08:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7EC 116 KB
35 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F7EC 0
0 18ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyMJyqbPvfU3Pq45VMHkraJKxc1MfSZUqNRdFPRjAXGEXSjxQMcQWoddalPvlJYWjRMFN1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 10413968944053805573
tpc.googlesyndication.com/simgad/ Frame F7EC 95 KB
95 KB 14ms
11ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10413968944053805573

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aaa8510085c6d11c9e9fc034d175892c396440982026b8fb450c1bf3ca9625d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:23:02 GMT
x-content-type-options: nosniff
age: 42909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97502
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 18:04:12 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 10:23:02 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 81B0 3 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 06:20:02 GMT
x-content-type-options: nosniff
server: cafe
age: 57489
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Tue, 04 May 2021 06:20:02 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 81B0 344 B
368 B 10ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 46342
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 04 May 2021 09:25:49 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 81B0 0
0 58ms
56ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUG7JonaQYJn2Ct7X7_UPtIS-sAi848zLYtPqqJ33DJCUxazMBBABINzX-yJg9ZXOgeAEoAGjwYrFA8gBCakClKHuba9msj7gAgCoAwHIAwqqBNgBT9CNhzMgBWfeITl8cFYTU84WqWskqjPGnM681WBLTzUMloBwoE0i3p6BL-W-FEPo87JyZqGKwMx5FdS3MzvKlymX5Ey69SwgAAwlseJrrFjqyLbRRFytG86l2qIOKHScG_k-co5Y4ielE07exoZVmtKddVKI5szp9x5lu6g9WMPeyLCIxn4vIaJccqRYabatNx8DbQp04W3OS3UirdEV7Vqn14ff_jwek9S5263t_GwUG1UUyOtVWy9sYkLzM9GRprI9WAYVy8oL8R5wrneEowYxgmJAMDWlwAT99c_rqwPgBAGSBQQIBBgBkgUECAUYBKAGLoAHxb71OqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDyziPSCAkIgOGAQBABGB2ACgPICwG4E4gn2BMNiBQBshcaChgIABIUcHViLTUzNzc1MDAyOTQ3MTA0MDc&sigh=B_81JzvMuqA&template_id=5000
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1106 10 KB
8 KB 40ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83ee468c886d12089cf956d1a3dfddb171ebc349b11f6cf1acdc8f500d627fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7663
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2159 0
0 63ms
63ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWI1kqlFEQYw7O_d4MHiElAyAwYri5q32KK-plM0dUDoE8qBz1XtPmOtEFHpKe-fV6K9j5r-C55cyhAyhYFDizLpzWJ_oK2LflbzmgcUpzoLAC51Opg4ITFMDlfGR6E7RhHNp2W5Cp0ez9-S6S6thMqR5gElaB6snLfHHgWTxLUf7bktWVqUTfKSuHzPxp5ysyFqnANIQUdisc_eGAAFgYp10SYypkWr_Hi9TJvPbibeWSKP6dW-KZC7wjdiHDphIKI6AS5u0Edze8-0BnNEPm3nY7ukdjTDXlCGT81QAXCg6lOOl6kcVdf17tsDuA&sai=AMfl-YTckoHQ-ncB8DbrXZranlnWDoCV2rM-4VLCmwb5LFDYaN8UjSHYtxcrSUj6eHR6vgTLHWvEBxfBhSfybu2y39uEhzw5KW3EfJ6hmbnYaD5Vo-0lDRJvy4XkbzpMypht&sig=Cg0ArKJSzDhakhEBSCLPEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 22:18:11 GMT

GET
DATA 200
OK truncated
/ Frame 2159 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aae567ebb6c57dd57f9a707342c89ebb71da10379074ad34737a1b89d3accef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 95D1 0
0 54ms
53ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvW4nCBymfJp0BYoLL0USVrcXB7no-vvTjGC2carwfEGswYHqpe3InoXVsIqr91R8uZzx_fAmHMNVgYRpnLbF0xpzpe291iWQE1Cvj-Ws_AMNkvjVh-gU4fXn6kccwU5dC_cHRfWiBFvJ6ateamJMPgJB02hKGvr4_f-uTgHUrANnINLq66m-eO1TbYqOkouJqRYvgVXfUEWhBGGa1tqBr2eYx3d0afv-IM1GQy0K3YOC5ga5Uo2p2Zxha0DCqI08_W2l7BAC4ADkcYMrKhb02VjEiGmRexwl4FcX3OemQ&sai=AMfl-YTU8wRzT0yQYW3up3-LH5MlXry6dDhjUJZV1o1SzCUzCAyhW7AQyv4pBxKVjwzKpvOUpKYFElScCERBPj3dk-q4Zq-FgxLoe2QjGg6WAnpZzc8QeCzPGKu-TfZe9hwN&sig=Cg0ArKJSzIDsG3YzLv5dEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 22:18:11 GMT

GET
DATA 200
OK truncated
/ Frame 95D1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75cd3b6afdd7b8f136bc5c404f08dc2e50dbf1593a0c3e49c4e324863fee20d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame C398 0
0 54ms
54ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoNjSGLNbBeniKnciMoWNrSK7x4UcjS2v-4xPqHMfT8Dyg76q04vKyntEYVjnqHurVyMNx4YyTP3ROkEl_6beyvADmqMO2GP2SVGMsLg3LJPG4gGBCsQH9nmiCvpxS1q9jlikVBQbngvsQtPjuyPRx2JCr5wkAj0f9dUnqPgNqKt_JwKc39-_yzZ7uE6bf8wC4jvRI2QsBaetmVELNJpXSwNkYGeemZUXlywVuvMzaD-EWLCoA88mg85K-iS-R7KGGLAiy_LChQHyVJTnPbARWj8SPEYSzzh6Km0t44Cc&sai=AMfl-YTA3bUnPeRMdbNI_dA1UohO1sNniTEoRZf8oqjxlnzV7In7RzQXOnUmR0tlQb6LcCkKeM6-J31QWvjXkUiVEvVIxGu0Bzd6IR89jKu8wSnI4NTCbS231EVHQKqmjJ2f&sig=Cg0ArKJSzGiCYR4ihno2EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 22:18:11 GMT

GET
DATA 200
OK truncated
/ Frame C398 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a08855e984e2d048857eb1da7fa5e564c1d774c14df7569d9cfa3b287b92a75c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7035 478 B
690 B 35ms
16ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNX72mb88WM9IXbzYJgs_LDlVspasRv7TjzVPqxAX05FVbWkVXTF_uKOFyZbjyaX7qnwQ4qD0NZcNMkLb8jpfauhmrEKjQ

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNX72mb88WM9IXbzYJgs_LDlVspasRv7TjzVPqxAX05FVbWkVXTF_uKOFyZbjyaX7qnwQ4qD0NZcNMkLb8jpfauhmrEKjQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlrJ33kgFnduMA0quyEsBBW6ZR9JxnMROS8tTyIViOo5Co3jTRndCCApj6GT4A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 03 May 2021 22:18:11 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2EE7 23 KB
12 KB 81ms
63ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxrxwcCN8E-xpkiVWfix_QNZesgn9whjfzArfnTPdC1SzAIal2JSnpvc6gWbYMxmgMuNfuzdUqAmz_RYeD2iwgDcaNJYcLpNb1KA1B-yMMo8qa93dZ5GHQReoHc-uGfBWdy7dmrT7-Zu1b5yWSpYELwopUUw&cry=1&dbm_d=AKAmf-AGKmJwasr8Lb0xGTDXB6TubgejC-3w789BVvqwVyoAujp7SaQftFb743HJQH_Zl2bhVjw5dKw7qHGzM2GsovEK5z7QkPOM-7HLOSu4KQSbKD53tKKCWcQzPC5KqjrNk_cgcUHioYh2Z1kjZReg2zoaLL1r9Xdr1pFma3ZvM9ozWDLdjKshqQ6g1XRKIGZ_z0irQQ0IVlqCqrb5D-LR-scTWnG5S6dkg80eSawvGDVaDhaksLnp1D5XXvvNdahCSX49mpFSgz5fL-KOcELIIJ5SalrLhfVEYM78katM1cg56y74j0FIPOPomRwWvJlN9su5XonjOw75rdi9L2M71R6400hQqO-TfsaHrtn37m5ClBDC0sg458Pwigz7mz72PtA3X_anjozoEaQ4np13uBXmF3wXT50CHaYq2ZnIiKQEUd5SjJEMoyj-u3gLQQ-Aj4DzG0s9dal4URp4Wmvx1cEuhSFdNKJGymgxiD6uwyM6iU28dYYjC7MpuJMJfWaaZ8GoixZV9zKFRf2xCLu92FN9H5FLDM-tjvg2ttI-Kc-UpFM1Zff6uhtTwwBhvGlqnED34YoCF3XuqwvwmZY3ryHcwmJI2y1i7re5lwa11gQEqhXpMBSog4JaFyXdo83nXhGWA-DoB7uVmfVI9BD3BCUH3idUgcrchkcUJjuvpysNbaXe6SoMPHht83zonsypMOPkTwkZdw67iINp9v-V3f8D6F2ev2TjcwfYPtBDXAwSu3BU7KRUGrmYMHoCqp8x0wGoat7Iu5LhLggb9-lxecxtyHGO2mFfukdOuRx1dhaDUlShbp6WBYtLPHzLUxaHPmfQe13_rJm6rewd3YjF2XchT042eOzqIYXxrAxGZYTYE6CTDYiK5hM0VB16IpX2rGmZOL2TnwQRyXjfarULpW5ZvhB824HtPy60REdpZG2zrj8J5gl32Ptk2IInCl4Gg_4Ck-g1Epcm_SmgGHrIy7iq9kz0ja4bQ39iamadCyfCxN7H4gbob2xhL52CWBXkHWzYnX-Mgjhda0tP4IM-lfp1Z6BsdzyG4oLEm1CKktI3fWaZkHO2uhTPCKUbBw6HHZMY2i6oCcFZWLdLu_vdRCPm3xVKDkew7iNYLKZWxo0uOXY9lGJAt6jNunr4knOKjRtQViEi1lvp_hlIlwzvEADlARIBmKrfU_8kAvVluN9Bvm0_SHh-8QCSUGzF_PC0a2jcdqy33Dy5AJOkLqWXGgjB7HNxy9v0PkAPSi0h4ChcCP7vfCrhh3CCceD-t9HOEjpvpzt4NixPwbBwXHfNlLoTa4IqQ1F2VNKnMY-5gm0zsrN_qRLGrxla-DOFAzfnMpMwNfDP4-hnKUn8IiW52XsuMxsV6b00L16J7pKhbwltc50vu3H3aaTEZg19qjnlIEUb8M8fFiJhnIMzzocjuI7R7uUGC2cm99O-1f-mlk4pwTz8zrcestEQX6nSqZuTNkyquYo9tnhM5QIj3ujY4cOaGKGDfJ0be5k_ajrWrE8RRFUZx2-_s1HNpZ9veFd4hzDJUxvPYUlIYChE5OR25WS_b8aOzQJr9J2iQU4sPHqg32bsWQB--SNB2uWUrAc-GWsMQjCnpLbmRIWkcw2iwUuK-cALEbxkBIdZzXHHSuqTIZLxfVqDBj_2HjR48Qg4ywPXcVRgXcajAuVbPYzv9U_oPgLXMUW5NFPg0tHePYksIynz4UIqAE-f4Lk04bNZyF7G4Ug3N8FsQWQmSUugJkecV4Z3IS-uMCdSWpwappqQsNEr4_AoIYOIdx6n_RfAe1QgUHfzBIPEwaq103Yot_a3DFBZ_xoIjdbNKNEm5gf2Jst0IgqPpJxp6_PhAQleeukSxZKMTQ4jexYQ65MmmqwUA0fRs-ii-6gfnmOlr6NwR6WC78amCnpFvSDMTQQwKXiS0JoLsPK0ssx6pW1HoAeXPsKYBXHfnj1iBpMZea_QPIsSiYy7E4ZccZr5AIYu44ia_GwvDKfhaH_bE_xtEXtpaADy3I3ScpbaTTonGcIVxZJal8UfGGjS3SInZ-g8gnyVJyn1WMbc3ISiyGM2AT25srX9cAHI0XLLbLM6_NIhW1TdNk_QtTYZJe7mKp_xsp6c_GoNk983ofJhm8nvazrioKefgqzZ7a0TGt_H1w8Ckrgdchk9_bnnAa2lXge8OaPULNTXCnXI0lqDfvWl5pOspd0XzLs0ty2q-AVx0XHeQ9g0OkupJBAonJMlh6abDupogqYqmV9lsfm1EeM26BiSQj5U6cKNRf6m5v-hyAsp4cJTw2-07-QLFZjq0joBjK0W-fsVgU3mSED3exyXP40kNcWPNztY032VlQg2eYHYCHrHOl4VwHCCSSMjdL7_EV_g8aM5cPRf7NUpsKwH0zU9oJ7tsrMvrKTw0I_x1_wt-hsA7SCyGGpXAgFSgjUiUiNV_GNmgiPB7vpYSfEJqj0_zErz9_jIuW-Xs8C1c1-OI24pdB62e9pD9tYNbFKvUMc2Y7e9OGN5ULZE-vNeKNaV-Mxt5C4bxWXABpq0hQPxd7iDr7jB8GdN_UCdCbYehmoWfQ5UDxZLG74-Gk_COTmGJ7RD-WPpcj5n1DRZ_cuEeL5orNG_CXD0fsXJwqYHvyjE3lrEzrnJySW1qWYLeOVlRH_CpAB1ewD5IbYzoZYxH_cOniXIuwB_0_ili7hLibe699nUj_jfCY5ninDr8DMmJ5b-V2RPYtN5F8WkzmnIfvHiumrUhxKsIMic7_Qr4j-iBEor0BL6jKB4xxTqvRix_rZnl7jQp_uSDR8CtkZQHQWUF_37g6IetarqtOYHEg-BK3ldbwI9WfS--btMmakaOrEW_cqLoyu8eEPtiV19f4vlE51dofVPDaTOkCIjjeQ4JU31_Beu5h5gwEfqg5VG1-5oS_p4SFFg_jU6Wdgm9k_0GSBUKoSlAZTBoFI7uBCPlEzOHy1-G414ZrAWz753loGtnfGuTQ8P7V9S2hWWw4AUmhJjCNNyTQ6XIJFVI1sshOHXN93eH9NxmqLdYCOGuQKegQmYMiotUzHaSU3S3tM5qm4-pFR8j-KcrHf9QzDkVXcVfJC1JCYEeF9Tg2Lt9n7JwbDIKJuPXp4cjV5va8pnLm2CgEysRYmzukkFgQfm73byDqII5qPS5YZedhHHUVn2d8xKciTj5ql4fo-Uppw53OyO0V_UpFkE87LGqpids5VaBu2bqh5gvHrD9NfDnM6fAfWbzRlZ1eDoJQX3opAGa79pscgf0OEB51FGf4Di2pdP2MR_qA6FY-wRkuEIct505UmJ8H4Q6pFveTmU3OJxLm4Ye2TmQLXFTO9NyvsAVavKoklWZXGZ0N3rpVR3kw_jkeSWA13ROEuwDW6SlsF4IRDRa3WFMWBB33EY0SYwCYUo8mmHJUbztm0rfuwMoU--2HXJZwfBTekjrzZckqagDFb7u-EZ1zlbErWSOZ8CLA_T-InY7tAi8fL_cabe3rqCDhCd1YhZ3q_YrN1pojGinKQHR-NJWklOMBOg2NT6YdzOMzYsbX4sieZOYHRPhxpDFHkG6nmPLBf3GXLuD0r9z4c&cid=CAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

087ae4bb9772c8b2f47901dc15a83e71d20f39dfc72efedf642a91a447b0367b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EE7 42 B
63 B 48ms
46ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ATerBszvjddZNwico_zc2uZiM3Q6DdVNEXo837X4uthv0Qv1pfYIQ5dDJ5OESXkVzX9Q-UelgTS4FMdjZ436Rtd9WC7lAfyaWLSNn6cPVxvnsmuxw

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
live-tag.bannersnack.com/iframe/ Frame 2EE7 2 KB
1 KB 90ms
26ms Script
application/javascript 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/iframe/embed.js
Requested by: Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:57:37 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 07:39:56 GMT
server: AmazonS3
age: 30035
etag: "30f5e3d9a15d04b0cd044a5a807687d1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 960
x-amz-cf-id: zFhEdkgQwD-DBvc8cWUiGwW-lirbyEuBjY6Yfmw9XURrIHV0QhjNkQ==

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 2EE7 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:08:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EE7 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 2EE7 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:14:29 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F7EC 0
0 53ms
53ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8hh-jAE3mAEQrOTcZHU9u18GYGOXO-iIfZKRQVfGmSIoRH-dvydH-I6KhBPWwBMLYLXBbbNg_NqS3cRAtPnOks8BkXFDJcOmLGL8QP0MCwP03NGYmfTLRnmYn-rYUvAxtWT-wn1vPKFq0UfO-BmH_Sx1Z8nL51bcq347OS0vSj6fd6bXxxYq62i-aoKqlcwz6TwQD2EOH9ovBT-1oCHvBxtfniq5XK97bKEYxYjeCGThnBhFZIZb8wTt1Y7rM2trp2BwijkhkAdVA-u5h4Pjg__5UmnKRx5UW5aECcLteCWUBg5AmC7K8wJTPHA&sai=AMfl-YThM6NG4Xce4gbnM6zr3pj4YjdRtRI1qQ58lXYwiap0e7MyiT2O-fVmKJtDDoJ5u-lYIsyfh0O4O4v_FBe3bmGY90c83nYIIEfi-lbaHABLjclR7rtJ00_NDxVWKWRF&sig=Cg0ArKJSzNyGU7Q21pIYEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 03 May 2021 22:18:11 GMT

GET
DATA 200
OK truncated
/ Frame F7EC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3c63dba103371297217de0e19c1310b7371d3e8973191a111960b7181584573

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1106 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame B1A5 4 KB
617 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 22:04:43 GMT
server: ESF
date: Mon, 03 May 2021 22:18:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame B1A5 1 KB
914 B 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:08:41 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B1A5 0
0 54ms
54ms Fetch
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cpmu-onaQYJb2Ct7X7_UPtIS-sAjYrYGwYcy3lb-vDWQQASDc1_siYPWVzoHgBKAB5aP3zQPIAQmpApSh7m2vZrI-4AIAqAMByAObBKoE1wFP0DwWdxr68VeFcWQ88qluWEJ2YTkX3KD4XTRy6HDJLwYtEjHH4kMFyD84iJSmaGY4DwWLi-nAatzszpyYD2NmPy3KTkKzJ2guJ6hBpJU041Hi03YUn2R3Lp8Jk9G-P1yIDP3v0dy_ixVPYY47pwHExu2UUVEhK9nlQdX9Vx5WMfTRaYegxL9abX-auO3YnQm-YtkQPVSkY03GiCH-WwUK8Om6TgyqAdIKhrQ-vkT6qSCBkErzDAAEvPyRh8VFAf4TJqTrLViuTB_OFT6KaK4--yapHlRoZMAEro_Et7MD4AQBkgUECAQYAZIFBAgFGASgBi6AB4PciDKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQ8C7SCAkIgOGAQBABGB2ACgPICwGYDOiMga25A9gTDrIXGgoYCAASFHB1Yi01Mzc3NTAwMjk0NzEwNDA3&sigh=8sQDSwwwucI&template_id=515
Requested by: Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame B1A5 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite_fy2019.js

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 882276978028997863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:10:45 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame B1A5 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:08:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1A5 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame B1A5 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:14:29 GMT

GET
H3-29 200 95e6c1f88e21b7366c50a3f905bff199.js Show response
www.gstatic.com/mysidia/ Frame B1A5 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/95e6c1f88e21b7366c50a3f905bff199.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 14:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:04:36 GMT
server: sffe
age: 115683
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
expires: Sat, 31 Jul 2021 14:10:08 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF3A 611 B
316 B 27ms
23ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNW05Ogy9NQKQZGowXr43JTvJVO9opfqcjCCEJ1oynrhNMODQWTiw8RWUZo4CW_9eEoAAUYEgfcFWYRcHRWfKu2yQeKkrQ

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNW05Ogy9NQKQZGowXr43JTvJVO9opfqcjCCEJ1oynrhNMODQWTiw8RWUZo4CW_9eEoAAUYEgfcFWYRcHRWfKu2yQeKkrQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlrJ33kgFnduMA0quyEsBBW6ZR9JxnMROS8tTyIViOo5Co3jTRndCCApj6GT4A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 03 May 2021 22:18:11 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D46B 24 KB
12 KB 53ms
49ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaTcoL9oGx3MYDB5ekY_0BvGRq5cZPoTeIrw-YymVk4GL5DECENrVyUnkv189Ih0DElgWmOLt3q-6OIcxRIuxuB_F2F5U7NbjJ6Ral5hWF83F8R1ziUMLW9cPOfmCsUJVcI_vQKU46rZrBRvZbF8Q6wLOs1g&cry=1&dbm_d=AKAmf-DUz_3rG731qidQPnAhj75o8E-90R8bIphbgt_DG2mN4gm98QnF9OTwSYEbkK40-25FHigCEzStlO0XZKB07unKuMAlbkF3RTI1ZZA-PKwFA2oikXqSKUUzZ3pOCuQrpPvCJoMd3OmoZ7n9kcJq4j7UXAGHbcHgxqg-H-SsgsmHjnVrMKdAXzTpwV45nzz1SgIh49caZe8txZ2erYH00US8QyaNZ158X5xqbmKFvn76bkqrqO5oFaDWs_MBlfjuZmS6U7PcRQBWX2v97fODEEHXxc6xAGCbHmDUkwyLyOzF8BXYO3isY8kRzFuOndXmYdPA_D-lhNygI6qP018RzuTmb4esB0n1Ul203nID2Z6xttwfi-0Rf6DIicxGdFIzjztjjHcMxokUZyNcIC7i5mfGokkVmjH7QD2J9M-CAtnp9olyF3QFJgbEqphAZmFA9CURL3eYOsVPaed_-N4zt7FqKHVe0r3KwzgLv0I-BVJxJGwZdFc6qqJjueeBy4FlXs9jiGMaO6WsXaV33uni7bVMJPvskOTYoem-Fb4Q106BswSoU8Wvoqw4hO_TOAgfZ1wjqs0yQXplQaBazE36EvTrPIWrPI4m5NNQ7RloBMClMof9sxQ2K09n21rfDNKTBe77yRZc7RS9ZSh7oeVP478Qxbznw5fXx8oofPkci2qh-ZocTvsOJyXwuh_RSqDIDSj6c8pg_fqzuRtH9SUHk31Kjf1R_hq0vnOwwPVuvppoCraQtNfCpAZXRDdsqh6Fo-oVL7bfJr6WtC9f3lxdH24gkgNXUwEUIHYOubfz-FWTJbIqF-iPOWvK0Dz59Xrh0948nMwtfLxtAqcEwsTumeuCS1luVaHqtM7lCqQ4JOsc-KBSubF9BKctCxlu0rZqgoClZoTizCUz-2Qlp5OnnyuI-XotxYBpaxPn8pP-XeRY9TgKjfe8IW0vr1ZMKvNHWf0IiTV4x1vlcg86B-BBQJE1c_RaBCcIGO5y1TEYgtDs4PiQUiDtCNap6R2Vtom-C3HX4eTa4_4LeEXOICSuW013mfoEJhNywpuTN7N2VMuDbJGOCFv0PvskQSpUdhuumGivuDugHpkEIAfltrfL7hlsJisYxVFwfuszeSIFKZyPExsh80cLeaxzGvYSEzcXFbKZOSDSICnFseUt0Vqu4GUfuk8w-q3tpTXbeqPfvDMfTk40NsIsLyAQHmC7c38GybTTT-n4kkKOMUacD7aMyeoa-9p8_vKl1J39xUIrCF9NrToUkqCXGg_lC3ZD6YOAHgolyE_g7vRMPXV9PR6UB0EeQZOEtHCvlHXBU03rVwkkQFhdSjUfywRxqFvgsyHPl8XvPfF09w8yDRxM3ezGflGWxThur6L2K7RrV7SsugD69qxVQj0VmwG_-hWiempqQbcIPZbZUeavmIEFI_D6-10Nro2wzMAqy_8xMzZZ4n3OI-9ue6OniS442NVZ3tc22sq9mP9xynRAtN99qBKPtvoO_JAV4j0mv6riuqBhhWIddchERdnN9zRC2y8V7SrvX5p9-3RFJ74wfo0sz1pG1jTEL6kUs8yyGaMaO_aw99tMKrOQCxH6pXHfnup7AosHq2wdhVIriQZRi2ocEQnrO1Vm2V5UtvVSeKkKw1T3bZ2fM4U4dE_cCjX9OtGwQkmHQARXK06ZqMxV7EhfAaFpF9L1BwfVnUKpd7ew-d-m0AsTckYrqrcqPXdZMCEp7pKdoKVURyq84yvSgfo58xDUnE5pY-RhO0Yw28b6EKfxzl3B4nZQsFqGHT0cNY3fMtScNJxvse7lSIT67b-MGj0FGNPxFVsNZLHGPPLK7MX5R-MFVWN0Ncp_v1Q1MJB4odsEp9ds_NmnPN2ctS_2t3zM0XsJvSFTHJgEKirubZVFFB5yNsajaaFoO5kJxS-UF3VvTfIZzcecbgaopUr05hoDhiYjurYjsj7tOEZ7rmb5rZ6AGGIfyrUlqmtqBVgvcjt6EtXbmiUs4ZBZy0XIRep9C8rdtESIErZYikhmDEK_rxlDrV2P93OWlRWjb9uCqTXOxaYd1WNNjJg0CKRi52wNgyMxzj7VxTnYp3Ilmcd4d8MuLNwj40xztcWCC6WdJhWDnLeyQNd8Z--q2I1aMtB-m3UNISq88iLe2ArmnfUQrJIVxeg5knmRWP5aHUyY_getZ6tK54E8-RkG5FjAf4yVRXrHdc5aqj2yLtAmYcCePrexAtMMntL-FyinLF76OSWCdi0CNAxkZLrchOQAdgbfR8kfCHNG5FIgZ6wikSIzDJMi4fPjAx7ADIAgBl7rmdyeNIOIq6amXal0q4mP91wCpfCCPHJR-v7PIbB-dVYkENBc0ebNoBaibgIyFAwJb-QGV04x6v81hCi0f68aTbVJhMWgY-X2CNkrv8Bkrgmea2w8vFWqwBv8Ygg3YlB6zs2i87AFC47BVIZTzmBoiiOEnPxTuVZk_zNj0hXms2-PNvhsRtXy_MLXD1D9dmIuDWc1lUc0RjjsiM4ZxY7L9NDbPfOJowMO5mxPGQAnIlV0i5ipe6by_6Dwos-O6plTydGQk17-J2s4Dfi0mJ8RwYoVQKdZ80_zcLGeexaFhHUI_ywlGtKG4FKEdizHKccNoWYCFdxRhjgZWzUj3cOF3Xz0v0_QLXaGcCM7kNZF4DkmyylJAeuDvnS8NtXvCuqTYuUX_QbpYcI9LvBI0DOKCrAzAUA9LPjVlxJMpXsBXcfIh9alF26Gv25dkRLVV1kTa0QfaTlAqk1sjGRjfyXPtNXO5e7PpXwQUxVEDUIlgz4J10qsR9SOhxFXK2Shg-51ZKaf3R8vTHrBg58PkM62KPZUuCgOxN14GKIMrLd4l8vzkW5hhDRbj8Gv8T4OUp-ZsJIhA4GgEi2YsCP4F_YU1VYfwjsVmu6pIKIz9NhO4b8jTvQAzTr38iCIZe1zU8T9nxwrAAvbCrVTalfLxBUY9ZgHiEn2mo0t42EbPerVRtHLZWS8ePgoAkdpdqoClP3XuYVVKVO18TVLrmive-Kl_ymwAydhqqomsM7y_oEMywwm5UUXaKRzJj4itD2UO_4rR0qK7tlRo6Gv1_TDAwhxGFZQeGb57_FsGGCq0BJbKhThnoiRA0IMyKeLJR2HJWwF6L9eorDOTYcgY8XfIK5hnbm8d7j49AgSTjtPTeg0F8CZUsK4fB_-FoFH_cQTv3Mgq4suFVG4HUrqnfZEHXR5qaElfMhyuaRTHR_EdMLrHkyaiXWCIC3hEokI5pvGqmaR3pWMcZesVevxpZkuTvpuvUfP_Aw8hucNRNam8HRZdoWPL_3dtM7YhZ2fdvJFh7p-Td6tGU3IG7Y6dttN0xlu5XGTfw_GDhWexWeDgsZxeEza0f-4reUOX7WiTyf7MC05fJvkd2nn7fddMOXw_Zi5h9UeakP9tzC8INDxAqpAczjeAJtD7QBbOrzQ-PBQ4fheEJYbSebuaGIp88QvYfBS2hsxFBs3mETize9lwZJ1hnBHlGWosBMEa80GyRenNJJhpeY2AlgZsUgbnIL7ZmIteWjQqm_P9E4BKN48WIeZvY_ykSUYTA2OBj0&cid=CAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.eu2.cas.ms
URL: https://opovo.com.br.eu2.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62b91dd7e6541b2ab4ffb38fd3f69a0c6d1d651cef25b7e9905f2e7c60a745a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12242
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D46B 42 B
63 B 42ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2dADn_j6Vgz-6UiVQed7EKUPGRZyH2XYlyh8p6kVQTdhECZMikoC9gQS9VJ2gzkBHu2xaHJMKq2HwWrSImbHcqAeByVNWoqFtyZkebR52k_w8eMg

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
live-tag.bannersnack.com/iframe/ Frame D46B 2 KB
1 KB 38ms
27ms Script
application/javascript 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/iframe/embed.js
Requested by: Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:57:37 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 07:39:56 GMT
server: AmazonS3
age: 30035
etag: "30f5e3d9a15d04b0cd044a5a807687d1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 960
x-amz-cf-id: 6Bj2a1ZQy3t2Goj1VkHaUc0yN0ifVOqthUqo3g3eU_b8pfZwVCzX-A==

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame D46B 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:08:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D46B 116 KB
35 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782032619693"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35920
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame D46B 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:14:29 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D46B 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQYa4B3slAeC-hwoEO2vbkaBCBEKLrrs1w1CY01CSlTv8J8frZ5HBm5q_R3YaUqAoCmH6J
Requested by: Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 68F8 793 B
813 B 116ms
115ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/bg_home_noticias&eolid=5633797351&eci=138341605907&ct=%7B%7D&w=1750&h=720&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: bca96499220e32a9cbb737ed0c44d8ad116fc3cffed3ee1c9fb59b402a515789

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame C1BD 726 B
765 B 229ms
116ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=null&eci=null&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 7f9473162ab474ab4b3a3ebf16b0c985a713e006bf2693a5a3efdcec80fe32f9

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame B10C 736 B
779 B 467ms
246ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5683055452&eci=138348381137&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: dcce89ebb6380f186ede02a33ba846b9e33da86cd7a55d8e3e02c09331088f17

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 965C 736 B
779 B 462ms
238ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 72c2b84424cf08a672b5ebb8a1aa2958aaa86e26cebf74e6b933ee8df684c413

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame D571 727 B
767 B 457ms
231ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 70f9dd3398ae47c4a8aa91ae9405e0190099984b28f35115da7d2d0e70450a97

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 0986 791 B
813 B 452ms
229ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374947&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: fb3a144594ce9a01b985e7fd8fe8331a86675fef8fca75a2032121604dd9d164

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 958B 727 B
767 B 463ms
237ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: dc9c127f48bb67af3a8bbe1344f02e911c0d3f665c90a4aa73bfcea8f98dfa00

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 44CE 727 B
768 B 452ms
228ms Script
text/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 590ec95ca64876fc843f5cced8e05e5c5d42c72da01c2fe586dc78128950457b

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 484ms
111ms Script
text/javascript 34.234.139.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=10178b85-475a-ce2c-4a58-fefba9bcbd05&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.139.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-139-177.compute-1.amazonaws.com
Software: / Express
Resource Hash: b12249dec66346ab54bdf84a52f319b4232f4bec860f2af1f4cbec627b55424d

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 May 2021 22:18:11 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H3-29 200 6743270881753116385
tpc.googlesyndication.com/simgad/ Frame B1A5 4 KB
4 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6743270881753116385?w=100&h=100

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bd2adf52febd28984869dce71a3db5e89a972c03bc2b905cce20c2dc9ab1dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 06:10:19 GMT
x-content-type-options: nosniff
age: 403672
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3932
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 09:44:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 06:10:19 GMT

GET
H2 200 data=2DifxPOPt7AqA6CAUHSGmVonAlE__m2KS-YjPcmmVw_qZCF-antsu8IDc8lkaCiZ0kpD79MIN7vwmqjutiqHioQ
mts0.google.com/vt/ Frame B1A5 70 KB
71 KB 37ms
17ms Image
image/png 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=2DifxPOPt7AqA6CAUHSGmVonAlE__m2KS-YjPcmmVw_qZCF-antsu8IDc8lkaCiZ0kpD79MIN7vwmqjutiqHioQ

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

8129dafd3bbf278a42546f61e86751ed10e3d08097879f463895dfc39c25ec44

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
x-content-type-options: nosniff
age: 0
server-timing: gfet4t7; dur=11
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71864
x-xss-protection: 0
x-server-version-bin: CggIBBCbnpeEBg==
server: paintfe
etag: 0940a7c4d75a9befe
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2021
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Mon, 03 May 2021 22:51:52 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 2EE7 22 KB
9 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxrxwcCN8E-xpkiVWfix_QNZesgn9whjfzArfnTPdC1SzAIal2JSnpvc6gWbYMxmgMuNfuzdUqAmz_RYeD2iwgDcaNJYcLpNb1KA1B-yMMo8qa93dZ5GHQReoHc-uGfBWdy7dmrT7-Zu1b5yWSpYELwopUUw&cry=1&dbm_d=AKAmf-AGKmJwasr8Lb0xGTDXB6TubgejC-3w789BVvqwVyoAujp7SaQftFb743HJQH_Zl2bhVjw5dKw7qHGzM2GsovEK5z7QkPOM-7HLOSu4KQSbKD53tKKCWcQzPC5KqjrNk_cgcUHioYh2Z1kjZReg2zoaLL1r9Xdr1pFma3ZvM9ozWDLdjKshqQ6g1XRKIGZ_z0irQQ0IVlqCqrb5D-LR-scTWnG5S6dkg80eSawvGDVaDhaksLnp1D5XXvvNdahCSX49mpFSgz5fL-KOcELIIJ5SalrLhfVEYM78katM1cg56y74j0FIPOPomRwWvJlN9su5XonjOw75rdi9L2M71R6400hQqO-TfsaHrtn37m5ClBDC0sg458Pwigz7mz72PtA3X_anjozoEaQ4np13uBXmF3wXT50CHaYq2ZnIiKQEUd5SjJEMoyj-u3gLQQ-Aj4DzG0s9dal4URp4Wmvx1cEuhSFdNKJGymgxiD6uwyM6iU28dYYjC7MpuJMJfWaaZ8GoixZV9zKFRf2xCLu92FN9H5FLDM-tjvg2ttI-Kc-UpFM1Zff6uhtTwwBhvGlqnED34YoCF3XuqwvwmZY3ryHcwmJI2y1i7re5lwa11gQEqhXpMBSog4JaFyXdo83nXhGWA-DoB7uVmfVI9BD3BCUH3idUgcrchkcUJjuvpysNbaXe6SoMPHht83zonsypMOPkTwkZdw67iINp9v-V3f8D6F2ev2TjcwfYPtBDXAwSu3BU7KRUGrmYMHoCqp8x0wGoat7Iu5LhLggb9-lxecxtyHGO2mFfukdOuRx1dhaDUlShbp6WBYtLPHzLUxaHPmfQe13_rJm6rewd3YjF2XchT042eOzqIYXxrAxGZYTYE6CTDYiK5hM0VB16IpX2rGmZOL2TnwQRyXjfarULpW5ZvhB824HtPy60REdpZG2zrj8J5gl32Ptk2IInCl4Gg_4Ck-g1Epcm_SmgGHrIy7iq9kz0ja4bQ39iamadCyfCxN7H4gbob2xhL52CWBXkHWzYnX-Mgjhda0tP4IM-lfp1Z6BsdzyG4oLEm1CKktI3fWaZkHO2uhTPCKUbBw6HHZMY2i6oCcFZWLdLu_vdRCPm3xVKDkew7iNYLKZWxo0uOXY9lGJAt6jNunr4knOKjRtQViEi1lvp_hlIlwzvEADlARIBmKrfU_8kAvVluN9Bvm0_SHh-8QCSUGzF_PC0a2jcdqy33Dy5AJOkLqWXGgjB7HNxy9v0PkAPSi0h4ChcCP7vfCrhh3CCceD-t9HOEjpvpzt4NixPwbBwXHfNlLoTa4IqQ1F2VNKnMY-5gm0zsrN_qRLGrxla-DOFAzfnMpMwNfDP4-hnKUn8IiW52XsuMxsV6b00L16J7pKhbwltc50vu3H3aaTEZg19qjnlIEUb8M8fFiJhnIMzzocjuI7R7uUGC2cm99O-1f-mlk4pwTz8zrcestEQX6nSqZuTNkyquYo9tnhM5QIj3ujY4cOaGKGDfJ0be5k_ajrWrE8RRFUZx2-_s1HNpZ9veFd4hzDJUxvPYUlIYChE5OR25WS_b8aOzQJr9J2iQU4sPHqg32bsWQB--SNB2uWUrAc-GWsMQjCnpLbmRIWkcw2iwUuK-cALEbxkBIdZzXHHSuqTIZLxfVqDBj_2HjR48Qg4ywPXcVRgXcajAuVbPYzv9U_oPgLXMUW5NFPg0tHePYksIynz4UIqAE-f4Lk04bNZyF7G4Ug3N8FsQWQmSUugJkecV4Z3IS-uMCdSWpwappqQsNEr4_AoIYOIdx6n_RfAe1QgUHfzBIPEwaq103Yot_a3DFBZ_xoIjdbNKNEm5gf2Jst0IgqPpJxp6_PhAQleeukSxZKMTQ4jexYQ65MmmqwUA0fRs-ii-6gfnmOlr6NwR6WC78amCnpFvSDMTQQwKXiS0JoLsPK0ssx6pW1HoAeXPsKYBXHfnj1iBpMZea_QPIsSiYy7E4ZccZr5AIYu44ia_GwvDKfhaH_bE_xtEXtpaADy3I3ScpbaTTonGcIVxZJal8UfGGjS3SInZ-g8gnyVJyn1WMbc3ISiyGM2AT25srX9cAHI0XLLbLM6_NIhW1TdNk_QtTYZJe7mKp_xsp6c_GoNk983ofJhm8nvazrioKefgqzZ7a0TGt_H1w8Ckrgdchk9_bnnAa2lXge8OaPULNTXCnXI0lqDfvWl5pOspd0XzLs0ty2q-AVx0XHeQ9g0OkupJBAonJMlh6abDupogqYqmV9lsfm1EeM26BiSQj5U6cKNRf6m5v-hyAsp4cJTw2-07-QLFZjq0joBjK0W-fsVgU3mSED3exyXP40kNcWPNztY032VlQg2eYHYCHrHOl4VwHCCSSMjdL7_EV_g8aM5cPRf7NUpsKwH0zU9oJ7tsrMvrKTw0I_x1_wt-hsA7SCyGGpXAgFSgjUiUiNV_GNmgiPB7vpYSfEJqj0_zErz9_jIuW-Xs8C1c1-OI24pdB62e9pD9tYNbFKvUMc2Y7e9OGN5ULZE-vNeKNaV-Mxt5C4bxWXABpq0hQPxd7iDr7jB8GdN_UCdCbYehmoWfQ5UDxZLG74-Gk_COTmGJ7RD-WPpcj5n1DRZ_cuEeL5orNG_CXD0fsXJwqYHvyjE3lrEzrnJySW1qWYLeOVlRH_CpAB1ewD5IbYzoZYxH_cOniXIuwB_0_ili7hLibe699nUj_jfCY5ninDr8DMmJ5b-V2RPYtN5F8WkzmnIfvHiumrUhxKsIMic7_Qr4j-iBEor0BL6jKB4xxTqvRix_rZnl7jQp_uSDR8CtkZQHQWUF_37g6IetarqtOYHEg-BK3ldbwI9WfS--btMmakaOrEW_cqLoyu8eEPtiV19f4vlE51dofVPDaTOkCIjjeQ4JU31_Beu5h5gwEfqg5VG1-5oS_p4SFFg_jU6Wdgm9k_0GSBUKoSlAZTBoFI7uBCPlEzOHy1-G414ZrAWz753loGtnfGuTQ8P7V9S2hWWw4AUmhJjCNNyTQ6XIJFVI1sshOHXN93eH9NxmqLdYCOGuQKegQmYMiotUzHaSU3S3tM5qm4-pFR8j-KcrHf9QzDkVXcVfJC1JCYEeF9Tg2Lt9n7JwbDIKJuPXp4cjV5va8pnLm2CgEysRYmzukkFgQfm73byDqII5qPS5YZedhHHUVn2d8xKciTj5ql4fo-Uppw53OyO0V_UpFkE87LGqpids5VaBu2bqh5gvHrD9NfDnM6fAfWbzRlZ1eDoJQX3opAGa79pscgf0OEB51FGf4Di2pdP2MR_qA6FY-wRkuEIct505UmJ8H4Q6pFveTmU3OJxLm4Ye2TmQLXFTO9NyvsAVavKoklWZXGZ0N3rpVR3kw_jkeSWA13ROEuwDW6SlsF4IRDRa3WFMWBB33EY0SYwCYUo8mmHJUbztm0rfuwMoU--2HXJZwfBTekjrzZckqagDFb7u-EZ1zlbErWSOZ8CLA_T-InY7tAi8fL_cabe3rqCDhCd1YhZ3q_YrN1pojGinKQHR-NJWklOMBOg2NT6YdzOMzYsbX4sieZOYHRPhxpDFHkG6nmPLBf3GXLuD0r9z4c&cid=CAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:11:42 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2EE7 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32616
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 13:14:35 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame D46B 22 KB
8 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaTcoL9oGx3MYDB5ekY_0BvGRq5cZPoTeIrw-YymVk4GL5DECENrVyUnkv189Ih0DElgWmOLt3q-6OIcxRIuxuB_F2F5U7NbjJ6Ral5hWF83F8R1ziUMLW9cPOfmCsUJVcI_vQKU46rZrBRvZbF8Q6wLOs1g&cry=1&dbm_d=AKAmf-DUz_3rG731qidQPnAhj75o8E-90R8bIphbgt_DG2mN4gm98QnF9OTwSYEbkK40-25FHigCEzStlO0XZKB07unKuMAlbkF3RTI1ZZA-PKwFA2oikXqSKUUzZ3pOCuQrpPvCJoMd3OmoZ7n9kcJq4j7UXAGHbcHgxqg-H-SsgsmHjnVrMKdAXzTpwV45nzz1SgIh49caZe8txZ2erYH00US8QyaNZ158X5xqbmKFvn76bkqrqO5oFaDWs_MBlfjuZmS6U7PcRQBWX2v97fODEEHXxc6xAGCbHmDUkwyLyOzF8BXYO3isY8kRzFuOndXmYdPA_D-lhNygI6qP018RzuTmb4esB0n1Ul203nID2Z6xttwfi-0Rf6DIicxGdFIzjztjjHcMxokUZyNcIC7i5mfGokkVmjH7QD2J9M-CAtnp9olyF3QFJgbEqphAZmFA9CURL3eYOsVPaed_-N4zt7FqKHVe0r3KwzgLv0I-BVJxJGwZdFc6qqJjueeBy4FlXs9jiGMaO6WsXaV33uni7bVMJPvskOTYoem-Fb4Q106BswSoU8Wvoqw4hO_TOAgfZ1wjqs0yQXplQaBazE36EvTrPIWrPI4m5NNQ7RloBMClMof9sxQ2K09n21rfDNKTBe77yRZc7RS9ZSh7oeVP478Qxbznw5fXx8oofPkci2qh-ZocTvsOJyXwuh_RSqDIDSj6c8pg_fqzuRtH9SUHk31Kjf1R_hq0vnOwwPVuvppoCraQtNfCpAZXRDdsqh6Fo-oVL7bfJr6WtC9f3lxdH24gkgNXUwEUIHYOubfz-FWTJbIqF-iPOWvK0Dz59Xrh0948nMwtfLxtAqcEwsTumeuCS1luVaHqtM7lCqQ4JOsc-KBSubF9BKctCxlu0rZqgoClZoTizCUz-2Qlp5OnnyuI-XotxYBpaxPn8pP-XeRY9TgKjfe8IW0vr1ZMKvNHWf0IiTV4x1vlcg86B-BBQJE1c_RaBCcIGO5y1TEYgtDs4PiQUiDtCNap6R2Vtom-C3HX4eTa4_4LeEXOICSuW013mfoEJhNywpuTN7N2VMuDbJGOCFv0PvskQSpUdhuumGivuDugHpkEIAfltrfL7hlsJisYxVFwfuszeSIFKZyPExsh80cLeaxzGvYSEzcXFbKZOSDSICnFseUt0Vqu4GUfuk8w-q3tpTXbeqPfvDMfTk40NsIsLyAQHmC7c38GybTTT-n4kkKOMUacD7aMyeoa-9p8_vKl1J39xUIrCF9NrToUkqCXGg_lC3ZD6YOAHgolyE_g7vRMPXV9PR6UB0EeQZOEtHCvlHXBU03rVwkkQFhdSjUfywRxqFvgsyHPl8XvPfF09w8yDRxM3ezGflGWxThur6L2K7RrV7SsugD69qxVQj0VmwG_-hWiempqQbcIPZbZUeavmIEFI_D6-10Nro2wzMAqy_8xMzZZ4n3OI-9ue6OniS442NVZ3tc22sq9mP9xynRAtN99qBKPtvoO_JAV4j0mv6riuqBhhWIddchERdnN9zRC2y8V7SrvX5p9-3RFJ74wfo0sz1pG1jTEL6kUs8yyGaMaO_aw99tMKrOQCxH6pXHfnup7AosHq2wdhVIriQZRi2ocEQnrO1Vm2V5UtvVSeKkKw1T3bZ2fM4U4dE_cCjX9OtGwQkmHQARXK06ZqMxV7EhfAaFpF9L1BwfVnUKpd7ew-d-m0AsTckYrqrcqPXdZMCEp7pKdoKVURyq84yvSgfo58xDUnE5pY-RhO0Yw28b6EKfxzl3B4nZQsFqGHT0cNY3fMtScNJxvse7lSIT67b-MGj0FGNPxFVsNZLHGPPLK7MX5R-MFVWN0Ncp_v1Q1MJB4odsEp9ds_NmnPN2ctS_2t3zM0XsJvSFTHJgEKirubZVFFB5yNsajaaFoO5kJxS-UF3VvTfIZzcecbgaopUr05hoDhiYjurYjsj7tOEZ7rmb5rZ6AGGIfyrUlqmtqBVgvcjt6EtXbmiUs4ZBZy0XIRep9C8rdtESIErZYikhmDEK_rxlDrV2P93OWlRWjb9uCqTXOxaYd1WNNjJg0CKRi52wNgyMxzj7VxTnYp3Ilmcd4d8MuLNwj40xztcWCC6WdJhWDnLeyQNd8Z--q2I1aMtB-m3UNISq88iLe2ArmnfUQrJIVxeg5knmRWP5aHUyY_getZ6tK54E8-RkG5FjAf4yVRXrHdc5aqj2yLtAmYcCePrexAtMMntL-FyinLF76OSWCdi0CNAxkZLrchOQAdgbfR8kfCHNG5FIgZ6wikSIzDJMi4fPjAx7ADIAgBl7rmdyeNIOIq6amXal0q4mP91wCpfCCPHJR-v7PIbB-dVYkENBc0ebNoBaibgIyFAwJb-QGV04x6v81hCi0f68aTbVJhMWgY-X2CNkrv8Bkrgmea2w8vFWqwBv8Ygg3YlB6zs2i87AFC47BVIZTzmBoiiOEnPxTuVZk_zNj0hXms2-PNvhsRtXy_MLXD1D9dmIuDWc1lUc0RjjsiM4ZxY7L9NDbPfOJowMO5mxPGQAnIlV0i5ipe6by_6Dwos-O6plTydGQk17-J2s4Dfi0mJ8RwYoVQKdZ80_zcLGeexaFhHUI_ywlGtKG4FKEdizHKccNoWYCFdxRhjgZWzUj3cOF3Xz0v0_QLXaGcCM7kNZF4DkmyylJAeuDvnS8NtXvCuqTYuUX_QbpYcI9LvBI0DOKCrAzAUA9LPjVlxJMpXsBXcfIh9alF26Gv25dkRLVV1kTa0QfaTlAqk1sjGRjfyXPtNXO5e7PpXwQUxVEDUIlgz4J10qsR9SOhxFXK2Shg-51ZKaf3R8vTHrBg58PkM62KPZUuCgOxN14GKIMrLd4l8vzkW5hhDRbj8Gv8T4OUp-ZsJIhA4GgEi2YsCP4F_YU1VYfwjsVmu6pIKIz9NhO4b8jTvQAzTr38iCIZe1zU8T9nxwrAAvbCrVTalfLxBUY9ZgHiEn2mo0t42EbPerVRtHLZWS8ePgoAkdpdqoClP3XuYVVKVO18TVLrmive-Kl_ymwAydhqqomsM7y_oEMywwm5UUXaKRzJj4itD2UO_4rR0qK7tlRo6Gv1_TDAwhxGFZQeGb57_FsGGCq0BJbKhThnoiRA0IMyKeLJR2HJWwF6L9eorDOTYcgY8XfIK5hnbm8d7j49AgSTjtPTeg0F8CZUsK4fB_-FoFH_cQTv3Mgq4suFVG4HUrqnfZEHXR5qaElfMhyuaRTHR_EdMLrHkyaiXWCIC3hEokI5pvGqmaR3pWMcZesVevxpZkuTvpuvUfP_Aw8hucNRNam8HRZdoWPL_3dtM7YhZ2fdvJFh7p-Td6tGU3IG7Y6dttN0xlu5XGTfw_GDhWexWeDgsZxeEza0f-4reUOX7WiTyf7MC05fJvkd2nn7fddMOXw_Zi5h9UeakP9tzC8INDxAqpAczjeAJtD7QBbOrzQ-PBQ4fheEJYbSebuaGIp88QvYfBS2hsxFBs3mETize9lwZJ1hnBHlGWosBMEa80GyRenNJJhpeY2AlgZsUgbnIL7ZmIteWjQqm_P9E4BKN48WIeZvY_ykSUYTA2OBj0&cid=CAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 May 2021 22:11:42 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D46B 41 KB
15 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32616
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 13:14:35 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6DAF 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 03 May 2021 20:50:20 GMT
expires: Tue, 03 May 2022 20:50:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5271
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 68F8 21 KB
9 KB 111ms
111ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/bg_home_noticias&eolid=5633797351&eci=138341605907&ct=%7B%7D&w=1750&h=720&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 7035 170 B
506 B 73ms
28ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNX72mb88WM9IXbzYJgs_LDlVspasRv7TjzVPqxAX05FVbWkVXTF_uKOFyZbjyaX7qnwQ4qD0NZcNMkLb8jpfauhmrEKjQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7035
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWlSQxWi27O7WkdfR2dGjY&google_cver=1

43 B
894 B

28ms
28ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWlSQxWi27O7WkdfR2dGjY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNX72mb88WM9IXbzYJgs_LDlVspasRv7TjzVPqxAX05FVbWkVXTF_uKOFyZbjyaX7qnwQ4qD0NZcNMkLb8jpfauhmrEKjQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 22:18:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOWlSQxWi27O7WkdfR2dGjY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7035
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJB2o39VLgftJCbvpnOhFQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA3v8tYGCHI3Vj44VHVbCo&google_cver=1

43 B
894 B

28ms
28ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA3v8tYGCHI3Vj44VHVbCo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNX72mb88WM9IXbzYJgs_LDlVspasRv7TjzVPqxAX05FVbWkVXTF_uKOFyZbjyaX7qnwQ4qD0NZcNMkLb8jpfauhmrEKjQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 May 2021 22:18:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA3v8tYGCHI3Vj44VHVbCo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
noticias.uol.com.br/eleicoes/2020/apuracao/service/ 1 KB
1 KB 39ms
16ms Script
text/javascript 2606:4700::6811:2218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://noticias.uol.com.br/eleicoes/2020/apuracao/service/index.html?loadComponent=projects/election-2020/election-2020-config&data={%22jsonp%22:true,%22config%22:%22ticker%22}

Requested by

Host: c.jsuol.com.br
URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a70c9799daf3ef74ecf4e75565d09ca038a83e37eced0ab40ed441248f40e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.intranet http://.uolinc.com https://.intranet https://.uolinc.com https://www.uol.com.br;

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12
content-length: 571
cf-request-id: 09d5e8872600001f15e5309000000001
last-modified: Wed, 20 Jan 2021 14:58:17 GMT
server: cloudflare
etag: "f840bcf63e0e529ed11e8b8dd262f924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GMdIxsH3jr54D9qImTpowZkf2a2rEu4wUUHrgdg7OoC05WvXMigPqDHWXSOICmlLmtxpF9gnjqAT9FiWS%2B%2BaOkwISd57lfKTk8XJnaWvny91iLE%2BK1Ks9jjLpFOT9WrN"}]}
content-type: text/javascript; charset=utf-8
cache-control: no-transform, max-age=30, stale-while-revalidate=60, stale-if-error=3600
content-security-policy: frame-ancestors 'self' http://*.intranet http://*.uolinc.com https://*.intranet https://*.uolinc.com https://www.uol.com.br;
accept-ranges: bytes
cf-ray: 649cdd1eafd81f15-FRA
x-cache-tag: 4000c5b97258b3868423d5a369fefdf7
expires: Tue, 04 May 2021 00:18:07 GMT

GET
DATA 200
OK truncated
/ Frame B1A5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ab24ce796851998fc905a034e17f43a4cdb76f445146c38d4ebd6d08a900920

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DF3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=
https://ib.adnxs.com/setuid?entity=101&code=CAESEHdL-BLEw1Y_X1r6hZYct_U&google_cver=1

43 B
1023 B

30ms
29ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHdL-BLEw1Y_X1r6hZYct_U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNW05Ogy9NQKQZGowXr43JTvJVO9opfqcjCCEJ1oynrhNMODQWTiw8RWUZo4CW_9eEoAAUYEgfcFWYRcHRWfKu2yQeKkrQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
X-Proxy-Origin: 91.132.136.84; 91.132.136.84; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.164:80
AN-X-Request-Uuid: 0825786b-7214-48a3-9667-aaa5b598085f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHdL-BLEw1Y_X1r6hZYct_U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DF3A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzIzMDIwODAwNDE2NTc5OA%3D%3D

170 B
188 B

26ms
26ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzIzMDIwODAwNDE2NTc5OA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 May 2021 22:18:11 GMT
X-Proxy-Origin: 91.132.136.84; 91.132.136.84; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid: eb93b7c9-e6b3-42c3-b082-6c283448200e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDkwNzIzMDIwODAwNDE2NTc5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DF3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBABnkvbaJ0uzZPWU14x1_M&google_cver=1

43 B
172 B

28ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBABnkvbaJ0uzZPWU14x1_M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYuvO3mAEwAQ&v=APEucNW05Ogy9NQKQZGowXr43JTvJVO9opfqcjCCEJ1oynrhNMODQWTiw8RWUZo4CW_9eEoAAUYEgfcFWYRcHRWfKu2yQeKkrQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBABnkvbaJ0uzZPWU14x1_M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DF3A
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjExODkxNjItMzQzOS0yOTI2LWMyZjUtZWQzYjk3NjJhYzA1

170 B
188 B

27ms
26ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjExODkxNjItMzQzOS0yOTI2LWMyZjUtZWQzYjk3NjJhYzA1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjExODkxNjItMzQzOS0yOTI2LWMyZjUtZWQzYjk3NjJhYzA1
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B1A5 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:12:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 597960
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 27 Apr 2022 00:12:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B1A5 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 419679
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:43:32 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 486C 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 01 May 2021 09:21:11 GMT
expires: Sun, 01 May 2022 09:21:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 219420
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BB33 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 01 May 2021 09:21:11 GMT
expires: Sun, 01 May 2022 09:21:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 219420
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/ Frame 7766 17 KB
4 KB 358ms
358ms Document
text/html 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c517ee8646c295ecee64db1300fbc76648c6e8f39459cd4deace234b26a27f

Request headers

:method: GET
:authority: live-tag.bannersnack.com
:scheme: https
:path: /banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/

Response headers

content-type: text/html
content-length: 3991
date: Mon, 03 May 2021 22:18:12 GMT
last-modified: Mon, 07 Dec 2020 13:46:18 GMT
etag: "10f138696ec8f9a04fa9968ad3e4d76b"
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 1v9yQfIlvhsl3LAR-P09wFhhIsnrwdXmN7I6PeIyqceZ230AcwfaUg==

GET
DATA 200
OK truncated
/ Frame 2EE7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c15f9b803d3f74fe2cf6b6e2ed7cd898fb621203cec3bd0e9515d3432daba421

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/ Frame 0444 17 KB
4 KB 391ms
391ms Document
text/html 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c517ee8646c295ecee64db1300fbc76648c6e8f39459cd4deace234b26a27f

Request headers

:method: GET
:authority: live-tag.bannersnack.com
:scheme: https
:path: /banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/

Response headers

content-type: text/html
content-length: 3991
date: Mon, 03 May 2021 22:18:13 GMT
last-modified: Mon, 07 Dec 2020 13:46:18 GMT
etag: "10f138696ec8f9a04fa9968ad3e4d76b"
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 49QqDJUdwxbJIBm43KGUtC3CGrj5gcpBvlF2yBD-yh4T4jPOyfez-Q==

GET
DATA 200
OK truncated
/ Frame D46B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec2d0132e5e6bea49a1058764b98b7fe831a0fac37c62a274ddd06bb811e2a18

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame C1BD 21 KB
9 KB 110ms
110ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=null&eci=null&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DAF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 33194
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Tue, 03 May 2022 13:04:57 GMT

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame 486C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 33194
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Tue, 03 May 2022 13:04:57 GMT

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame BB33 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 33194
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Tue, 03 May 2022 13:04:57 GMT

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 0986 21 KB
9 KB 112ms
110ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374947&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame D571 21 KB
9 KB 113ms
112ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 965C 21 KB
9 KB 114ms
113ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 44CE 21 KB
9 KB 209ms
208ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame B10C 21 KB
9 KB 200ms
200ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5683055452&eci=138348381137&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 958B 21 KB
9 KB 202ms
201ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:11 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 5f1168f467fe453203bf5e94251e266a.js Show response
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/ Frame 7766 83 KB
22 KB 32ms
32ms Script
text/javascript 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:08 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 13:46:18 GMT
server: AmazonS3
age: 31925
etag: "e9337589164f70d1d2400c1fcce0b739"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 21968
x-amz-cf-id: wbqQYNBMtMSnyP1vLB1FuDKZFOjVtwpDduyEoM3FR6eXEx47mmBp5w==

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1106 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=3548502355374588&bg=!ExClEFTNAAZLnZBaS507ACkAdvg8WpfpXCXIcj0MtcXn9CdlKa107ZoiHkYuBPxgd7bGSXN-CKHlCQIAAAEdUgAAABZoAQeZAlZiMyt2jnLjcvoSY-u3vkwDhsaEI7pW9DLEeHnGeldcHvmstxMne_BlByPUebnd0iEd2-5mgZeKHetXaIAu41GonLnwnhqX4en4pPnwz7WNrJEfd8tC5R2EzuweqGgS1pJ-ryjV328sDxiIi0mkel0bIHbn-wIb4Vg06ZhpCLJrP7vE8TsXnOXiooCtQ4fBMMhgLHd56vkHkSbbp-abo1ZbmoSZ_3DT68o8Y2zOUXE6nZEdtIB_i5PEaO_2LYCPAfGc3aPiS6rW-aow6dMPGKOYvJ-z-WA84F4zzSpkNVICqlNk-3Yy1p1sUTpNc8ixUB9Nwhc10EEE6dI0HCadqwtszKgAYG7p_sw3Jk0k6L_MPocw4TH-WYZKws7_EZ9D8rblFnwoC67N1qiXxLRg-QCzmcUmV8x1qJKiw8BJx1Qq1UtuTJSfg-vZLqxmyGbMFg9JW01duwZWkWBR0hBDWtoAdBgmxYcymfNulJqXMKkw-a4UVzgb-5kx5Q2bWSs93r6OQkrfq-yW9Q3wz-hfMeJ4vAYYy1oAxdimqGouQdQ66EsWJc6gTIN0E0jK5djcGqXgYU7zYYNdKcKSHHp4PGCFYUpwNk8CjTZNXCGC92IZw7v2y6LgogFCtZFIoO_e9gE5F2eUV3ytFPI7bkHI9sXT7Edk6Bgjs7_Dy8EoUrhiBHlnY-FzT8_X7XhDhLgseWSba-78aZJ0gha3wpJh09mx40WFWbrKi47VqxbhZiHOthmQkwZUcGDU2DFBar_NAYOJ-SxG9z4VzRFvGR8LZCWEBM1BlhU1

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 486C 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwOcWo3aQYJDrF7KElQelo4XYDQAAAAA4AeAEAg&bg=!iIuli8_NAAZLnZBaS507ACkAdvg8Wpu9jOAC5wFehf-ddUa6ajglQy-lI3bwoxb0GUnB73utX4p7bQIAAAEIUgAAABtoAQeZApWpZ1BehFSojgXooq9wpkXZ7KpeRgQ3LMmWoD-aVdYEb-ZLI1A3gsOL1zuTL6Ejnf7XBPQt_8FM2n_--5r9WdlNJgyuEsp8Twv7OBiisrB6qA-QQUA67hutscNYE8B-koKyg-CNl71yatjumJ3L4jXg3JzyMviCOGMzYc3o334mo6SBkj_Uy1iaN6hhTtmAxqgbsDEN6pa-uFWpSj785VZwwVebwKF9-95CzD62ZD9nO8ZuOnQjBklJOVWKoDMTMtyn07yBX2iFExtLwB9-TZKVN69WQVxd7RVUmy4IRAy8fFY4C111yvZN3sggsa8bUdYvS2KR2XcSA1PR3tMA3A1KCynXfib_jr0zmClKXzjv1oLrHqlDsx7FgZbgraJ1YeCPJDF7M-i8Y_EmVt4XE3ZvG_OR_uCnemEG5HySdkz6M-_Em7gccHoQbXI_4tMLwnHgqkYnFzNQZDORDCrv1DUio8-OINk0_MxDhlgQ2mfmituLnYsZAc3u3gI5gn47NAiD1o_zefkuP46ZTB4OWE2vJxYdEnbP8-2j0FhtG7utwJvA3pPHmC-KDOYMoNfIqxHEP3-mSXwKawXi4-H8VCwBacoGBjpdCNzu1izHDFkQnuEBEW3tgz51M7CvaffA1Yz0ZnDaEjouN3qikQsFfxwxfbflzxEfd8wyNUbyp6_3dU6XyG8mPe_JiPq9vl0IrD6qGEaSA4DntFtlWHZXqyLbMoXQxZsfMYBXIXaVenVOUXzHAKRxM5SkhIvhHgbMWCTWNlGVxXtCoURVTwHFtX6xt0Va2nw5AyQXPgbkA_6lnaiyjkBaHkV1zRCfZCyy7Q34LCy3w00QEIkqHTcmvK16biFkPuybK9vw-9N2Bn_Nla3vBlph

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5f1168f467fe453203bf5e94251e266a.js Show response
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/ Frame 0444 83 KB
22 KB 54ms
53ms Script
text/javascript 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:08 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 13:46:18 GMT
server: AmazonS3
age: 31925
etag: "e9337589164f70d1d2400c1fcce0b739"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 21968
x-amz-cf-id: jDaF2_OreL5A1u7-1cdNmykcpZj6xPbwwtmufDdrovziFrbmT2qH5A==

GET
H2 200 user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/fonts/ Frame 7766 1 MB
1 MB 45ms
44ms Font
application/x-font-ttf 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/fonts/user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d

Request headers

Origin: https://live-tag.bannersnack.com
Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:09 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
age: 31924
x-cache: Hit from cloudfront
content-length: 1459860
last-modified: Mon, 07 Dec 2020 13:46:18 GMT
server: AmazonS3
etag: "c2cfd15b83f82e9b9ce6579f67d289e7"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/x-font-ttf
access-control-allow-origin: https://live-tag.bannersnack.com
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: FI7UNwbJt66DRnallD5TNnhvPZf2cX6scVmi8eMGSa3uJ1PnHvn2_A==

GET
H2 200 a7d047259bdea4b2b509eb942f43f4bf.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 7766 5 KB
5 KB 72ms
72ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/a7d047259bdea4b2b509eb942f43f4bf.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e4c1bd42e97617bc7f374a7694f589744bb36d8f5aadddb3cdd0bc5aa37a539

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:09 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:17 GMT
server: AmazonS3
age: 31924
etag: "a7d047259bdea4b2b509eb942f43f4bf"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 5113
x-amz-cf-id: LzYHH9yBI7n-tsGMSfnTfvkdTRCctddO7gk3fZnhkLkWwBiUhXd4Wg==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame 7766 154 B
325 B 514ms
112ms Script
application/javascript 18.204.252.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=b1nsrsqem&n=25&c=bsStats_b1nsrsqem

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.204.252.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-252-247.compute-1.amazonaws.com

Software

Resource Hash

249d2b2fbdeab73783ca82b7cce504a60320d3ea2c8af80c2e2ff94d7213ed6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:12 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB33 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZYbDo3aQYNeVGt2px_AP4uuhaAAAAAA4AeAEAg&bg=!KimlKW3NAAZLnZBaS507ACkAdvg8Wn5E3WR_DNs61p9wJ7O1aq0jYg_N8RUcA8Eh6s-hpqX5WwlW7wIAAAEYUgAAACpoAQcKABgcKi9806GScJByYeDQYgb3S04NM1C8WWmZAocCnzD37rMiVQk674IaYAdaRFTLRLz7c3C5GLAV6rvMW2Mngq0mYdYRqvpDD6yvW-aLU_tAfi_zrleyzdgpE9DGp6Id0W5IpovLM0KyHd9oDuL1SzFdlKT-OdjCS8lDMXsDVJs7-5WWtJqZbeDr7UkMgYSAhB_BbKC_-EPWoFGKoplHQ4bucEgLP7-CTg_vnm9FvUcUM4gis9ksb5_wEIL4-CcSPxAL3W0nS68IfhQOXk5ck4PlJ1SArfgQr8lc2CYGCuQCm2Ksc45dAmpJetdVxNAM-pMqOaNk_vNZ3OyMnO4_K7Lb_qWgOOgTINhtOnT83efu4CM_njab6C-kvKH39A6NYOvhv2Jvr18oVwziRFbzJMFQrInaQQdstJWzdoOSBWPHtN4M5G_6tJ-WvH2XnMi1zDcvY2wWd1BqKor86bHjEcl8a0p7f8oGkmtAC3KWtwQuLHgBygcHOIqwPc7YJPmR_6VSGIa1u0H4JlyWPbxN5u1l52TB0EfnHBMg_1KvQqXRw9YBcgMlzC1u_hDKCY7cL-UeRqAisKTvRZfb1V6Q3qYQMiswxH73K9wN1Ao0noaPPMzNdGvmvCVoXJvnvCc99MroCpvajjtvYOLZYNYP-jdNWco3ZyxpBWtx3nhS5NACAYz3L6Y16dscFGyoNU1sVz9Q9pLUuV7p-t6f81NIzbxRtgehIjGKKmNYJxjNdqYz3Z7A8HeS7mUaF_J11gobHr3RgqkiBa5cstGvLOWP92BSVEpmVRgKG7ULgolYfxBltZsoC1t_yptwfd24R9cEJJI9jbhRDZmwtSHDZ2veksqKfG6C7oclwczWi7saPDun5y57Ht3dVhCDkzF5MwqRaKZiig

Requested by

Host: 7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
URL: https://7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a7d047259bdea4b2b509eb942f43f4bf.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 0444 5 KB
5 KB 29ms
28ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/a7d047259bdea4b2b509eb942f43f4bf.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e4c1bd42e97617bc7f374a7694f589744bb36d8f5aadddb3cdd0bc5aa37a539

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:09 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:17 GMT
server: AmazonS3
age: 31924
etag: "a7d047259bdea4b2b509eb942f43f4bf"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 5113
x-amz-cf-id: EVeAO0z-QkcPYhbzQ1gbp9mYvMHn7EZvxD8RoB_VxiMBjXGaDosXnw==

GET
H2 200 user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/fonts/ Frame 0444 1 MB
1 MB 29ms
28ms Font
application/x-font-ttf 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/fonts/user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d

Request headers

Origin: https://live-tag.bannersnack.com
Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:09 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
age: 31924
x-cache: Hit from cloudfront
content-length: 1459860
last-modified: Mon, 07 Dec 2020 13:46:18 GMT
server: AmazonS3
etag: "c2cfd15b83f82e9b9ce6579f67d289e7"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/x-font-ttf
access-control-allow-origin: https://live-tag.bannersnack.com
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 9GNnKaNqhGxJ3y9-PrQJylkHG0nGhN4q5BIhHq4B33oyQyZNVRQdoQ==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame 0444 154 B
324 B 112ms
111ms Script
application/javascript 18.204.252.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=b1nsrsqem&n=25&c=bsStats_b1nsrsqem

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.204.252.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-252-247.compute-1.amazonaws.com

Software

Resource Hash

6a0dd0839796076e1c35b105c143db7b79ccae1b9e32f123a9cf58c66d314a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:12 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 95D1 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH-nHvx9u2tSTr_hia5Rpoqf-RemqVLDfFkLKZuSUXciyqMIwhkM_fda6ZgGIxOPhaSR4I4EwAFcw704IV7AcQl3mPsa_yUzHLWL5etuVbG4C7A0CI&sig=Cg0ArKJSzIRu89U--6j4EAE&id=lidar2&mcvt=1253&p=1082,720,1142,1020&mtos=1253,1253,1253,1253,1253&tos=1253,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2321965323&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620080291208&dlt=0&rpt=180&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2159 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZv-LbjAjqxmgUrMqFRnJYRcAtwjp40bxIqHshIHgSIaHd5s5XkQcS5folOY1Ua5-FZJkS3vqT468IOjbjKmaD1UrNHoNkvaHbEmbEX9fbBSZgB_TP&sig=Cg0ArKJSzM2g9UrTtOP_EAE&id=lidar2&mcvt=1255&p=1140,640,1200,1108&mtos=1255,1255,1255,1255,1255&tos=1255,0,0,0,0&v=20210430&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=765604454&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620080291208&dlt=0&rpt=177&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 7766 672 B
360 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 20:56:54 GMT
server: ESF
date: Mon, 03 May 2021 22:18:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 22:18:12 GMT

GET
H2 200 c5c0842a67c836eeeca1056bf14c2e05.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 7766 180 KB
181 KB 31ms
30ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/c5c0842a67c836eeeca1056bf14c2e05.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3c95078f581f7252c3894266c07132443db49466b78642faca28f18e8614f8b

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:11 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:18 GMT
server: AmazonS3
age: 31922
etag: "c5c0842a67c836eeeca1056bf14c2e05"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 184755
x-amz-cf-id: k0So1dZ5Dx8_lU3Py_OVbx8HMtUGMUwHEmbFgHmVTJo7HBrd5W4jjw==

GET
H2 200 a7d047259bdea4b2b509eb942f43f4bf.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 7766 5 KB
5 KB 26ms
26ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/a7d047259bdea4b2b509eb942f43f4bf.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e4c1bd42e97617bc7f374a7694f589744bb36d8f5aadddb3cdd0bc5aa37a539

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:09 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:17 GMT
server: AmazonS3
age: 31924
etag: "a7d047259bdea4b2b509eb942f43f4bf"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 5113
x-amz-cf-id: SeI2jbLXS7pSzhlYUp1a8XTYWCTgNgaixo_RNsDvFoSHWqTaHmSswg==

GET
H2 200 90b64bdc05e626dc71af907aefda3bbd.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 7766 70 KB
70 KB 30ms
28ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/90b64bdc05e626dc71af907aefda3bbd.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 683927ce48904f371f977c1240e074816187cbb6f96d66525a39f26230b7254c

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:12 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:17 GMT
server: AmazonS3
age: 31921
etag: "90b64bdc05e626dc71af907aefda3bbd"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 71178
x-amz-cf-id: uU-VXqp00wODiSBgTRgnxpv6hG19YBbrkm-luNJxIZBG4wX6lZNJCw==

GET
H2 200 be124a930734a3f1be09a1924dc7348f.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 7766 2 KB
2 KB 30ms
29ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/be124a930734a3f1be09a1924dc7348f.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63aa2fbb8b33647f08118e73651eb17f48dbc2d6da58d7868013d3ef083d5904

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:12 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:17 GMT
server: AmazonS3
age: 31921
etag: "be124a930734a3f1be09a1924dc7348f"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1801
x-amz-cf-id: hJeVPkA4WiIDoJcVkfsZuhihPZnYeUEiN8CHZu7eE66v2LLlh9TMrQ==

GET
H2 206 Legs_Education_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 7766 2 MB
2 MB 120ms
94ms Media
video/mp4 2606:4700::6810:c172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Education_FR_MASTER.mp4

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCNyRJonaQYJX2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0AFP0MnNwSHWSXaHzJ3EsO2MTdrKjyzM5ITMBO24zQGVZBu-RxuHY2RYd2x6hkLMp3_Dx60Ti-D6-Pm5CJNil0k1COYT-5te_QSgaBp28u-PLGMZTKui2yP_zbyA_BkVDjzW00SVYoafhk3w-_QkBKQxOlwLlrTROPLylc6Z6K-ILmVt_j8_GED0JksGDzH_mDChiW5Ydj9KMW4yWsZW1ajJzkQ1e3fUPH_eoeHgAoBYaaKMTmsAikHg_47xDY8lks7l_nPG-ZUWAM2n0h0eWzKtwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRolQ4QU-EkS834Akm71jwn_GBtLNO4NKTDoQ_vmyqbYZKWzAqsMN6k4t0GmOgaKxddO-GtjUWuvKbUwG8%26sig%3DAOD64_3kOwtZS6sg2VzYiRe3JqgjXRyq9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-D98OuoCA1wnEQHXE2ZHSD4Bh9mQmHd0Ec9bni_2VfbecwYDFE5FjY5SyYXIk77PuC_BlmeH8iKbn4n4Twolzkb5L8jd-DjSZqVIKGTcmxZ36xgwe8vYq1evSJeNQYzxMMx6dLlijPbox3FULPSfOT6muMFbQ%26cry%3D1%26dbm_d%3DAKAmf-D9EjIQSmkq0m3cqJQqaMmzIsS4IdOPSVHyopAw6bp4R9dpT1bZsUlhXaHImUtDH6c1bHwWWk5YL3GNzzZu9ZGBG-ZLMYZpn6xVoKnyZCXbuvYYC44UXArWfsoWdbqRzdPIpa5hzZGPf1Nc68XEplx9YGho-7ypxsKhLOopYKGffUsyareoU7_eEF9ZgXMWu9o3UqIn_rI1BhEdSR4D9JPa0fjOs3zMx8GbHBmd_1G2rib5qRzCMQucq29ufWmT4kgbWWtWKKVfXfeYuDssO_91d_X2ijn-t_gUJ3snv3ryGM0BZnWzbCkALUY4_RvESqbLyR3SYAJ6n7SLTKh5LcHaNdJ-Cta3D23AVGhRpLusxj_DFgCt_6b-nAq_Geam5E6Ln-8EB29-fuLNlkRzhznkI966Lbx37jKRrKLmwqOu5B0Qjp9iEhOfm0Gd25XcvtlakxU_TrfXsuSE0EbBY_wOhWcJyQ%26adurl%3D&userId=41947456&networkId=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fda66347f754500639a66bd23e4bb776ff697494961e6c6c369a7354fdba137a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://live-tag.bannersnack.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cf-request-id: 09d5e88b240000d6c1a004e000000001
x-amz-meta-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
age: 31920
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: WJPZZTXV34CDTARC
etag: "4ab603de2ff07572a2a2533cdce01efa"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1606728962775
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Mon, 03 May 2021 22:18:12 GMT
via: 1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: WAW50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 0-2338520/2338521
Content-Length: 2338521
x-amz-id-2: ItRRDwdqbsy77b+2kg54nhkIiNuPj+SRTBLrfgsVQkqv0IzPPyudrWMM0GfzYBWbcZIVZiTRZXk=
x-amz-meta-index-tag: all
last-modified: Mon, 30 Nov 2020 15:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: HKvInhsakM6G4tDghL4.AswyD2UDFoi1
cf-ray: 649cdd250d71d6c1-FRA
x-amz-cf-id: CIAG0lrLt0Nxilv0QHsQACPg0Ij7VHa_TL5Jrhgg8SzYcXawAiNX2Q==

GET
H2 206 Legs_Education_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 7766 30 KB
0 137ms
112ms Media
video/mp4 2606:4700::6810:c172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Education_FR_MASTER.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://live-tag.bannersnack.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cf-request-id: 09d5e88b240000d6c179bb0000000001
x-amz-meta-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
age: 31920
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: WJPZZTXV34CDTARC
etag: "4ab603de2ff07572a2a2533cdce01efa"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1606728962775
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Mon, 03 May 2021 22:18:12 GMT
via: 1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: WAW50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 0-2338520/2338521
Content-Length: 2338521
x-amz-id-2: ItRRDwdqbsy77b+2kg54nhkIiNuPj+SRTBLrfgsVQkqv0IzPPyudrWMM0GfzYBWbcZIVZiTRZXk=
x-amz-meta-index-tag: all
last-modified: Mon, 30 Nov 2020 15:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: HKvInhsakM6G4tDghL4.AswyD2UDFoi1
cf-ray: 649cdd250d72d6c1-FRA
x-amz-cf-id: CIAG0lrLt0Nxilv0QHsQACPg0Ij7VHa_TL5Jrhgg8SzYcXawAiNX2Q==

GET
H2 200 90b64bdc05e626dc71af907aefda3bbd.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 0444 70 KB
70 KB 28ms
27ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/90b64bdc05e626dc71af907aefda3bbd.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 683927ce48904f371f977c1240e074816187cbb6f96d66525a39f26230b7254c

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:12 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:17 GMT
server: AmazonS3
age: 31921
etag: "90b64bdc05e626dc71af907aefda3bbd"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 71178
x-amz-cf-id: qPE-3IsHkhOZpEZmFkpHGEX_hncVsGjtiD2zTaia1XkM6E6atD0q2A==

GET
H2 200 be124a930734a3f1be09a1924dc7348f.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 0444 2 KB
2 KB 28ms
28ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/be124a930734a3f1be09a1924dc7348f.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63aa2fbb8b33647f08118e73651eb17f48dbc2d6da58d7868013d3ef083d5904

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:12 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:17 GMT
server: AmazonS3
age: 31921
etag: "be124a930734a3f1be09a1924dc7348f"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1801
x-amz-cf-id: LUX6ueC1O334Vw3UfB-0ND71Kp_AxviJYzLRjleq1cAmySj3bGRpGg==

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0444 672 B
360 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 21:10:47 GMT
server: ESF
date: Mon, 03 May 2021 22:18:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 22:18:12 GMT

GET
H2 200 c5c0842a67c836eeeca1056bf14c2e05.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 0444 180 KB
181 KB 27ms
27ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/c5c0842a67c836eeeca1056bf14c2e05.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3c95078f581f7252c3894266c07132443db49466b78642faca28f18e8614f8b

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:11 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:18 GMT
server: AmazonS3
age: 31922
etag: "c5c0842a67c836eeeca1056bf14c2e05"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 184755
x-amz-cf-id: Rdwl26EUbLg3vCPGhbgweasUlnGzTz3UBGvUNN-v8swf9rXQmjpPew==

GET
H2 200 a7d047259bdea4b2b509eb942f43f4bf.png
live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/ Frame 0444 5 KB
5 KB 26ms
26ms Image
image/png 65.9.84.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/media/a7d047259bdea4b2b509eb942f43f4bf.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e4c1bd42e97617bc7f374a7694f589744bb36d8f5aadddb3cdd0bc5aa37a539

Request headers

Referer: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:26:09 GMT
via: 1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:17 GMT
server: AmazonS3
age: 31924
etag: "a7d047259bdea4b2b509eb942f43f4bf"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 5113
x-amz-cf-id: P0-FcR9QBHgqDQEVlw9fN3Fc14th4V0FALcHSaW_mdodyHBThepb0g==

GET
H2 206 Legs_Education_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 0444 2 MB
2 MB 116ms
112ms Media
video/mp4 2606:4700::6810:c172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Education_FR_MASTER.mp4

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fda66347f754500639a66bd23e4bb776ff697494961e6c6c369a7354fdba137a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://live-tag.bannersnack.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cf-request-id: 09d5e88b250000d6c1d28e7000000001
x-amz-meta-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
age: 31920
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: WJPZZTXV34CDTARC
etag: "4ab603de2ff07572a2a2533cdce01efa"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1606728962775
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Mon, 03 May 2021 22:18:12 GMT
via: 1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: WAW50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 0-2338520/2338521
Content-Length: 2338521
x-amz-id-2: ItRRDwdqbsy77b+2kg54nhkIiNuPj+SRTBLrfgsVQkqv0IzPPyudrWMM0GfzYBWbcZIVZiTRZXk=
x-amz-meta-index-tag: all
last-modified: Mon, 30 Nov 2020 15:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: HKvInhsakM6G4tDghL4.AswyD2UDFoi1
cf-ray: 649cdd250d75d6c1-FRA
x-amz-cf-id: CIAG0lrLt0Nxilv0QHsQACPg0Ij7VHa_TL5Jrhgg8SzYcXawAiNX2Q==

GET
H2 206 Legs_Education_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame 0444 64 KB
0 171ms
167ms Media
video/mp4 2606:4700::6810:c172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Education_FR_MASTER.mp4

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxuxSonaQYJf2Ct7X7_UPtIS-sAjWntXMYrC5m6eODfAuEAEg3Nf7ImD1lc6B4ASgAYzPkd4ByAEJqQKUoe5tr2ayPqgDAaoE0wFP0Brw5cn7_QK6VOym2vqeJ1XIWnOmOlfH5AZJZXkPfMWqQnB88UMJw8_HBInNNVJ0nXNtHp6F0UUCkVVZd7YQsryQ5inDNbh1wT_fr1nY5imBVSQL8sN8aJijC8odbHlQsiLZiZkRgChjg4-gMFCMm5o8FjQCU9ZdODseMcepLHp4YcYWRc1BaXqTEn_HnqSHwYonO2vFaQRD6_kS5kSFTmVA73pgfqAPvsjdiiAzq00zqJwpOFf0RV_oYP7r-b8kzUJDcesuRiaT_NKqoOhKVhGpwATBoaqbqAPgBAOQBgGgBk2AB9yw7qECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgEAQARgdgAoDmAsByAsBgAwBsBOti7cL0BMA2BMD2BQB%26ae%3D1%26num%3D1%26cid%3DCAASPeRoq3L2ptKFHMOp8Xk8Bg_EawxmXQMdK421yxWqkrTVapFgrp9DRM1Dp86tG_1zUuZtV3M7rcAQ0GBmfrc%26sig%3DAOD64_3gydB-LFXir7VWHoCQp9Trwj8f9A%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-BdUS0WbMKm9LvefsD7f6HmsmmZE5tFVIdGfsrtO70u0o_54BzuOl8ycNEzXGdgmwVnCjPwsHV7zdgr1PQpw6N8Zv1-rKFMM7bwEuVrNarN4mZ6hn7cd5ncQHOIKkP1OZGshqtFiS83h03_xh2qAjpwhcLK_g%26cry%3D1%26dbm_d%3DAKAmf-Dbm7352t3QQ3mq2Jj3bP7jqAcf4DEjD-cGF64t4PprCaLPsWAg2eWQQdwvndjjlhJLdZ6UnNoYdb7jha9pY0rTU8zM-G2OfYuHbxn8im4rnD7oHTX_nPUFnEmoCiG08zLdm3GzzqTr7jNugL_lYHFVzoJzXGoAmY8kEuNNdOZ0h2VIRp9jCU7DT7otui6QjVBoLdW8SxY-MiElpNlumc7gFVZGr7PK7IofyimL28lnkS87p0SNTK5MEhUZJeNnsqRFAi332ZWWyyjU5SUPj-ujyhCmH5VUcAGMnq4QvWFGUXDbgjO0jLlxpZphfoDZitrMfXu4HBPwjJzfuA-YyNChQFG8M1pNaGqMdGPqMhmA7K88x9PlJS6Yr4KbUofFSX4372ETcLxQ4aaqlWsqzrlvRNBO_JCPkOmjWXyYr7fSIX4Fg-H_H1I2vr32PCR_XjXgtz18L370I0pYdceHBvDJG155LQ%26adurl%3D&userId=41947456&networkId=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://live-tag.bannersnack.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cf-request-id: 09d5e88b240000d6c1dba87000000001
x-amz-meta-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
age: 31920
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: WJPZZTXV34CDTARC
etag: "4ab603de2ff07572a2a2533cdce01efa"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1606728962775
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Mon, 03 May 2021 22:18:12 GMT
via: 1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: WAW50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 0-2338520/2338521
Content-Length: 2338521
x-amz-id-2: ItRRDwdqbsy77b+2kg54nhkIiNuPj+SRTBLrfgsVQkqv0IzPPyudrWMM0GfzYBWbcZIVZiTRZXk=
x-amz-meta-index-tag: all
last-modified: Mon, 30 Nov 2020 15:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: HKvInhsakM6G4tDghL4.AswyD2UDFoi1
cf-ray: 649cdd250d73d6c1-FRA
x-amz-cf-id: CIAG0lrLt0Nxilv0QHsQACPg0Ij7VHa_TL5Jrhgg8SzYcXawAiNX2Q==

POST
H2 200 enqueue Show response
stats-api.bannersnack.com/v1/ Frame 7766 20 B
378 B 541ms
447ms XHR
application/json 143.204.202.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-api.bannersnack.com/v1/enqueue
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-105.fra53.r.cloudfront.net
Software: /
Resource Hash: 5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 May 2021 22:18:13 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 7dc3a37a-27fe-411f-9d1c-db5fda5ea833
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-609076a5-397efa8a1f1f7bb36aacae91
x-amz-apigw-id: exd5zH-wIAMFvaw=
content-length: 20
x-amz-cf-id: 7FKdxqXJG7_32YnvZf9BZ_y-7WcSDC6B5EKggMY8aY2T-3sbmlOo4w==

POST
H2 200 enqueue Show response
stats-api.bannersnack.com/v1/ Frame 0444 20 B
379 B 423ms
331ms XHR
application/json 143.204.202.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-api.bannersnack.com/v1/enqueue
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/b1nsrsqem/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-105.fra53.r.cloudfront.net
Software: /
Resource Hash: 5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 May 2021 22:18:13 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: f1f4182d-84ef-483f-aa39-894944730976
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-609076a5-28340d63177dc90f00aa98c8
x-amz-apigw-id: exd5zHgLIAMFvqA=
content-length: 20
x-amz-cf-id: kjdripp9LqcL8XHR0Qxo40VVXyWav5shhtI0NL1vbRJhhRj5kxjYHg==

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1369351604725042700/ Frame 81B0 50 KB
50 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1369351604725042700/downsize_200k_v1?w=600&h=314

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f3f0546b16c629198f2af75c236e1c58b7955404f9450fb73ed2f1c2eba40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 22:01:49 GMT
x-content-type-options: nosniff
age: 87383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51230
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 07:11:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 22:01:49 GMT

GET
DATA 200
OK truncated
/ Frame 81B0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 81B0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bda22dc79202ec312543dd814750dc088b10347d8f839c3f72e2ccdf024f1c86

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 81B0 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 420370
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 81B0 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 420401
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:31:31 GMT

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 65 KB
16 KB 21ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1601936
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15507
cf-request-id: 09d5e88c4600004ea32632a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-10424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z0v4MnEfPeLFDQ7K1DVQTdD9gho4tv85yItYz7Z6ICAO0zA6u63C%2FLrTFBdiCs%2FPdPGcQ5lleY9elwCtEvtV04f5HnhYxkgR8A6nA7KtYMWqm6qtdot%2B5BPc1V3cR8LudA%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 649cdd26d9384ea3-FRA
expires: Sat, 23 Apr 2022 22:18:12 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
662 B 178ms
140ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3wvj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.opovo.com.br%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 03 May 2021 22:18:13 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0b66fb5bcb99859ff0e006436c55d10c6dcceb3946dd7f7d8dcc1c2636782098
x-transaction: d601b30e54d81433
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
594 B 398ms
129ms XHR
text/html 35.223.116.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

8deb6f4f2915f94900684e60d6e3b9ff241d3f1d45ad86e9c430a3aa5193c24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 03 May 2021 22:18:13 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.opovo.com.br
access-control-max-age: 1728000
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48f3c66dc097dc4bbee2a1b10b219b5e03b21cac5cd464f1cc4d84223fa28fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 May 2021 22:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7481
x-xss-protection: 0

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 192 KB
54 KB 30ms
30ms Script
application/javascript 143.204.101.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c760f7c8b1df0176ab56978462904ed5be65ce92e656d07ce8b9405d1fc73972

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rL6mLTlIdhAYlrT3Eo5bYDkD.2hTAkSB
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 11:22:57 GMT
server: AmazonS3
age: 58973
etag: "916a0e617e98df82a5dcec6d97601520"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
date: Mon, 03 May 2021 05:55:21 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 54836
x-amz-cf-id: YAkf9vNiJsuThjNQEep6trNdLGefdX1P6HdAWBqZGQ3Nd73Ifyn7dQ==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 10 KB
4 KB 31ms
30ms Script
application/javascript 143.204.101.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-103.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f540d433a251ec9e77bd82b69332402f7066de4a30eb669cc994533d2bc968c

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iGCdVNXh8OADIElSgnaZ1aMl0Ytd3ZsV
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 13:16:44 GMT
server: AmazonS3
age: 70110
etag: "5aff0fd316645aa816c25636aa98fd7b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
date: Mon, 03 May 2021 02:49:43 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3902
x-amz-cf-id: 5vOnw5vM6_rFTUw-UFIzAoUtAl07ihzbbFYPFmx8X4xSFCJ8HKNX-Q==

GET
H2 200 _adview_.ad.json Show response
cdn.webspectator.com/ad/banner/_adsense_/_adserver/ 0
165 B 193ms
168ms Script
application/octet-stream 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webspectator.com/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=64893281
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:13 GMT
last-modified: Tue, 11 Oct 2016 11:19:36 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-length: 0
x-cache-status: MISS
content-type: application/octet-stream

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 03 May 2021 22:18:12 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 57A1 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 03 May 2021 20:50:20 GMT
expires: Tue, 03 May 2022 20:50:20 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5272
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
79 B 380ms
123ms XHR
application/json 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://popups.rdstation.com.br/popup/show.json?account_id=86280&uniq=_zb0owibef&ref=aHR0cHM6Ly93d3cub3Bvdm8uY29tLmJyLw%3D%3D
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 May 2021 22:18:13 GMT
content-length: 13
content-type: application/json

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame 57A1 14 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 13:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 33196
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Tue, 03 May 2022 13:04:57 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=2162795348329942&bg=!7e6l7qrNAAZLnZBaS507ACkAdvg8Wtg5wsNfLc0jKiieMLrK_PyNXphzeSR3RyfyNazO2mPrljaSfwIAAABdUgAAAA1oAQcKAAnoLaED6cgUtaaZAknRO1lgGxCL91VbiM7rWRBtbcRdLfKXAwcX_t2PFbfilBpHXQ6uwBRXmcqiRtrOdDK1gM5reOVk1OLu9A12D4IxQSnbXog6WivBS35Vy7ToL7Ynz7I18OgNJEgja0-nupETwEWCY3kBv5gjOYhU7r1wTXzmDBIe2dr85U9VmldWgM2OyfSvIW6GkZLMghLtqLVydR_bi2XdZOyHQ9uNL5pDpXSrrFqUb7xgZHeaVZJVzGdVMTTVDwgVfyhoJ54QnrnfBEvm5nrFqbzm3G4B94_xeCrHOuIhq2D3IyoY8dYxbFBWwyRBPlwsvg-WPiN9od1y0U2pQnAqTsf7KCtA7DPN9EO4DirR5YoumKfM0hHBzeZmguKdyUYOHMuOTD8mtktaUnyM5_6WgHHdDyeQClkyCgdKBhNP2NPXGZ3YZNYUuohCP5tx6cyJmCSfxOczvVWykDEobvmz5ElnoTulgYl9ZALaiOVShJsslLXos7MVTwDzrZSpti3qwT_I2cQsaBusHrT6ofOpz9iBitjliAqzZu4D5BGVJSRz75Z9WZcMYYJzpfbekZSUY2xvhN9iS8dYcTjvJIIpmNSGEn5R3lz3uBqwgIKoyZ1chuIjR7DgCLLO25M0koAiahgO0MS9SarbSq0ZSmD6zEckmfiZQnHj4R5Fws4aaRa5WsZAORf5d9IIWZ_tQmj1jWwkc5TQ13Sh2ah2CH3DREI8qpsVq_9TlMrfWsANGUfhUkuam4ThNM0DvJkujjj9XFhZVaFOcQ6pdIa_ezwRcCQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1106 80 KB
26 KB 41ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:13 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 04 May 2021 22:18:13 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6504 0
150 B 40ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.opovo.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.opovo.com.br
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1298
date: Mon, 03 May 2021 22:18:13 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1106 80 KB
26 KB 40ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 22:18:13 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 04 May 2021 22:18:13 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 81B0 42 B
176 B 45ms
45ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfCCIKO3cB6WWiOuw2HMq_8QGt9NggiEVtvHJA-3gUajHzVkOv_R5APkaRa7O6dlUE_IHgQnsKLYFYEDxOr2JL7GnRR5bQJti-jBEYQzzqCEHYVTgTECyY3E86Y9LSuqCu57jLMf3voSKz0RYBRSxb&sai=AMfl-YSqwMYZHH9QQL1rCTKLLefboUdSdOodAvOtrDy_hz2tbmot_p2-r0BDRg9286_Rh9jgjbpAS5W04INwgUUSLAE1CjPqDeyJ4txREYal8v61_nyeBVdBK0O0yS6ACXA1&sig=Cg0ArKJSzAKJGrfoOQYKEAE&cid=CAASPeRohpQixIhvZ1skLNFlQpyqw6-ahSlu15bP1cBwD8Zth4LcyrwXWNNY8teDQK6yb3ze-Zbe1L3HpacKECY&id=ampim&o=0,0&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=1438&tls=2438&g=100&h=100&tt=2438&r=v&avms=ampa&adk=2678070680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
86 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=925587003&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fopovo.com.br.eu2.cas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RD%20Forms&ea=Viewed&el=escolha-de-newsletter-5b7e7a60e997e46fe455&_u=aDjAAUADQAAAAC~&jid=1946001604&gjid=1943404167&cid=1717621182.1620080290&tid=UA-23310373-1&_gid=1337148515.1620080290&_r=1&gtm=2ou4l3&z=1563460346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=1946001604&gjid=1943404167&_gid=1337148515.1620080290&_u=aDjAAUADQAAAAC~&z=324637479

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 03 May 2021 22:18:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=1946001604&_u=aDjAAUADQAAAAC~&z=2022989103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=1717621182.1620080290&jid=1946001604&_u=aDjAAUADQAAAAC~&z=2022989103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js(Line 6) Message: GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:10 AM) version 1.6.4
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:10 AM) loading dep https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js(Line 1) Message: LeadTracking initialized
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js(Line 1) Message: TrafficSourceCookie initialized
console-api	log	URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter(Line 3) Message: %cnobeta%c formats alert,preparagraph color: darkslategray; background-color: sandybrown; padding:1px 3px; border-radius: 3px; margin-right: 7px
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.opovo.com.br/
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:11 AM) UOLTEGeoLoc callback EU,DE,, undefined
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:11 AM) script loaded successfully: https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:11 AM) loading config file
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:11 AM) config updated: [object Object]
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:11 AM) ticker is inactive
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:11 AM) destroying websocket connection
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (12:18:11 AM) script loaded successfully: https://noticias.uol.com.br/eleicoes/2020/apuracao/service/index.html?loadComponent=projects/election-2020/election-2020-config&data={"jsonp":true,"config":"ticker"}
console-api	log	URL: https://www.opovo.com.br/(Line 2189) Message: banner visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2184) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2184) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2261) Message: Service worker registered. https://www.opovo.com.br/
console-api	log	URL: https://www.opovo.com.br/(Line 2189) Message: banner visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2184) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2184) Message: banner não visivel

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7405cfab04d097e05557236a0617b170.safeframe.googlesyndication.com
a98c86199db062a0261c4f6ce3aded41.safeframe.googlesyndication.com
adserver-us.adtech.advertising.com
adservice.google.ch
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
api.nobeta.com.br
bidder.criteo.com
c.jsuol.com.br
cdn.ampproject.org
cdn.webspectator.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d335luupugsy2.cloudfront.net
dsum-sec.casalemedia.com
f.hubspotusercontent00.net
fonts.googleapis.com
fonts.gstatic.com
forms.rdstation.com.br
geoip.canais.uol.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
live-tag.bannersnack.com
mcasproxy.azureedge.net
msgws.webspectator.com
mts0.google.com
noticias.uol.com.br
opovo.com.br
opovo.com.br.eu2.cas.ms
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
pixel.quantserve.com
popups.rdstation.com.br
prebid-us.creativecdn.com
rules.quantcount.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
static.criteo.net
static.hotjar.com
stats-api.bannersnack.com
stats.bannersnack.com
stats.g.doubleclick.net
t.co
tag.navdmp.com
tpc.googlesyndication.com
us-u.openx.net
vars.hotjar.com
webservices.webspectator.com
wfpscripts.webspectator.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.opovo.com.br
104.244.42.133
104.244.42.195
143.204.101.103
143.204.202.105
172.217.18.98
178.250.0.165
18.204.252.247
185.184.10.30
185.33.220.243
199.232.136.157
216.58.212.130
23.218.208.246
2600:9000:2104:3c00:6:44e3:f8c0:93a1
2600:9000:2104:6c00:1f:f9d:b880:93a1
2600:9000:2104:c200:12:c12e:4e80:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:3033::6815:3a6d
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6810:c172
2606:4700::6810:ff3
2606:4700::6811:2218
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:64::210:6bc1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.228.251.145
34.234.139.177
34.68.90.188
34.98.64.218
35.223.116.65
35.244.156.216
52.1.252.251
52.157.233.49
52.222.183.60
54.230.183.102
65.9.84.55
65.9.84.95
017ee2612ecc9b8246c951158c0982c263679899b0bb803a101d06e5be06151d
01ad26baf9fd0f1d9aa59a0ac97df62f3db53650f0a0847b8cebd803da217588
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
043f2ffa258f7e930bcb6f5dba61677e89dd83a9c6836dabc287f552c45baf9c
0605a98ab68622e377dbe055e59c85c1a0ee09f173eb73b5c42978857d7057d8
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
087ae4bb9772c8b2f47901dc15a83e71d20f39dfc72efedf642a91a447b0367b
090e68adead733e6c4f72552fe5d5808ea5ae87d937ed40de5a3ad72284ae1b6
094f185cfcb993d51c2047ca1ba82e1b4609fac9cdec41a4c464c55e5c4bef1f
099a459c4c53de372b0ac39bae945609703ccb5c35773eebe44a6efb0f7e3eb8
0aae567ebb6c57dd57f9a707342c89ebb71da10379074ad34737a1b89d3accef
0acdc8dcedf20ab2aaa7164d7cac2404d4a3b28c1f3f672d55d93f58dd2aab06
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bacbb83008c40eb7e5159756c78659cbbc5691f1153c6936d961a412e80f997
0bba4ee8766e7683a421df6e1c097c303b940d05b3f8139a01bc0ec910d9b6c8
0c0b815da34e348481b3b4e65deb65d9b29710005b2911d02348e705c481013e
0c6f5ba88cad1d6fef6754b17eff1abfb532089184774d12678b8ce6dccb04f1
0e4c1bd42e97617bc7f374a7694f589744bb36d8f5aadddb3cdd0bc5aa37a539
0e6a8af98d6fbff175f0a9521f1f9c92a045df3040dff49955b8a7ab6705806b
0fab1be6082e6740df9de7635b96d4e93c66fb8fcdc9f86072dcd29c6159be1d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11cf5c1245d3c47555619c67ceb9ae543a7e8c56346e007147e1671652abbedc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15273ff1ac56f84eebc440688d39df383582d67ab9970a5ee5f2ed3ecdff2ba8
16b3fdf7132afb85d663fd4bc49a66d6b864a8f6dbfe8e861908b6395207979e
173fd00f452c8209f6cebea57cb9a5ab26ab6802ede684468faff558efffd53e
18c517ee8646c295ecee64db1300fbc76648c6e8f39459cd4deace234b26a27f
19c6350cc772c351bbeef48b5faddfb34239ea9942ffb9567e35a7dd64001303
1b2fc79536c8ab2f98419ead1cc323c8945371c6e5019ed79f593e877d48a8ab
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1cbe8a6f452d3d2a87f60e32668acdaab4e62e50b2ee0b8050d3b3828775f61f
1ce53d8ecdceefac029b4e05aac15a7ad0d7eac2b3a33f1824da8ae4c4f8be13
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
1f540d433a251ec9e77bd82b69332402f7066de4a30eb669cc994533d2bc968c
208a618ce499f1b8056ba6f60210d13598960b415ecdb8a0b2df83351cfe0c02
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
23addc956464503578d051fa820a2c4529f2291dca055b2d62b054bb81cf8f88
249d2b2fbdeab73783ca82b7cce504a60320d3ea2c8af80c2e2ff94d7213ed6e
24ca58bf23e819a415daa325aa0e3a6ad83bc86395468c9ca0c240ecacf2cbc6
259606f4b4d145e9df6691631e3d4c0f6c4fa9e1aa8698de748c9f074dfd15bc
270e39cf744bea04cb6e334150f79c1eb699f93bf1ec5c7b77eec67464d3fc98
275010df0c29146776d4137aa99564ee11c42658fd1e41afe22a8fef48c67b9d
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
2ab24ce796851998fc905a034e17f43a4cdb76f445146c38d4ebd6d08a900920
2b7ac24fc14f0e3646d4c3e1cecfdf596cf3dbae1e5fcdc43239a1b69585bbe7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d6ff70d2b7dbbf999cd7817983d70b7a40bb33d63d3b663beb2e4386d4acbd1
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861
3260ada7a202c54ba790f33e3252c611357eab584bec55f788a13a4e9d861e5b
3c733825660c04a6ecba84c81d78acbfce90b6ee2ac52b87c7c451990470e927
3e27a1e740d0c0cb9d821960708e91a8f51ad37c3e9b21b70b172bfb306bfa38
3e6603549555580b680f86b03c2ab7b601f933688409c412990b230f200008dc
3ed184ea97442b0807258a214ba6c2873e96904d7f9e90cb16fcf95d3c3d32e6
40ab42fd2738b6f7e360ecbcf60ed7c532d75e944e85a009a3397f4d7a67c10f
4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d
437b96bfb27c65f904cc78ddc11105eff1cf79b7fec2203e1c23841ac8d95712
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
43a07afa251885987480611f7a5f76c48949eb6556122ccffc2c6de6cb558707
45a70c9799daf3ef74ecf4e75565d09ca038a83e37eced0ab40ed441248f40e0
45f3f0546b16c629198f2af75c236e1c58b7955404f9450fb73ed2f1c2eba40f
47b4692dfccb38aa3b791b809c6475ccf144079687c9d9569849b93af6d03c89
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48eca44b7d480b8ea047f020f2f08763b3e4bbfab06fabf96f0e9f241a75f0a9
48f3c66dc097dc4bbee2a1b10b219b5e03b21cac5cd464f1cc4d84223fa28fc1
493e79568e69eac3706f1a6fc02bb1643b7141b60c359d392e5317cfe44334c5
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4aaa8510085c6d11c9e9fc034d175892c396440982026b8fb450c1bf3ca9625d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4f3e883baafd0aa9d5f7e1ba2b49d6a9c458e2085bc0575d00a31d5bde3e5ac5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519b64efdeaa973ab35bfa1aa18b46aa729018adb9d73c34abe01132615bbc15
52ecb1bb746a09526edf118c79dd612045a3e411317ec429a3ad440475f79101
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54f93e9c10e60babfaaa671b990efaf804977c25a6de037d725376a240126d3d
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55c357602ca06d0f50246880e2594b175c3ac470110ed13ea8336e149d78e2de
590ec95ca64876fc843f5cced8e05e5c5d42c72da01c2fe586dc78128950457b
594daf03c1101103eddb292d1d583d676128ce34437974d935d36cd13105b2be
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a659d37e470d2b48eccf066f2e145b6581f6f8f054f09593871ec7237c939f2
5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d
5b4653897fa212130fb903edef7589c0e0e8fd2e7b89140eca46359c1110bf2d
5b7e6ee51f395018bd02c4fa3914ce146476b44a0c7282d1c5b972fbff6b8664
5ba7fd787c02199e104993472f1cb118b9c77d4db60f3b85149d941d496dc2f8
62b91dd7e6541b2ab4ffb38fd3f69a0c6d1d651cef25b7e9905f2e7c60a745a6
63aa2fbb8b33647f08118e73651eb17f48dbc2d6da58d7868013d3ef083d5904
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
648b481680f07ae3dc05c1a7b23b24a5e2787f1835ec62b00f37ac31f504aa2f
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
677abb499ec70dc5df680ff4d89b0713c526824b9863651c22a4ae01e1b53c8b
67f308c82c94beab0f19774ad46800bf75374459d800718fc2684c3fedd5a639
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
683927ce48904f371f977c1240e074816187cbb6f96d66525a39f26230b7254c
6949d68f3f6dbc6f79c8b976f5607c8b09745c260d758d813165799b1618d2ce
69de99231158e36ac4ce5d52a93af7a1574a4f79a8fd79b0d21b49d85105c3a6
6a0dd0839796076e1c35b105c143db7b79ccae1b9e32f123a9cf58c66d314a6e
6bf35563d8740ad785d2c53cb5410135509f8c57e8bc1dd0c9f94cfddfecf2cc
6d6a6a7549df79275ef415ba50f979f9b2da8663e174a62a0e4030022ba9acad
6dd8c3796600c28cb55f80e3b365e818144fc506624f1825538091e7eab9f15a
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6f3ed2e08a43cbdaa2c32f0dca58bf95277a89e2b857399ad11d4e0fb656673b
70d6de04465b55f810d13b8838bb50b046b3532a78fb2018e56a3af4c7e18128
70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa
70f9dd3398ae47c4a8aa91ae9405e0190099984b28f35115da7d2d0e70450a97
72c2b84424cf08a672b5ebb8a1aa2958aaa86e26cebf74e6b933ee8df684c413
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7323a82847be2df6a9510ec0ddcedebeb02b019f5ee092cd2da501ee094ad02c
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
75cd3b6afdd7b8f136bc5c404f08dc2e50dbf1593a0c3e49c4e324863fee20d6
771b10af101d3ab6015b381063947cd41dcb1c3fc278593d8771eb953ca02b6f
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
790d71668d92c45868e2128e2ee8480db1afeb342f44172ee097e71fc26994b4
799e325a27aef6ef42037daae3cb419a6931173c2b09210a8b386db96461f39a
79e7384be3ec1e42038e5e414d62684acee8a12c0be98fd8b4ccb480d20c9435
7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4
7bd822e612a9671c3105c5aeffccbc836004b4fb2b1fb703471de1cf8dfa3973
7bdb6f8aa5a7bc7d329c8ef830a1ed2c19194e59d91b3316192aae5ffbc4cfe5
7bfc998b6b2333e071601dbff62e890651f439e66179d3eb000241eefb17d85c
7cc27093a7206bc10971963a8ce40453a4f0c6a01754559009c6f00cb3498d65
7e1d05b67320d633e28903abf74d8d6d447bb482ca6cf25e8b75c011bba11191
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
7f9473162ab474ab4b3a3ebf16b0c985a713e006bf2693a5a3efdcec80fe32f9
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
806d23c9d99220323b66207a5ab4e8068d6ecc805a287fd6a6ee2e71ed9789ab
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
80b153fa787bf51a60d38c8362d731bfb2237eb5e721748f8521be0cd0e8995c
8129dafd3bbf278a42546f61e86751ed10e3d08097879f463895dfc39c25ec44
818ec7e02e904eab6a9638557e17c3df7a981788dea3378baec71818df4aaf66
823d1ec4c0ea5db30f9d8186d06d23012216da713d5a083a4a65ce667f59a063
82e7822c35cdcf0e2ac5552f0ca767aed13b2cbf54d914ad8233c6b524ea85af
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83ee468c886d12089cf956d1a3dfddb171ebc349b11f6cf1acdc8f500d627fab
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d131070b1c12e3d13d58eb01603d0cf61c8aa16fa0a644a810b578c25210a7
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
88865e7ddaf27e6a197673760e1da312c5525f54af05cdcd9fa04bd07fa71c71
8938c6b87446f08d0a7f530f2ea3ac840374ca40d79166f6ecaadfa9b9db407b
8a376f672c12525ddb21faadbf8f4b31422c99bd44b16c723d018b7ff7e2a5dd
8a45590a3bf9f39d72dd53301f9897396f2dfb19dc1d38f0beabc965c8351a2b
8a5d5b04058d52772fc46f83376da4139e4b135d4c73ae262a19faac21860678
8a8f27d5f642fbfe0360dd006fe85893f660355b21fa662e47a9a5e690f0bce2
8deb6f4f2915f94900684e60d6e3b9ff241d3f1d45ad86e9c430a3aa5193c24a
8ec8bb1d17ac0d8da1cf6a6ec112cd74daa86a27325b559a2618b9f1bacfe451
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
9197f7576ef57637c5e474669fd48214472afadac777b047225ce6ca48cf41cf
9298f88a525ce9829ebe9ba4cf4692da2f12b278579999aa9453ed570b02b4a0
929d55f44b6859b8385961bea281e980a7cf294adff1a1c036568cbf3c65ae5e
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9710b6abe21b465b8ad441e4c535956222a7cdac36eb5ad5e578a9359194eac8
98c82da015cdd0682e691be4e0c7461791002c2027d7e987f80d8004efac1d3c
99434f8dfcf70714ea945af372182735fa0c5b1a996655355376ff3048aea4a2
9b41b48a3d15971ea519172e34c9119773e1ae2cd958aedd72ae3562a3a2c62d
9bd2adf52febd28984869dce71a3db5e89a972c03bc2b905cce20c2dc9ab1dc9
9c68dc10b5c3627a75af30a5208dabf36afb0d78a6b9a61b59fe10f502d55f94
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
a08855e984e2d048857eb1da7fa5e564c1d774c14df7569d9cfa3b287b92a75c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a6709016dd2b93604284c2125b0b3859f14235bec1b914a07a21f0f810dddaca
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa460b17301428633e549a2d3a7fe90df64707c56c63b6eaeb14bf7e9308be50
ab888b64ffc504de0179c5c7a67fb7bd0c1780d15b465eca6cc432e069e1e065
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b008731a86ba82dd977825f31b0ba566fd3c693897d3928690cc2582a6f9063b
b03b44c6b400fac519d88ade3058e23c041edcff0494789275a4afb79f717e06
b12249dec66346ab54bdf84a52f319b4232f4bec860f2af1f4cbec627b55424d
b14108e25edfa81b17888975728e2d284650900547552a3b445b3d216976a327
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b3c95078f581f7252c3894266c07132443db49466b78642faca28f18e8614f8b
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b5e39af3de89b6501803047a1914936eb4ed96adf20e22443eb198432aea56d9
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
b80e4e8ad44f6731194e67f048cc16ac44e846f47004c1d1bd43f8e85110ca62
b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a
ba9e839ebca59800c075c4a55aa5798a17b648d63ed4072de13e51eb9db8773b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5e4c1d90b974a7d5db331660b4968e3ea489126a620883871c36c9bcdf436b
bbe9772d95cbe28e814b4e2106f9d42eb1e711d209707c73d36fe754465b7387
bca96499220e32a9cbb737ed0c44d8ad116fc3cffed3ee1c9fb59b402a515789
bda22dc79202ec312543dd814750dc088b10347d8f839c3f72e2ccdf024f1c86
c15f9b803d3f74fe2cf6b6e2ed7cd898fb621203cec3bd0e9515d3432daba421
c211f287b1f7fd5e5a36cc2f19605e2ca0f79c265cbc529699f2289a209e09ca
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6f58395f1404bd66a6685d12bf19baf7d6f340ad331b3388f5bf6f0cc463db7
c760f7c8b1df0176ab56978462904ed5be65ce92e656d07ce8b9405d1fc73972
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb7ef62603ce68e806e9f3f9fd2312c388263059871b9d0e690231ebf4256e07
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3c63dba103371297217de0e19c1310b7371d3e8973191a111960b7181584573
d48f5f637187fe83bff6165783efb3dac15cb3d10ba166d92f37312dba9a4ad7
d579e961b90e0bd49545a105bf64af4a0df16d5305bda2334651462d78200f9b
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d74e57a16f307dccbaa3dd0bfcd61d6228c5683e9728266379672b2611f3ac6c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d837ae4d398c29de53365a7f43ab77bd13d780aadc44fdfd168fee83f17708d6
dc9c127f48bb67af3a8bbe1344f02e911c0d3f665c90a4aa73bfcea8f98dfa00
dcce89ebb6380f186ede02a33ba846b9e33da86cd7a55d8e3e02c09331088f17
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e18441c7811abba1194a8130a3ec786d24b4a9d8ae6e8486147e47856b5ca0d1
e1e776b76de2f3c5d26073ae5f6bf1b9d1a32a7e94c1df92fef491d7e6f6df59
e2121d2e43da18179a9a66cd77212546662297925068bf7004095d1c3ca7d659
e25ce31806de1eee3a851d1bc47e269def862c12fc7a6150f08c579f86f71014
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43467ea5d461a0509fc8b4f4fc544fc0fe66d4caaa9004b830a2c589466601a
e555478d721db554d486dc7c2ae2d3f4add3ab554cc81edb702d7f797da132d1
e87e3824f14022ba4a9d099e3fbc4b802a677cc00bc684fbb507e633fe1518de
ec2d0132e5e6bea49a1058764b98b7fe831a0fac37c62a274ddd06bb811e2a18
ed78b01a625c033cbf227def15cf08c316d252892c7436253a0533d8069da8d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9
f0f8832a07c6d150b1e679d807e16734655e3dd45483b601b99fe5fdca25d22b
f20026aa84c648fe8d0c406c01f503a37037ed007a4f63279abdd27fb8e69614
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f86c5f6541755bcc63cab085cae7679be3583e6afefe5e336f977f4a8f5a59f4
fb3a144594ce9a01b985e7fd8fe8331a86675fef8fca75a2032121604dd9d164
fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
fda66347f754500639a66bd23e4bb776ff697494961e6c6c369a7354fdba137a
ffd3ebc4f4b8632daa70fcabfc113a813769ba38e0dce48763b9c6fed713c4b8

www.opovo.com.br Open in urlscan Pro 2606:4700:3033::6815:3a6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

326 Requests

100 %HTTPS

61 %IPv6

43 Domains

66 Subdomains

62 IPs

6 Countries

11055 kBTransfer

15361 kBSize

0 Cookies

106 Outgoing links

Page URL History

Redirected requests

326 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.opovo.com.br Open in urlscan Pro
2606:4700:3033::6815:3a6d Public Scan

Screenshot
Live screenshot

Full Image

326
Requests

100 %
HTTPS

61 %
IPv6

43
Domains

66
Subdomains

62
IPs

6
Countries

11055 kB
Transfer

15361 kB
Size

0
Cookies

326 HTTP transactions
10 data transactions