www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:223c:f800:6:45ad:3580:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Effective URL:
https://www.gazetadopovo.com.br/login.php/
Submission Tags: krdprod
Submission: On October 30 via api (October 30th 2021, 8:11:35 am UTC) from JP — Scanned from GB

Summary HTTP 130 Redirects Links 63 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 26 domains to perform 130 HTTP transactions. The main IP is 2600:9000:223c:f800:6:45ad:3580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.

This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.137.137.121 51.137.137.121	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c35c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 20	2600:9000:223... 2600:9000:223c:f800:6:45ad:3580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4a70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:c0b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.98.111 143.204.98.111	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.97.104 18.66.97.104	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:225... 2600:9000:2250:7800:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2804:49c:3403... 2804:49c:3403:2676:ffff:ffff:ffff:6	() ()
1	2804:49c:3102... 2804:49c:3102:401:ffff:ffff:ffff:50	() ()
1	2804:49c:3104... 2804:49c:3104:401:ffff:ffff:ffff:34	() ()
6	34.102.185.99 34.102.185.99	() ()
2	3.224.144.253 3.224.144.253	() ()
2	2600:9000:223... 2600:9000:223f:a400:13:9bf5:7100:93a1	() ()
2	2600:9000:223... 2600:9000:223c:e00:1d:7626:ce40:93a1	() ()
1	2a00:1450:400... 2a00:1450:4001:828::2002	() ()
3	2a00:1450:400... 2a00:1450:4001:812::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::2001	() ()
5	2a00:1450:400... 2a00:1450:4001:831::2001	() ()
2 6	13.32.99.23 13.32.99.23	() ()
2	200.187.199.64 200.187.199.64	() ()
7	2a00:1450:400... 2a00:1450:4001:810::2002	() ()
2	2a00:1450:400... 2a00:1450:4001:801::200a	() ()
1	2a00:1450:400... 2a00:1450:4001:82b::2006	() ()
1	108.128.131.149 108.128.131.149	() ()
1	52.222.214.4 52.222.214.4	() ()
1	52.48.236.71 52.48.236.71	() ()
130	39

1 51.137.137.121 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.gazetadopovo.com.br.admin-mcas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:ef::5c7b:c35c (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:223c:f800:6:45ad:3580:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a70 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:c0b6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.104 (United States)

ASN16509 (AMAZON-02, US)

events-api.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2250:7800:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3403:2676:ffff:ffff:ffff:6 (None, )

ASN- ()

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3102:401:ffff:ffff:ffff:50 (None, )

ASN- ()

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3104:401:ffff:ffff:ffff:34 (None, )

ASN- ()

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (None, )

ASN- ()

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.144.253 (None, )

ASN- ()

100026685.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:a400:13:9bf5:7100:93a1 (None, )

ASN- ()

www.semprefamilia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:e00:1d:7626:ce40:93a1 (None, )

ASN- ()

www.umdoisesportes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (None, )

ASN- ()

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (None, )

ASN- ()

4a5f5cccf6b8f04975aca1179f9a4463.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.23 (None, ) 2 redirects

ASN- ()

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.187.199.64 (None, )

ASN- ()

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.131.149 (None, )

ASN- ()

vast.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.4 (None, )

ASN- ()

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.236.71 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	gazetadopovo.com.br 1 redirects www.gazetadopovo.com.br events-api.gazetadopovo.com.br	301 KB
20	google.com www.google.com news.google.com play.google.com adservice.google.com	74 KB
12	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net pubads.g.doubleclick.net googleads.g.doubleclick.net	192 KB
11	googlesyndication.com 4a5f5cccf6b8f04975aca1179f9a4463.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	110 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com Failed	227 KB
7	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	78 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	5 KB
6	tailtarget.com tt-10162-1.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	2 KB
3	dynad.net t.dynad.net s.dynad.net	55 KB
3	onesignal.com cdn.onesignal.com onesignal.com	73 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	315 KB
3	azureedge.net mcasproxy.azureedge.net	42 KB
2	adsafeprotected.com vast.adsafeprotected.com static.adsafeprotected.com	16 KB
2	umdoisesportes.com.br www.umdoisesportes.com.br	1 KB
2	semprefamilia.com.br www.semprefamilia.com.br	1 KB
2	igodigital.com 100026685.collect.igodigital.com nova.collect.igodigital.com	3 KB
2	amazonaws.com 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	888 B
2	google.co.uk www.google.co.uk adservice.google.co.uk	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	trustarc.com choices.trustarc.com	1 KB
1	2mdn.net s0.2mdn.net	17 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	uol.com.br tm.uol.com.br Failed tracker.bt.uol.com.br	546 B
1	npttech.com www.npttech.com	3 KB
1	privacytools.com.br cdn.privacytools.com.br	3 KB
1	admin-mcas.ms www.gazetadopovo.com.br.admin-mcas.ms	847 B
130	26

	Domain	Requested by
20	www.gazetadopovo.com.br	1 redirects www.gazetadopovo.com.br
8	news.google.com	www.gazetadopovo.com.br news.google.com www.gazetadopovo.com.br.admin-mcas.ms www.gstatic.com
7	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net www.gazetadopovo.com.br.admin-mcas.ms www.googletagservices.com
7	play.google.com	www.gstatic.com
6	sb.scorecardresearch.com	2 redirects www.gazetadopovo.com.br
6	tm.jsuol.com.br	www.gazetadopovo.com.br tm.jsuol.com.br www.gazetadopovo.com.br.admin-mcas.ms
6	fonts.gstatic.com	fonts.googleapis.com news.google.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
4	www.gstatic.com	news.google.com www.gstatic.com
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	www.google.com	www.gazetadopovo.com.br securepubads.g.doubleclick.net tpc.googlesyndication.com
3	mcasproxy.azureedge.net	www.gazetadopovo.com.br.admin-mcas.ms mcasproxy.azureedge.net
2	googleads.g.doubleclick.net
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	imasdk.googleapis.com	s.dynad.net imasdk.googleapis.com
2	s.dynad.net	t.dynad.net
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	www.umdoisesportes.com.br	www.gazetadopovo.com.br
2	www.semprefamilia.com.br	www.gazetadopovo.com.br
2	b.t.tailtarget.com	tm.jsuol.com.br
2	events-api.gazetadopovo.com.br	www.gazetadopovo.com.br
2	3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	www.gazetadopovo.com.br
2	www.google-analytics.com	www.gazetadopovo.com.br www.google-analytics.com
2	cdn.onesignal.com	www.gazetadopovo.com.br cdn.onesignal.com
1	static.adsafeprotected.com	tpc.googlesyndication.com
1	choices.trustarc.com
1	vast.adsafeprotected.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	t.tailtarget.com
1	nova.collect.igodigital.com
1	4a5f5cccf6b8f04975aca1179f9a4463.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	100026685.collect.igodigital.com	www.gazetadopovo.com.br
1	tracker.bt.uol.com.br	www.gazetadopovo.com.br.admin-mcas.ms
1	me.jsuol.com.br	tm.jsuol.com.br
1	t.dynad.net	www.gazetadopovo.com.br.admin-mcas.ms
1	www.npttech.com	www.gazetadopovo.com.br
1	onesignal.com	cdn.onesignal.com
1	www.google.co.uk	www.gazetadopovo.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.privacytools.com.br	www.gazetadopovo.com.br
1	fonts.googleapis.com	www.gazetadopovo.com.br
1	www.gazetadopovo.com.br.admin-mcas.ms
0	csi.gstatic.com Failed	imasdk.googleapis.com
0	tm.uol.com.br Failed	tm.jsuol.com.br www.gazetadopovo.com.br.admin-mcas.ms
130	47

This site contains links to these domains. Also see Links.

Domain
assinaturas.gazetadopovo.com.br
conta.gazetadopovo.com.br
especiais.gazetadopovo.com.br
www.semprefamilia.com.br
clube.gazetadopovo.com.br
www.umdoisesportes.com.br
confiavel.com
pt-br.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
guia.gazetadopovo.com.br
gazetadopovojornais.com.br
www.grpcom.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 06	`2021-08-04` - `2022-07-30`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.gazetadopovo.com.br Amazon	`2020-12-23` - `2022-01-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-02` - `2022-10-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-11` - `2022-01-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-04-09` - `2022-05-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.jsuol.com.br Amazon	`2021-10-02` - `2022-10-31`	a year	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
*.collect.igodigital.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-25` - `2022-02-25`	a year	crt.sh
semprefamilia.com.br Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
*.umdoisesportes.com.br Amazon	`2021-09-19` - `2022-10-17`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2020-12-18` - `2022-01-16`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.gazetadopovo.com.br/login.php/
Frame ID: 967A1F0D9F79EB233B15449477D41BA7
Requests: 87 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Frame ID: 04AA3881349FFB52ADB4F7914B37A0E3
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454328
Frame ID: 4A0CF62E931C1AF609A935FC698CC8E3
Requests: 13 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 6C8F8708E1D544D0076E53A053F125A0
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: B39546ECD0E5B09889F41A44C41BEEEB
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: A532A92D0EC7081139F3BC9B74D16FDA
Requests: 1 HTTP requests in this frame

Frame: https://4a5f5cccf6b8f04975aca1179f9a4463.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C19FD73D2BAE08EC47E85D7C9781174
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: D7413BB3513F5276C2D1A5ABC057689A
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: FB1E18F6B1D0B30CF557C8919E12AD0D
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html
Frame ID: 7EFB95A71786381E70EFF68DD4DC7BC9
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 82D364F81C68A54F069B3F9EE7A7F4E7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B3206659F9B7E36B9364376E91C1567
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Frame ID: 7694AD189BE325BBBE8D8F5D3CDAF19A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Página não encontrada

Page URL History Show full URLs

https://www.gazetadopovo.com.br.admin-mcas.ms/login.php Page URL
https://www.gazetadopovo.com.br/login.php HTTP 301
https://www.gazetadopovo.com.br/login.php/ Page URL

Page Statistics

130
Requests

94 %
HTTPS

71 %
IPv6

26
Domains

47
Subdomains

39
IPs

5
Countries

1579 kB
Transfer

4928 kB
Size

15
Cookies

63 Outgoing links

These are links going to different origins than the main page.

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-internas-gazeta
Title: assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/login?referrer=https://www.gazetadopovo.com.br/login.php
Title: Entrar

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/painel-das-privatizacoes/?ref=explore
Title: Privatizações

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/reforma-tributaria/?ref=explore
Title: Reforma tributária

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/?ref=explore
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/?ref=explore
Title: Saúde

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/?ref=explore
Title: Virtudes e Valores

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/educacao-dos-filhos/?ref=explore
Title: Educação dos filhos

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/previsao-do-tempo/?ref=explore
Title: Previsão do Tempo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/filmes/?ref=explore
Title: Cinema

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/?ref=explore
Title: UmDois Esportes

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/?ref=explore
Title: Athletico

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/?ref=explore
Title: Coritiba

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/?ref=explore
Title: Paraná Clube

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/podcasts/?ref=explore
Title: Podcast DoisUm

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/?ref=explore
Title: Mauro Cezar Pereira

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/?ref=explore
Title: Augusto Mafuz

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/?ref=explore
Title: Carneiro Neto

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/?ref=explore
Title: André Barcinski

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-pugliesi/?ref=explore
Title: André Pugliesi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/jones-rossi/?ref=explore
Title: Jones Rossi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/brasileiro-serie-a/2021/?ref=explore
Title: Brasileirão Série A

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/brasileiro-serie-b/2021/?ref=explore
Title: Brasileirão Série B

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/tabelas/copa-libertadores/2021/?ref=explore
Title: Libertadores

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/dicas-do-cartola/?ref=explore
Title: Dicas do Cartola

Search URL Search Domain Scan URL

URL: https://confiavel.com/sites-de-apostas/?ref=explore
Title: Casas de Apostas Confiáveis

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/guilherme-cunha-pereira-etica/?ref=explore
Title: Guilherme Cunha Pereira: Ética

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/filipe-figueiredo-joe-biden-relacoes-com-brasil-e-mundo/?ref=explore
Title: Filipe Figueiredo: Joe Biden

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/defesa-da-democracia-francisco-razzo/?ref=explore
Title: Francisco Razzo: Defesa da Democracia

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/cursos/paulo-cruz-religiao-politica/?ref=explore
Title: Paulo Cruz: Religião e Política

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/?ref=explore
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/?ref=explore
Title: 100 Anos da Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/pesquisas-de-aprovacao/?ref=explore
Title: Pesquisas de aprovação

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/?ref=explore
Title: Todos os especiais

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/dentro-da-lei/?ref=explore
Title: Dentro da Lei

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes-editoriais-gazeta-povo-resumo/?ref=explore
Title: Em Resumo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes/?ref=explore
Title: Em Vídeo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/noticias/?ref=explore
Title: Notícias do Clube

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/parceiros/?ref=explore
Title: Descontos do Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/cartao-virtual/?ref=explore
Title: Aplicativo Clube

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/premium/?ref=explore
Title: Conheça o Premium

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro?ref=explore
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/minha-assinatura?ref=explore
Title: Minha Assinatura

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/?ref=explore
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://twitter.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gazeta-do-povo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://guia.gazetadopovo.com.br/
Title: » Guia + Clube

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/por-que-assinar/
Title: Conheça a Gazeta

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/about-gazeta-do-povo/
Title: About Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: https://confiavel.com/sites-de-apostas/
Title: Casas de Apostas Confiáveis

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-rodape-gazeta
Title: Assine

Search URL Search Domain Scan URL

URL: http://gazetadopovojornais.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: http://www.grpcom.com.br/junte-se-a-nos/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=modal-salvar-para-ler-depois
Title: Conheça nossos planos e assine

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gazetadopovo.com.br.admin-mcas.ms/login.php Page URL
https://www.gazetadopovo.com.br/login.php HTTP 301
https://www.gazetadopovo.com.br/login.php/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 103

https://sb.scorecardresearch.com/b?c1=8&c2=6036356&c3=1&ns__t=1635581492724&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=8&c2=6036356&c3=1&ns__t=1635581492724&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F

130 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 login.php Show response
www.gazetadopovo.com.br.admin-mcas.ms/ 1 KB
847 B 515ms
23ms Document
text/html 51.137.137.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazetadopovo.com.br.admin-mcas.ms/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

60c84b45ef1460c5394c433d6f302ca54369ac1aac3ec1c530c57c37787ad85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Sat, 30 Oct 2021 08:11:28 GMT
x-mcas-request-id: 2c0d23f0668cce1967f7dd34f3cd2f93
expires: Mon, 01-Jan-1990 00:00:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
strict-transport-security: max-age=31536000
x-mcas-upstream-time: n/a
x-mcas-processing-time: 3
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.7.19/js/ 5 KB
5 KB 282ms
34ms Script
application/javascript 2a02:26f0:ef::5c7b:c35c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-store-helper.min.js
Requested by: Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c35c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br.admin-mcas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 30 Oct 2021 08:11:28 GMT
last-modified: Fri, 15 Oct 2021 19:37:40 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PLOXavfa2pddds7xHBr81w==
etag: 0x8D990133FF7986E
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4620e0d6-f01e-00a1-4126-c29a4f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30299496
x-ms-version: 2009-09-19
content-length: 5084

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.7.19/html/ Frame 04AA 281 B
729 B 31ms
31ms Document
text/html 2a02:26f0:ef::5c7b:c35c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c35c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br.admin-mcas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Fri, 15 Oct 2021 19:37:38 GMT
etag: 0x8D990133F2F41AD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b92320e9-a01e-0018-0a26-c27941000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=30299479
date: Sat, 30 Oct 2021 08:11:28 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.7.19/js/ Frame 04AA 36 KB
36 KB 34ms
33ms Script
application/javascript 2a02:26f0:ef::5c7b:c35c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c35c , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.7.19/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 30 Oct 2021 08:11:28 GMT
last-modified: Fri, 15 Oct 2021 19:37:39 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: d0ja3c44qO7D3vm2nqObfQ==
etag: 0x8D990133F6F63AD
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b92321e8-a01e-0018-6326-c27941000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=30299415
x-ms-version: 2009-09-19
content-length: 36521

GET
H2

404

Primary Request / Show response
www.gazetadopovo.com.br/login.php/
Redirect Chain

https://www.gazetadopovo.com.br/login.php?
https://www.gazetadopovo.com.br/login.php/

207 KB
35 KB

746ms
746ms

Document
text/html

2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 09b01eee0310df56a731cb96f972791b6d1b35017c32ae616e332f1f4ca25dea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br.admin-mcas.ms/

Response headers

content-type: text/html;charset=UTF-8
date: Sat, 30 Oct 2021 08:11:28 GMT
x-amzn-requestid: 658f06be-5781-47ab-af19-01ec2c670eb8
x-amzn-remapped-connection: close
x-amz-apigw-id: IAynpG6poAMF-1w=
cache-control: max-age=600
x-powered-by: Express
x-amzn-trace-id: Root=1-617cfe30-460b397b573fafcf0299149c;Sampled=1
x-amzn-remapped-date: Sat, 30 Oct 2021 08:11:28 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb5.cloudfront.net (CloudFront), 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2 FRA56-P2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
x-amz-cf-id: zG5q9eVhioMU8JJz-FXhRzFrLCf9zRi6TFD9wQEuJLdLy1HwBBay6w==

Redirect headers

content-length: 0
server: CloudFront
date: Fri, 29 Oct 2021 23:26:00 GMT
location: /login.php/
x-cache: Hit from cloudfront
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: SuRoMkvFHbpo1Q0WBlsp6KKVW2j7bh5Jvbmez_PfnSnjy6BU3zcrnA==
age: 31528

GET
H2 200 google-3.2.2.js Show response
www.gazetadopovo.com.br/assets/legacy/swg/ 114 KB
38 KB 33ms
32ms Script
text/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 23:24:44 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 20:50:04 GMT
server: AmazonS3
age: 5820406
etag: W/"9c302f91fb353b7f558cbda7922e6da1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: text/javascript; charset=UTF-8
x-amz-cf-id: 3-XzeApf50ayma5Z4vJXSYgAYQlHz818ZX43DSx4MfQMxOUwXpNJAg==

GET
H2 200 initial-gazetadopovo-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 282 KB
93 KB 49ms
48ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/initial-gazetadopovo-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 415b89bc5a2cc540059c9195bb5fe46a7002ddd30882f7ea82e28b8aa8cbe6d0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:03 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:55:16 GMT
server: AmazonS3
age: 227667
etag: W/"35a2a855044ecc29d6ed5fcc50565a4d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: BWNOqBxe17SDPDuLF6aYcG5ih-AIIa2MC8iA85qCyklry9JS3ZPIxQ==

GET
H2 200 gazetadopovo-abstracts-_init-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 4 KB
2 KB 66ms
65ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 830905755abc15192a4819768230d82cca6eb5a16b181213d4fbe0a613ec126b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:03 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:42 GMT
server: AmazonS3
age: 227667
etag: W/"0f4a764dda21de0daf4b152edcf19be6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: oW5QQAkquf3hrb7qTYlq7xiXt0JBqItzK1WVnprtzs0Fv-u_OqNIww==

GET
H2 200 gazetadopovo-statistics-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 16 KB
5 KB 66ms
65ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-statistics-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55a75d636531490fa125a4829e64eb04496e32b448f844f5bdd5c53b433284ee

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:03 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:49 GMT
server: AmazonS3
age: 227667
etag: W/"ff33471cfbf1941aa0524600792b2c8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: 7T3xbHY3nnGGY9n63KCAvXNIKWgdG3QPAFyJsto90aozo4B2gd10xA==

GET
H2 200 gazetadopovo-notfound-cd2cbd0a7d28268acfa68c32fcd6bcd6.css
www.gazetadopovo.com.br/assets2/ 167 KB
21 KB 68ms
67ms Stylesheet
text/css 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-cd2cbd0a7d28268acfa68c32fcd6bcd6.css
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43af4a12b5ad12a42f48de52c75b8e500fbf845a4b952cdb7361ebed57b1eadf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:55:36 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:47 GMT
server: AmazonS3
age: 224154
etag: W/"96b05349ec572059e55b38527d8f94ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: text/css
x-amz-cf-id: q5WK-ondMMPS2Ggga_w8KEV--X67e7REMzqGRH7c7iob-U2t_pEp9Q==

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
2 KB 109ms
39ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b22431c77bcb1bfbf4d4a8efd58e7763f982f548dd02eea1ae2a58e8386bb0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 08:11:29 GMT
server: ESF
date: Sat, 30 Oct 2021 08:11:29 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 08:11:29 GMT

GET
H2 200 e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/ 8 KB
3 KB 354ms
62ms Stylesheet
text/css 2606:4700:20::ac43:4a70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Oct 2021 17:11:14 GMT
server: cloudflare
age: 1954815
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsSbf%2FMdrXlH%2FBkCW4vlcNTSqnmNCehOxcGEjv0sfT8IztN04GhRRMDB0WWfgsaeesxu0q5bFs1mNNBgFtcVoMyKTgss%2Fv5bm4gMF4uE3ezkISVudv4MPLnvyrEkcWoYLt4I1z1yAtqcbxAKkOQzsQydznuL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a632c565fa959cb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 199ms
89ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1929
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a632c55b8180e12-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 02 Nov 2021 08:11:29 GMT

GET
H2 200 gazeta-fallback.svg
www.gazetadopovo.com.br/assets2/images/svg/ 167 B
533 B 29ms
28ms Image
image/svg+xml 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets2/images/svg/gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e275872784212de73a7a1b0385a96c63311aa5f67cbad7b654b813fa18f5408

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 17:28:47 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 17:17:14 GMT
server: AmazonS3
age: 8347362
etag: "4d2a859dcd5d33e2c902077c53a4d468"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/svg+xml
content-length: 167
x-amz-cf-id: _WnQUiCwUbTmqDJbo9EYZlhsldvziuCwh2IxCCenMDZUhGwu7kMn9g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 655
date: Sat, 30 Oct 2021 08:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 30 Oct 2021 10:00:34 GMT

GET
H2 200 bg-ads.png
www.gazetadopovo.com.br/assets2/images/ 89 B
447 B 29ms
29ms Image
image/png 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets2/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-cd2cbd0a7d28268acfa68c32fcd6bcd6.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-cd2cbd0a7d28268acfa68c32fcd6bcd6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 00:31:31 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jul 2021 17:16:56 GMT
server: AmazonS3
age: 8321999
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: 2u1qx22Bgvwu3NkjkHfjza6TLGKoe9ztZ1HnE05yZNFVjsvStrPoag==

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 100ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 23:42:45 GMT
x-content-type-options: nosniff
age: 203324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 23:42:45 GMT

GET
H2 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 116ms
47ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 19:34:04 GMT
x-content-type-options: nosniff
age: 131845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 19:34:04 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 20 KB
20 KB 131ms
64ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 16:07:23 GMT
x-content-type-options: nosniff
age: 144246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 16:07:23 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 19 KB
19 KB 133ms
70ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 23:43:17 GMT
x-content-type-options: nosniff
age: 203292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19696
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:22:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 23:43:17 GMT

GET
H2 200 qFdB35WCmI96Ajtm81GgY9nqxw.woff2
fonts.gstatic.com/s/overpass/v5/ 21 KB
21 KB 116ms
56ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdB35WCmI96Ajtm81GgY9nqxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19e011d9a556628501b1557416b8af87442f7baf56cd957a1561d3075c6404c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gazetadopovo.com.br
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 09:02:00 GMT
x-content-type-options: nosniff
age: 256169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21248
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 09:02:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 37ms
36ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1425532773&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1864810985&gjid=61467505&cid=766844619.1635581490&tid=UA-23088598-1&_gid=1270222859.1635581490&_r=1&_slc=1&z=1369205688

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
451 B 73ms
23ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-23088598-1&cid=766844619.1635581490&jid=1864810985&gjid=61467505&_gid=1270222859.1635581490&_u=IEBAAEAAAAAAAC~&z=1413204849

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 30 Oct 2021 08:11:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 62ms
60ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:29 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1909
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a632c5658f20e12-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 02 Nov 2021 08:11:29 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 119ms
52ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-23088598-1&cid=766844619.1635581490&jid=1864810985&_u=IEBAAEAAAAAAAC~&z=1819763319

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 122ms
54ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-23088598-1&cid=766844619.1635581490&jid=1864810985&_u=IEBAAEAAAAAAAC~&z=1819763319

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/0254fca9-7509-4ca1-94b2-2a67bcec99c3/ 5 KB
2 KB 453ms
445ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/0254fca9-7509-4ca1-94b2-2a67bcec99c3/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54dfbf90bd0505ed3f0a6f25772e3b651ab73ba47a43c764e06b624e0fe18c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8c35cf49-c642-411b-aa0d-8ef3feeb3f42
x-runtime: 0.113917
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"54dfbf90bd0505ed3f0a6f25772e3b65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6a632c572a1b0e12-MXP
access-control-allow-headers: SDK-Version
expires: Sat, 30 Oct 2021 09:11:30 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 171ms
60ms Script
application/javascript 2606:4700:3032::ac43:c0b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4892
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 44JNMB61M3NVDQKK
x-amz-id-2: n9/fJYyUwQqyGHt94QiuaMjG/+keiOaV3UAEUov0/Y2PlXPsklPLoQdY/zJ1LA3yK3lbD8pg5mI=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBmXPvfQht2%2BcYPizhTbPGmZ8aaG0Etw%2Bbm%2FjEyLZtMyFxztZ9XbhffFnjV6vJxKne%2F2tA4PB2yPfIabUTo%2BAu2yYKQqqSh84sasTa%2F97Plz1UTMcmV59OKKRwu3kZu%2FFpjF63yFOkV1NW1DM%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6a632c5a2b595a3d-MXP

GET
H2 200 gazetadopovo-abstracts-core-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 5 KB
2 KB 29ms
29ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-core-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 485f70d34183710f1a8afc4e70e01ef9bad970c26a08c516968ce1901a5d2fa7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:04 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:42 GMT
server: AmazonS3
age: 227667
etag: W/"8c344cd988daa1b76da65b3d65a1f4f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: tntU8vjUyb24G6iBOfmhzrNTsaz-vE5GornUgLPz99Fnrr3Wn5sv7A==

GET
H2 200 gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 32 KB
8 KB 29ms
29ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-core-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20916f1391658b352497c76cb94597062d80bfb8ffdde00ef146def851b75c92

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:04 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:42 GMT
server: AmazonS3
age: 227667
etag: W/"e18f9dde29800a5404268e170e9e54d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: YZ-SruSoDrhYvfoTHCfcE7a7J7ZdAlc9vgqsw-LxRbUtuphdii8Wog==

GET
H2 200 vendor-gazetadopovo-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 113 KB
38 KB 30ms
30ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fb165ce78d3f35c036d5f75cd3536d5259b886e206b6c947a3fe736e7b3b2a5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:05 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:55:26 GMT
server: AmazonS3
age: 227666
etag: W/"316572d3795175e2a2eccec0cf7db3c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: oarb2C9I10JdYzburWY44Qa4X2xTDOVqjzpsckg2AgHe32cr5M0B3g==

GET
H2 200 gazetadopovo-_init-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 8 KB
2 KB 29ms
29ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_init-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f01a36c7a242f4cb126c5df21a820d4d85666c33d8b5d5bc174372bb1091720c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:06 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:42 GMT
server: AmazonS3
age: 227665
etag: W/"904fb2db9e26c16e6e71546c61e08f5a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: FTuopmgneEMZFEA0_2v_g5SJf94COz_cGWe9-tuykcejiiBsj_We-g==

GET
H2 200 gazetadopovo-abstracts-ui-tools-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 9 KB
3 KB 30ms
29ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-ui-tools-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f1e6f136106f07b47d61f5fc1a84b47e3817983dc605ad1ed79ad05ce29e5f2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:06 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:42 GMT
server: AmazonS3
age: 227665
etag: W/"44b93696e4113f1f916e055d429b43ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: 7oEoHduLen43WX9UQ2FP9IDACbUWoFgAQ-xXZNlZmqmUd-8oAg6mwg==

GET
H2 200 gazetadopovo-_back-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 80 KB
17 KB 30ms
30ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c348cdb6ae9e9dcf27587876cde2c8c36dacfd43c48d0f2808dcb9720f93483

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:06 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:41 GMT
server: AmazonS3
age: 227665
etag: W/"f0835bc6b949d017dee677ee2268b24c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: sNj8qUKbLD72xvNFioIxr0nS1VoMOxQPz7v0KC96Z4R1hsLpY9atHQ==

GET
H2 200 gazetadopovo-app-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 106 KB
19 KB 31ms
31ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2daf405f47ac39aa411fde7f9a7109f74077e8c17d1344daaded390e8791717d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 17:08:42 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:42 GMT
server: AmazonS3
age: 226969
etag: W/"7386d67a9c9904f6158b1106bf861cc4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: 1t22h_wuvjVLybkXn8bhmLNYmKUE0DLvo6zItMP67EnOnkmLzEk4rw==

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 154 KB
47 KB 111ms
30ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7d4f30f8e4bd6201f82b7de28f208241760d4c1990aabf6fa79afc97a3fca42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47043
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 18:49:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="news-frontend"
expires: Sat, 30 Oct 2021 09:00:07 GMT

GET
H2 200 49-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 7 KB
3 KB 29ms
29ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/49-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bb5c90ffc3684f650603caf21e3d8d8c913de1acca7866ce3a17d066891a1c3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:07 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:38 GMT
server: AmazonS3
age: 227664
etag: W/"4b7c46b2cf53b04e1acbad77b67cfd6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: Rb8eRQp07HwHUG3orb_pgoh5jhrQPmcsAdXK1iYoDaGK1fmNW-Mbzw==

POST
H2 200 flow1 Show response
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ 513 B
888 B 332ms
332ms XHR
application/json 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: /
Resource Hash: 99d5189d1f5ac6bffd0c91be9fc4c4e554dbfed1b03446402d952b88c9181ed2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 02fd7f38-476b-4e72-9da7-9168e7477bc4
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-617cfe33-48d690d342c2aeda29840526;Sampled=1
x-amz-apigw-id: IAyoAGzqIAMFRZQ=
content-length: 513
x-amz-cf-id: OdevfcBWbAm5ad90I76gGwbeqOhvpTB7aVHO9JIgJhD_3svz7YEdcA==

OPTIONS
H2 200 flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame 0
0 204ms
124ms Preflight
application/json 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sat, 30 Oct 2021 08:11:30 GMT
x-amzn-requestid: 8f0e6841-36d1-4240-b661-884ea89227b2
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: IAyn9FMDIAMFTjA=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KLhLcNCnk0jWiG_iJxicSfGzVC3D80bFVhuYBa0RLYzRTCvRy5YkUA==

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58a037df6363b1c9619199cf7fdfad3a84469cd508cfa83320e2bedf64aadc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 18:26:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="news-frontend"
expires: Sat, 30 Oct 2021 08:46:38 GMT

GET
H2 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 4A0C 23 KB
8 KB 113ms
113ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=454328

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5bce8beded4f5fe812c49a187b72cfc9f79388b03e5fd642cf8de04ccefe5d2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-td0OaeNVj4A5pVhrRsCiNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-td0OaeNVj4A5pVhrRsCiNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 30 Oct 2021 08:11:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-td0OaeNVj4A5pVhrRsCiNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-td0OaeNVj4A5pVhrRsCiNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 29ms
29ms Other
image/svg+xml 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="news-frontend"
expires: Sat, 30 Oct 2021 08:55:10 GMT

GET
H2 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/ 2 B
749 B 108ms
108ms Fetch
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.gazetadopovo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame 4A0C 0
407 B 89ms
89ms Other
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yGBhUdEGLj19c4IkZLfB/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-yGBhUdEGLj19c4IkZLfB/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454328
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:30 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-yGBhUdEGLj19c4IkZLfB/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-yGBhUdEGLj19c4IkZLfB/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ Frame 4A0C 21 KB
6 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58a037df6363b1c9619199cf7fdfad3a84469cd508cfa83320e2bedf64aadc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 18:26:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="news-frontend"
expires: Sat, 30 Oct 2021 08:46:38 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.K9LJa_ZyI48.es5.O/am=AgAC/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=A... Frame 4A0C 160 KB
57 KB 100ms
33ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.K9LJa_ZyI48.es5.O/am=AgAC/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6_VwjVlqxZ8HtC6YSFjvoKUpLS3A/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eaf9feb4899e0468d0f69cdda23a5c1d4b8e46cc59b63b84756524e304d5042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57447
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 01:49:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Thu, 27 Oct 2022 21:00:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A0C 15 KB
15 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=454328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:41:55 GMT
x-content-type-options: nosniff
age: 178175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 06:41:55 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.K9LJa_ZyI48.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.dVMpN9ixGCo.L... Frame 4A0C 37 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.K9LJa_ZyI48.es5.O/am=AgAC/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/esmo=1/rs=ABXTjI6_VwjVlqxZ8HtC6YSFjvoKUpLS3A/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0e694b43c18f087ac0ff6107485101722820e9c6ed85ca60a715304b734a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13636
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 01:49:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Thu, 27 Oct 2022 21:04:28 GMT

GET
H2 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.K9LJa_ZyI48.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.dVMpN9ixGCo.L... Frame 4A0C 100 KB
34 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.K9LJa_ZyI48.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.dVMpN9ixGCo.L.B1.O/am=AgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5xI7VPqmYFZ8zz4CzYREapkyS6Ng/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cfcf32c00cf4b29fd4d27154543097a0c5cb8296d64732f64170e4a9a122f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34845
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 01:49:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Thu, 27 Oct 2022 21:04:28 GMT

POST
H2 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 4A0C 421 B
382 B 60ms
60ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-1856980370256671282&bl=boq_subscribewithgoogleclientserver_20211026.12_p1&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=29492&rt=c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4bce8e36820f0cd745c95912ec506eebf956ceac9220352954c12d1a4b05c1a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.K9LJa_ZyI48.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.dVMpN9ixGCo.L... Frame 4A0C 17 KB
7 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.K9LJa_ZyI48.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.dVMpN9ixGCo.L.B1.O/am=AgAC/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/esmo=1/ed=1/wt=2/rs=ABXTjI5xI7VPqmYFZ8zz4CzYREapkyS6Ng/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33dd2297a865be9e95bc5600cbb0f390d76915a2936647ea39b37020bbdba5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7207
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 01:49:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
expires: Thu, 27 Oct 2022 21:04:29 GMT

POST
H2 200 log Show response
play.google.com/ Frame 4A0C 131 B
672 B 114ms
39ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 30 Oct 2021 08:11:31 GMT

POST
H2 200 / Show response
events-api.gazetadopovo.com.br/register/ 1 KB
2 KB 599ms
599ms XHR
application/json 18.66.97.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 2d6559b142bc7278dd009ba2a7f63d38f2222c8736cc6b0ca6bb786b3acbfed5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
etag: W/"4c6-11v5dL9XKZ/mLYGSk8bxHBWdiZM"
x-amzn-remapped-content-length: 1222
x-amzn-remapped-date: Sat, 30 Oct 2021 08:11:31 GMT
x-amz-cf-pop: FRA56-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: IAyoGFbyIAMFZoQ=
content-length: 1222
x-amzn-requestid: ba350a05-2e24-4da9-b3f1-483628f15637
x-amzn-trace-id: Root=1-617cfe33-24ffebb00ffdc8e2192c77ea;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: jmVEJg5tH760ofXPR9SLpH2IdxKo4TvfEFvyaZuXWF9-YtT74groSg==
x-amzn-remapped-connection: close

OPTIONS
H2 200 /
events-api.gazetadopovo.com.br/register/ Frame 0
0 221ms
123ms Preflight
application/json 18.66.97.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Sat, 30 Oct 2021 08:11:31 GMT
x-amzn-requestid: 98890478-1f84-454d-8d4f-80499512c306
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: IAyoDFykIAMFp4A=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: mm03Ij5CwbEw-dEXKIfVe0BsEQLpYoGGjDzrcyPnFe8KzpR6mARvAw==

POST
H2 200 log Show response
play.google.com/ Frame 4A0C 131 B
273 B 41ms
39ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 30 Oct 2021 08:11:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 103ms
36ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 30 Oct 2021 08:11:31 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 30 Oct 2021 08:11:31 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame 4A0C 131 B
273 B 40ms
39ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 30 Oct 2021 08:11:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 100ms
36ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 30 Oct 2021 08:11:31 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 30 Oct 2021 08:11:31 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame 4A0C 131 B
273 B 51ms
51ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 30 Oct 2021 08:11:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 99ms
37ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 30 Oct 2021 08:11:31 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 30 Oct 2021 08:11:31 GMT
cache-control: private

GET
H2 200 45-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 9 KB
3 KB 29ms
28ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/45-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66504ec78d7e7b32437cab90dedf6f2dd30431a1eca1d84b9188d9f7886242fd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:54 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:37 GMT
server: AmazonS3
age: 227618
etag: W/"082bca2a00eb68fb35daae63f010483f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: qOBckZf8hdLgbHD7LW--18NI5PZYEOxitgNyH3Y7aGw95n9JRitoNw==

GET
H2 200 46-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 23 KB
5 KB 29ms
28ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/46-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d50e329b90bd25c1a5b3b9a50fa840fa0daceb7dd7ea9e4c9a083f25b75705e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:54 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:37 GMT
server: AmazonS3
age: 227618
etag: W/"34f20af0edd6e5b6f3810f8cdb5e1961"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: JHjFtzQ4Ny3QNw6bNn_f39rZnJVS2FTNQwJmlBydzYGALYBNRTPO7A==

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 164 KB
30 KB 411ms
228ms Script
application/javascript 2600:9000:2250:7800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: d2e66d1d7a17d523ccf19986ee33561b335b75dcd51713ba4c60d098d9ee3e59

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:29:23 GMT
server: marrakesh 1.16.6
x-amz-cf-pop: FRA60-P2
etag: 4ee772af12ce75b5cab8ea0ef38011c7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 30273
x-amz-cf-id: 9fsRf6w1idvLlLCucnSMcA-Dc2aN1d5dxBL2IDClSQy1VvNHuKh28g==
expires: Sat, 30 Oct 2021 09:11:31 GMT

GET mercurio.html
tm.uol.com.br/ Frame 6C8F 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 111ms
44ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

3668a567290fbca647db2c1bcb4131ade0781cd0ece02a7d17c9e0b6323bed30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1028 / 739 of 1000 / last-modified: 1635545062"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27297
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Oct 2021 08:11:31 GMT

GET
H2 200 / Show response
t.dynad.net/script/ 108 KB
34 KB 1241ms
428ms Script
text/javascript 2804:49c:3403:2676:ffff:ffff:ffff:6

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 -, , ASN (),
Reverse DNS
Software: D3-FE8 / DynAd.net
Resource Hash: 0cf9b28bdc6b12d5c304c7f95f5243286798373be8d79265f17ea449295ae4b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
server: D3-FE8
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.545 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Sat, 30 Oct 2021 08:11:32 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 39ms
38ms Script
application/javascript 2600:9000:2250:7800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:30:50 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 17:51:00 GMT
server: marrakesh 1.16.6
age: 2440
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA60-P2
content-length: 5277
x-amz-cf-id: T1B5xtoyJ4oDu2JRW6P2WZIi68wxSKUd_N0hprb6PRvgZOaOwZME9g==
expires: Sat, 30 Oct 2021 08:30:50 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 133 KB
18 KB 39ms
39ms Script
application/javascript 2600:9000:2250:7800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 97666956e5e2edfb7808901e0069bed90df2996ff466b9d67de8f3efe9c8e56c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:30:50 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 17:06:13 GMT
server: marrakesh 1.16.6
age: 2440
etag: 34e760100b26b8b0e005dfeb1ded6103
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA60-P2
content-length: 17488
x-amz-cf-id: 4982S8C9JTVkgZc26GYw9b6lqoFbFOJ8d0QDY1kf-g5pHn04JOKrCA==
expires: Sat, 30 Oct 2021 08:30:50 GMT

GET
H2 200 gazetadopovo.js Show response
me.jsuol.com.br/aud/ 15 KB
6 KB 865ms
220ms Script
application/javascript 2804:49c:3102:401:ffff:ffff:ffff:50

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/gazetadopovo.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:401:ffff:ffff:ffff:50 -, , ASN (),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 17:32:48 GMT
server: marrakesh 1.16.6
etag: 3259e7f0de5880d1a62dfaa532afdb24
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 6355
expires: Sat, 30 Oct 2021 09:11:32 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 8 KB
3 KB 46ms
45ms Script
application/javascript 2600:9000:2250:7800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 71c0d01b58340e2f3b93195cf397530548c4a1c47c2dd06658d4d6ab885411b7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:59:13 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 13:38:35 GMT
server: marrakesh 1.16.6
age: 738
etag: b7fbda3f0a60aa6ee56d19ae34924e16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA60-P2
content-length: 2864
x-amz-cf-id: cYBVOwtEa04oe9Ml6LlwSL9yR0MkWfJopVmVXsRtY7s_t4mbO5T86w==
expires: Sat, 30 Oct 2021 08:59:13 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 676ms
225ms Script
application/javascript 2804:49c:3104:401:ffff:ffff:ffff:34

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3104:401:ffff:ffff:ffff:34 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 08:11:32 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Sat, 30 Oct 2021 08:11:31 GMT

GET purge-clients.html
tm.uol.com.br/ Frame B395 0
0

GET purge-clients.html
tm.uol.com.br/ Frame A532 0
0

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
500 B 163ms
105ms Script
application/x-javascript 34.102.185.99

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 -, , ASN (),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 42ms
42ms Script
application/javascript 2600:9000:2250:7800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:30:50 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 13:45:52 GMT
server: marrakesh 1.16.6
age: 2440
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA60-P2
content-length: 6125
x-amz-cf-id: CnN1HPobFKs6bFWudX5GsP3ayctnw7kVVfjnRMmOkyd164YaL72NAw==
expires: Sat, 30 Oct 2021 08:30:50 GMT

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 41ms
40ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Oct 2021 08:11:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
120 B 76ms
37ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6d73194a3f163e6f775e14e6610b974828e46d1f30cb4ebe2cb0a9f2083615b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Sat, 30 Oct 2021 08:11:32 GMT

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 39ms
39ms Script
application/javascript 2600:9000:2250:7800:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 07:30:50 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 17:51:01 GMT
server: marrakesh 1.16.6
age: 2440
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA60-P2
content-length: 8357
x-amz-cf-id: _XKTPAllbxpjGS84ffW6KzxpjvpEI5cGInvemC86ejpeCu7QuMRdag==
expires: Sat, 30 Oct 2021 08:30:50 GMT

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
477 B 107ms
107ms Image
image/png 34.102.185.99

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:gazetadopovo:1|_channel:gazetadopovogeral:1&tK=1635581492&tM=referral&tL=referral&tN=referral&tY=3&tZ=493023796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 -, , ASN (),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 3-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js Show response
www.gazetadopovo.com.br/assets2/ 3 KB
2 KB 30ms
29ms Script
application/javascript 2600:9000:223c:f800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets2/3-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27b18da3b3d59c7757073e123fbbae5cfd16c5de947538d999732bc67469001c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/login.php/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:57:55 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 16:54:35 GMT
server: AmazonS3
age: 227618
etag: W/"16f0b0f2fd624d1f17c07c102b2a9825"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: IqjdT2ujXXDgE4jyK4rRnw1Q36xmq1BZZGIa-y7-8MVK-jGg1JmR2Q==

GET
H2 200 collect.js Show response
100026685.collect.igodigital.com/ 9 KB
2 KB 372ms
91ms Script
application/javascript 3.224.144.253

General

Check archive.org

Show headers Download Go to

Full URL: https://100026685.collect.igodigital.com/collect.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.144.253 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 19:38:45 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
319 B 112ms
105ms Script
application/x-javascript 34.102.185.99

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 -, , ASN (),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: 9b3d46869c59c0a5581161d440ad620d2055214f27fb4fd0e812a9eefa464c7e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

OPTIONS
H2 200 /
www.semprefamilia.com.br/cookie-exchanger/ Frame 0
0 387ms
305ms Preflight
application/json 2600:9000:223f:a400:13:9bf5:7100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a400:13:9bf5:7100:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Sat, 30 Oct 2021 08:11:32 GMT
x-amzn-requestid: 3b17c47f-b7ad-4d40-b048-2ebcac568bbf
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: IAyoNETWIAMFdYw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465d.cloudfront.net (CloudFront), 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2 FRA56-P5
x-cache: Miss from cloudfront
x-amz-cf-id: kcuOCdds5tPItCMSzYm173nsr0LnW9SrLAvHx1rPX5FMLleWjasY_g==

POST
H2 200 / Show response
www.semprefamilia.com.br/cookie-exchanger/ 4 B
1 KB 431ms
325ms XHR
application/json 2600:9000:223f:a400:13:9bf5:7100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a400:13:9bf5:7100:93a1 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront), 1.1 0341da327f4c4c49034aa07ebeeab1f1.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Sat, 30 Oct 2021 08:11:32 GMT
x-amz-cf-pop: FRA56-C2, FRA56-P5
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: IAyoRG_yoAMF9ZQ=
content-length: 4
x-amzn-requestid: 084026bc-c24f-47be-9b2b-d004f474b0b5
x-amzn-trace-id: Root=1-617cfe34-187dc0180300b6da2105a56c;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: 8zBKla1fpBGj3IXeRML4SzkYXLex-fzo_UTjAIY-Y9tiW8KBJVu-sA==
x-amzn-remapped-connection: close

POST
H2 200 / Show response
www.umdoisesportes.com.br/cookie-exchanger/ 4 B
1 KB 383ms
325ms XHR
application/json 2600:9000:223c:e00:1d:7626:ce40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-cd2cbd0a7d28268acfa68c32fcd6bcd6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e00:1d:7626:ce40:93a1 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront), 1.1 367a4718be97a49df7ac0500a986437b.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Sat, 30 Oct 2021 08:11:32 GMT
x-amz-cf-pop: FRA60-P1, FRA56-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: IAyoPHS0oAMFemA=
content-length: 4
x-amzn-requestid: d2335348-f3b2-477b-b48d-6374696d3b31
x-amzn-trace-id: Root=1-617cfe34-242efeb67d8b09b53ba0a1be;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: M2ycPasOcz8uWcmXdkxzFSgLmLtyLAuPSTTnVdlMzR_3yqcAO-aRMA==
x-amzn-remapped-connection: close

OPTIONS
H2 200 /
www.umdoisesportes.com.br/cookie-exchanger/ Frame 0
0 229ms
136ms Preflight
application/json 2600:9000:223c:e00:1d:7626:ce40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e00:1d:7626:ce40:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Sat, 30 Oct 2021 08:11:32 GMT
x-amzn-requestid: e3d87cca-54d9-4821-b10d-b571246a4775
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: IAyoLGrHoAMFRvQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront), 1.1 6faa38f38a1fee24a829fec7c748876d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1 FRA56-P2
x-cache: Miss from cloudfront
x-amz-cf-id: YbHqWA43U8qnWFs7zoJIBIeHciQGFSgfcQg0AeIx4pcV5O8VBDH6bw==

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 108ms
39ms Script
application/javascript 2a00:1450:4001:828::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 108ms
39ms Script
application/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 343ms
342ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=975637124990752&correlator=2496812202102037&output=ldjh&impl=fifs&eid=21068031&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-footer-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520login%2520php%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1635581492&dt=1635581492086&dlt=1635581489332&idt=2707&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2713759382&ucis=1&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=0x-1&ga_vid=766844619.1635581490&ga_sid=1635581492&ga_hid=1425532773&ga_fc=true&fws=640&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

87679a1492e54c3d5fc043b4d12a70c42bc669fdb5b44039bdd858166d7346ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11779
x-xss-protection: 0
google-lineitem-id: 5819289557
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368525870
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4a5f5cccf6b8f04975aca1179f9a4463.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C19 6 KB
4 KB 214ms
37ms Document
text/html 2a00:1450:4001:82a::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://4a5f5cccf6b8f04975aca1179f9a4463.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 30 Oct 2021 08:11:32 GMT
expires: Sun, 30 Oct 2022 08:11:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 89 KB
21 KB 697ms
697ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=975637124990752&correlator=2496812202102037&output=ldjh&impl=fifs&eid=21068031&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211030&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C1190x150&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520login%2520php%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1635581492&dt=1635581492112&dlt=1635581489332&idt=2707&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=120&adks=1651446792&ucis=2&ifi=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x130&msz=1190x90&ga_vid=766844619.1635581490&ga_sid=1635581492&ga_hid=1425532773&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

100f230d29d2aaafb2f878ce8181c317823192009163e7c2e47ae76104ff97c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21714
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 139 B
570 B 111ms
111ms Script
application/javascript 34.102.185.99

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=2&tU=0100007F34FE7C618B067613023FD605&tX=b.52&tZ=869182135&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 -, , ASN (),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: 61c07ee507dd11704cdee7a368f945f6861b8241bfaa3adf6ba2d51c87c9d911

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
338 B 108ms
107ms Script
application/javascript 34.102.185.99

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=681355811&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 -, , ASN (),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: f227e07a7f3faa6b65ffd85413cd58d620b9ea2b2cec79d5b438f7ab4d939b6f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 track_page_view
nova.collect.igodigital.com/c2/100026685/ 43 B
722 B 102ms
101ms Image
image/gif 3.224.144.253

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/100026685/track_page_view?payload=%7B%22title%22%3A%22P%C3%A1gina%20n%C3%A3o%20encontrada%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F%22%2C%22user_info%22%3A%7B%22user_id%22%3A%22us-east-1_02cf5829-00b1-43c4-af9c-1bbde013e6fc%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.144.253 -, , ASN (),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-runtime: 0.008562
date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 7038ac2f-cfda-46f2-b2cc-3bd3846ea44c

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 112ms
106ms Image
image/gif 34.102.185.99

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_london_england_gb_1635581492203_3257167527&tJ=&tQ=gazetadopovo,gazetadopovogeral&tU=0100007F34FE7C618B067613023FD605&tX=b.52&tY=1&tZ=499408656
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 -, , ASN (),
Reverse DNS
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 66ms
65ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufABiX_oGKwWwZPAn3hxdJ6_gx93yJK4TdZQDDwC4Jln66ehU9NI3H4QYcZ57RYdMfNsVKHjATIo72068sgquqNGys7DuXfHSheuldvcMxrRsCg9L_FiBeZcXbcCwxBI9ghl3hhIC0uK0ujL7buzxXEiQ-RA-6_GSqL_1rACyHJoXMSy_5cf8a-CbjabNGMppA6vdv5oyAlr2RyuQAZW4ABOw0WJfsqGizn2vk4QZbnzsmS8nWwhHUiJoNkYqHmIxkPQ0MWiEZFBT3Yyn8G9VfFk6yDG6mcoZ6OZo4x_8fzeL88q0D_kdw1-mwM1uL8ynt7L5uAMtCho7nKbKh7lWu&sai=AMfl-YRGgG9UrnjBjs-TQ265w1k_t4tu-9uOoMGDRSE6b99mWZu2WduitdwehBqrqNiw5Wb1FPEnyBjSlJEsb1DmdogQ4ADu0uqqF1PFTRHxU51JTO1goGJafaeH5EtJjYI&sig=Cg0ArKJSzGByyKhL9iFVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 08:11:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 30 Oct 2021 08:11:32 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ 3 KB
2 KB 100ms
29ms Script
text/javascript 2a00:1450:4001:831::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 08:05:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 120 KB
37 KB 106ms
37ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 08:11:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 37ms
36ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuqvzRKSp_3M90aO7JnS7Raf10ViohfOfncmHh-iG4UHQlQa10tlhPrKep7MyNbb-anCJlcvx_LzNAga70mKgXFsQ1xA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 1955762435927435045
tpc.googlesyndication.com/simgad/ 51 KB
52 KB 100ms
31ms Image
image/jpeg 2a00:1450:4001:831::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1955762435927435045

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

32f46680a49cfdfd4b2d9fbabd139d0a3b95cfcf5e6bc64a4dab027ffc4fa272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 03:20:56 GMT
x-content-type-options: nosniff
age: 449436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52467
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 21:23:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Oct 2022 03:20:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 64ms
64ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvno7DUtZM_b5QwYBHwuJN197Sxy2obOFB8jvBSPa8treZfKSJDre7ctc0_jyWbW3pbsmR95MhheIpDEJs_HszrA9XdUVR4rig5A7X7Pg8Ngrey9i1EeNeZ31uRFUko-1_AIBV023DRLkZMJJxRW8G2SIA2ctelaqjc44Zo3IVmHFo-1ILm1HJ-IRJ2x51XEe8fxc7puJswXU0X-XidyM3plijbv3SPXjW4dZ4undzdptzARSaA1St6bOlQqXD3GaHYhZWu9rwfHIFr81Q5l-E6_GOjW2P04uwFyqQ_rpzd2RhVCV3YU35nxo0MbHmFMzepcjGpt5DOv1pobFmErjtjnJU&sai=AMfl-YRvvRGu9md_LlqAjldzia1RjdfhmkMXbLK7bgQsE0ShfinI_Y6cHtHL7sQsClZAz1enx3Xsoz4Az8WgpzZNo4mOAV3aV9gLNa7IBKaTTkmWX7PkV9aHZ14yvsK2Fs4&sig=Cg0ArKJSzFu1JOuWG0FlEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 08:11:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 30 Oct 2021 08:11:32 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 97ms
32ms Script
application/javascript 13.32.99.23

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:37:08 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 20347
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: oyyfQr9zFop8vzThlWbRcY48vTTNkGA2jQCKYn9Cv5vImZWhBo1j4w==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

30ms
30ms

Script
application/javascript

13.32.99.23

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Server: 13.32.99.23 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:02:58 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 623
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: jmu2n_YTaxum-L8l56zPOygUPaKbfY6jpsapJoqUFSyZdGGKdyI6Zw==

Redirect headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: E-cvb1dCt_lHREzf5lJ3iMcBxS73RCOTDPmIIoLK8NnaUl42DGGysg==

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 041ea156ac1202b50b3916b1bd57933b4ef2cdec42688037dc9afcb6c98f6b5b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=8&c2=6036356&c3=1&ns__t=1635581492724&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.ad...
https://sb.scorecardresearch.com/b2?c1=8&c2=6036356&c3=1&ns__t=1635581492724&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.a...

64 B
330 B

32ms
32ms

Image
image/gif

13.32.99.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=8&c2=6036356&c3=1&ns__t=1635581492724&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol: H2
Server: 13.32.99.23 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 46lJlukoWwzBM_pxWdsjbKjyc-aezUacStHxmVL_8BfDWphT6BqCqg==

Redirect headers

date: Sat, 30 Oct 2021 08:11:32 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=8&c2=6036356&c3=1&ns__t=1635581492724&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F
content-length: 234
x-amz-cf-id: jzCYYLv9H04adRIBuyPxsxdvzPuaiNiIP6vyxxOdTfa8mGWHSkQU_w==

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame D741 6 KB
3 KB 738ms
209ms Document
text/html 200.187.199.64

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Sat, 30 Oct 2021 08:11:33 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Sat, 30 Oct 2021 09:11:33 GMT
pragma: cache
last-modified: Wed, 27 Oct 2021 19:57:46 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 480.000h
x-varnish: 26343317 6
age: 216827
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame FB1E 53 KB
18 KB 930ms
402ms Document
text/html 200.187.199.64

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Sat, 30 Oct 2021 08:11:33 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Sat, 30 Oct 2021 09:11:33 GMT
pragma: cache
last-modified: Wed, 27 Oct 2021 19:57:46 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 408.000h
x-varnish: 26944542 32774
age: 216827
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
497 B 133ms
64ms Fetch
image/gif 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxBomRjzzUwI35YTOe7z-DbYy1-4i7eWyHSQfwS-LZb9LXisLLI6v_foJwlWI3kNOotdDzecDhwIEO3ZOOGb3ehOiSIH5kaOJvmdv1pkUixUcpi4lk&sig=Cg0ArKJSzH9vZocrCW5tEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2713759382&rs=4&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635581488481&rpt=4142&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FB1E 370 KB
123 KB 123ms
41ms Script
text/javascript 2a00:1450:4001:801::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4a095c4b655aa774d4b1eb479908d0aa5ce3482b701c4b25af75050e0fe85ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125402
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Sat, 30 Oct 2021 08:11:34 GMT

GET
DATA 200
OK truncated
/ Frame FB1E 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 44ms
43ms XHR
application/json 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f6856da453ffc3040ba45f9deeb22cfc0c1d91830568cd710739a5955306bb75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 08:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8589
x-xss-protection: 0

GET
H2 200 bridge3.486.2_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 7EFB 578 KB
190 KB 331ms
30ms Document
text/html 2a00:1450:4001:801::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

866229495ace15f688488e782403a5e5e966c7712c0ac56a230577c304c02668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://s.dynad.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194275
date: Thu, 28 Oct 2021 17:29:33 GMT
expires: Fri, 28 Oct 2022 17:29:33 GMT
last-modified: Mon, 25 Oct 2021 15:31:24 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 139321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FB1E 44 KB
17 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:82b::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Oct 2021 08:11:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FB1E 107 B
165 B 343ms
42ms Script
application/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 08:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:831::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 30 Oct 2021 08:11:34 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 82D3 12 KB
5 KB 30ms
29ms Document
text/html 2a00:1450:4001:831::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 29 Oct 2021 21:40:59 GMT
expires: Sat, 29 Oct 2022 21:40:59 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1B32 783 B
967 B 40ms
39ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f57a38c51ea5089b2dc752cf618b4e7fbf79eacd23784d433e4f1b3eadf8ddfa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ocydhInuhfP4k6I+720pAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 30 Oct 2021 08:11:34 GMT
date: Sat, 30 Oct 2021 08:11:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ocydhInuhfP4k6I+720pAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js Show response
pagead2.googlesyndication.com/bg/ Frame 82D3 35 KB
14 KB 96ms
30ms Script
text/javascript 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C8m29kB8iYAnQnzidy4_DrlfbpyEWo1zyweSB2Yey3c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13263
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 30 Oct 2022 08:06:50 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B32 0
0 128ms
71ms Image
text/html 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102501&jk=975637124990752&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 66ms
65ms Image
image/gif 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102501&jk=975637124990752&bg=!kJOlk9fNAAbUs_yW1LM7ACkAdvg8WrXP_v9ukvWPBdKiFrM5PLV91iAfpnQgBRmNQIjOKUxOUFEw4AIAAABFUgAAAAtoAQcKAGKl35dNLFWV8iDBhf6U9nqwez7HftbDN-4ojOOuPHNqVgp-xI_IipICJlGjySAcgnmCFa-w5kmurHRe8zk48LTOIAER_kubBFDzWUcJ6v05iS_x5s0EyZBtj2XxgWz7NcwTC5kCyVGJXjI-7tX9-4CieajNm512nzKwh8jR7vPrfVxgh_EyuXMwWhWqYwqIARSglYSTIuzXGYBJYaYmC_WUUtN2Z-PLZPYaL7jbBDC3v9Lj7QDcMjLwp9NZ20M4IDr8w0HvIXbTpz06sLlun0Ec6FR-wEMvjn3Aa955P6RjVt9zOxmqT-rzXsMEqheKPYCkmVux2NSqkcjpvHfaCGiJxfYkkDo4ZEiyWMqjZlDFgJYPo5rX4bKJLl6m0KxRg1eXLmdpw_Ei-4dnzsjEDEYzLCCQ88OweYSJuw9_E7ourIu1VQIe7YK2Y0hAnCMwyJPyg4EAGiFbkepY11JBIWYTPT4XPzEA5qJzbJ3p7HphwvAzVfOf2iTrjGvP7WPoXrneP1iA_qbOwSBWy9RWc2YcOk2DnqlBiYjslP6I1EyU5590EZGzFa4infA4bQvguieEHsP2JtFtgVxxoX6Oov_m1brMCWRw-kI-DKKL0JCJj_rC6apsZ6o_oc9Mf6f9OC-eGke8FecdjkzkhDWS_D8InC0c87J_9y206VEqv-Ed3Wj8HsClqrpITK_GzUh2uoipRPWo7OFFiTcRXLMmHtG2AkyZAIQ7TiPwFTuIhm6H2Gk6KBhZNJkcjffls_ySwd_Xzw9oEuFkRcPCuGvytEf0o4ZelUYv7FnWqAODZ67aKYyf5BeD5RPWL2O_OFnLXE92NrP08hC3a7nBcqUOFA476f2I0D8ST4wlLiW4oIoWApoPfzpXUlx3luSIeAMNEEsXAs9WIgw5CNkZIwwALwOibFAzgdTB5ljyEZuZyO7Pw93l9aJZypkUa8yghPSdLaHOgz2cDG6QJpwwmbELF3CE_s4ZNDQs99fKwUn5FcuerV8s8XHDwAO1i4-y-sflftoMIDuQbNLWA7iMXuLGTwFbtltLqicdHnlyj3LfxIMcTDRtDlzk5F6aSHAVOQ4Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7EFB 81 KB
11 KB 412ms
411ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Fgazeta_do_povo%2Fin-article&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params%3Dvideoplayersize%3Dsmall%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&correlator=3318710170517837&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20login%20php%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&vpa=auto&vpmute=1&sdkv=h.3.486.2&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2813393808&sdk_apis=2%2C8&sid=997416F8-C618-482B-ACDE-DC14407972B8&eid=40819804&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dt=1635581494905&scor=490199699631630&ged=ve4_td1_tt0_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a261f99bc019e963882813925eb4b81fb15ce33ef2735cc2d699f7d4a548d17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 143040
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10611
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 203543
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vast Show response
vast.adsafeprotected.com/ Frame 7EFB 54 KB
16 KB 230ms
90ms XHR
text/xml 108.128.131.149

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.adsafeprotected.com/vast?anId=923116&advId=k28o035&campId=ibzra5b&chanId=jlqh5r0&placementId=74hngnot&pubId=&bidurl=www.gazetadopovo.com.br&impId=65155908-b250-4446-b9ef-93f51ed494be&planId=rubicon&adsafe_par&originalVast=https://unified.adsafeprotected.com/v2/800347/56604863?mon=56604864&omidPartner=-1&apiframeworks=2,8&bundleId=[BUNDLEID]&vastVersion=2&mode=strict&ias_xappb=[ctv_appid]&originalVast=https://ad.doubleclick.net/ddm/pfadx/N706615.3848558MATTERKIND/B26345978.312180598;sz=0x0;ord=350909;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text/xml;dc_sdk_apis=2,8;dc_omid_p=-1;gdpr=;gdpr_consent=;ltd=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.131.149 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86cfc79636e6bbb0c5606c78bf605bb9a387c7429b385567d3232908a107ca56

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 08:11:35 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 16508

POST csi
csi.gstatic.com/ Frame 7EFB 0
0

GET
H2 200 loader20.html Show response
tpc.googlesyndication.com/pagead/js/ Frame 7694 51 KB
18 KB 30ms
30ms Document
text/html 2a00:1450:4001:831::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/loader20.html?https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 30 Oct 2021 04:35:31 GMT
expires: Sun, 31 Oct 2021 04:35:31 GMT
content-type: text/html; charset=UTF-8
etag: 15578078210308968909
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 18563
x-xss-protection: 0
age: 12964
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7EFB 42 B
241 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CfJeUN_58YbDcBKL6gAfjxbioA_7T969czs-92OoCwI23ARABIABgu76ug9AKggEdY2EtdmlkZW8tcHViLTYzMzA3OTEwOTQyNjAxNDnIAQXgAgCoAwGYBACqBJMCT9AY_qOMbStcgaSo_WyVvBu4SXfhXDdEHh4-QYdFfE_ntkSMWBbY8SptP5IzfNxTBopLt1c1XJxOCds5gsoKtsj7CTO3hHaJwdBoz1HHHTVE2-18_VySqVmXiBVP2h7uaDq34uO5f4tIdl1dJtxVDPI_uDWEqYQrYLlaBUUPeiL8tlnmlsEz6R_GFqj9LCKc17bK9Rmf75OVKXO3hwrq_XD7KxP8Twls8g5dKt2anE9FERUBdaXr7--EccG62Bpr-IGrxy0VzE0EA2rejfFllozK9CeRGccCX0_1QHZBFGyPjoQCLLtd9ZC0HGCKre0zdDO--3NvqAzcMo9Wwcd0JY7YH0FHrvX2LbuoYy8BJpILq8zgBAGABsOf3tT08rfloAGgBiqoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&sigh=4L0ybXB5W3I&label=video_ad_loaded&acvw=[VIEWABILITY]&sdkv=h.3.486.2&vci=[CREATIVE_PLAYBACK]

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7EFB 42 B
108 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CfJeUN_58YbDcBKL6gAfjxbioA_7T969czs-92OoCwI23ARABIABgu76ug9AKggEdY2EtdmlkZW8tcHViLTYzMzA3OTEwOTQyNjAxNDnIAQXgAgCoAwGYBACqBJMCT9AY_qOMbStcgaSo_WyVvBu4SXfhXDdEHh4-QYdFfE_ntkSMWBbY8SptP5IzfNxTBopLt1c1XJxOCds5gsoKtsj7CTO3hHaJwdBoz1HHHTVE2-18_VySqVmXiBVP2h7uaDq34uO5f4tIdl1dJtxVDPI_uDWEqYQrYLlaBUUPeiL8tlnmlsEz6R_GFqj9LCKc17bK9Rmf75OVKXO3hwrq_XD7KxP8Twls8g5dKt2anE9FERUBdaXr7--EccG62Bpr-IGrxy0VzE0EA2rejfFllozK9CeRGccCX0_1QHZBFGyPjoQCLLtd9ZC0HGCKre0zdDO--3NvqAzcMo9Wwcd0JY7YH0FHrvX2LbuoYy8BJpILq8zgBAGABsOf3tT08rfloAGgBiqoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB&sigh=4L0ybXB5W3I&label=show_ad&acvw=[VIEWABILITY]&sdkv=h.3.486.2&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhQtNjg2MDQyNTI0MTQ2MTAyNjg3NzIINzRobmdub3RAogMKWwgBEhh2YXN0LmFkc2FmZXByb3RlY3RlZC5jb20aA0RDTSACKgk1MDQ4MzEyMDQyCTE1NjcyOTI0MEDpAVIdJQAAcEEoAToHdW5rbm93bkIHdW5rbm93blAAYAIYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 08:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 7EFB 0
0 66ms
65ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CQb5rN_58YbDcBKL6gAfjxbioA_7T969czs-92OoCwI23ARABIABgu76ug9AKggEdY2EtdmlkZW8tcHViLTYzMzA3OTEwOTQyNjAxNDnIAQXgAgCoAwGYBACqBJACT9AY_qOMbStcgaSo_WyVvBu4SXfhXDdEHh4-QYdFfE_ntkSMWBbY8SptP5IzfNxTBopLt1c1XJxOCds5gsoKtsj7CTO3hHaJwdBoz1HHHTVE2-18_VySqVmXiBVP2h7uaDq34uO5f4tIdl1dJtxVDPI_uDWEqYQrYLlaBUUPeiL8tlnmlsEz6R_GFqj9LCKc17bK9Rmf75OVKXO3hwrq_XD7KxP8Twls8g5dKt2anE9FERUBdaXr7--EccG62Bpr-IGrxy0VzE0EA2rejfFllozK9CeRGccCX0_1QHZBFGyPjoQCLLtd9ZC0HGCKre0zdDO--3NvqAzcMo9Wwcd0Z4zUjZTwRcFdxvgVtzG42iXgBAGABsOf3tT08rfloAGgBiqoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02MzMwNzkxMDk0MjYwMTQ5GN7oFA&sigh=rPYgzI77NTw&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSKQCNIrLMV6c22hp2EAARbnXnpGVXvuNv7ib8U9bB8CH7pYT9k83itSBbGAE&vt=10&sdkv=h.3.486.2&vci=Ck4IAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKhQtNjg2MDQyNTI0MTQ2MTAyNjg3NzIINzRobmdub3RAogMKWwgBEhh2YXN0LmFkc2FmZXByb3RlY3RlZC5jb20aA0RDTSACKgk1MDQ4MzEyMDQyCTE1NjcyOTI0MEDpAVIdJQAAcEEoAToHdW5rbm93bkIHdW5rbm93blAAYAIYAQ..
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 get
choices.trustarc.com/ Frame 7EFB 739 B
1 KB 114ms
30ms Image
image/png 52.222.214.4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Sat, 16 Oct 2021 00:20:59 GMT
via: 1.1 bafba29f1325f15932567e0ae2d444a5.cloudfront.net (CloudFront)
server: nginx
age: 1237836
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 739
x-amz-cf-id: 16c9iBYQTKC63xA1fGx-c8T4kyzXtScJyswQUSQn7N5u38pa92GL5g==
expires: Mon, 15 Nov 2021 00:20:59 GMT

GET /
t.dynad.net/pc/ 0
0

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
443 B 32ms
32ms Image
image/gif 13.32.99.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1635581495631&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1635581495631
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:35 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: cHzxLa9m75o1Ahe5coVDiNorZrbynzjmRVc4vCPagaaNBXAtPjxkPw==

GET /
t.dynad.net/pc/ 0
0

GET
DATA 200
OK truncated
/ 873 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vpaid.2021.10.04-08.57-25eef18.js
static.adsafeprotected.com/ias/v1/ Frame 7694 135 KB
0 134ms
44ms Script
application/javascript 52.48.236.71

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/loader20.html?https://static.adsafeprotected.com/ias/v1/vpaid.2021.10.04-08.57-25eef18.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.236.71 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 08:11:35 GMT
last-modified: Mon, 04 Oct 2021 15:11:56 GMT
server: nginx/1.16.1
age: 476433
etag: "32cdd68901ce663c7a1a2ff7d1f61273"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 179718

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html

Domain: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1

Domain: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvdizqeb&c=1596689763865&slotId=798344881932.5&qqid=CPDTj_DX8fMCFSI94Aod4yIONQ&gqid=Nv58YaDHOJSWx_APkKe00AM&fb=ima_html5-lima&sdkv=h.3.486.2&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x77&wta=1&vmfc=1&vhc=0&ghmsh_eids=40819804

Domain: t.dynad.net
URL: https://t.dynad.net/pc/?dc=5550003220;ord=1635581495610

Domain: t.dynad.net
URL: https://t.dynad.net/pc/?dc=5550003219;ord=1635581495631

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gazetadopovo.com.br/	1970-01-20 15:50:53	Name: _ga Value: GA1.3.766844619.1635581490
.gazetadopovo.com.br/	1970-01-19 22:21:07	Name: _gid Value: GA1.3.1270222859.1635581490
.gazetadopovo.com.br/	1970-01-19 22:19:41	Name: _gat Value: 1
www.gazetadopovo.com.br/	1970-01-19 22:19:41	Name: __adblocker Value: false
.google.com/	1970-01-20 02:43:12	Name: NID Value: 511=HAwdNSG3vZeenvRhvDm1W1Dcq5EdoujN-WqB7eFIo_IMCdNP1PCt6gwSUbR0syjYIeWhPCYkp8UpUFq4tEmiZtcKs0SiJnsYyUIcKwdrnmNg39VrcW916jq8I5TTOYVz7XhQtXIKnZQ6HI5hLNn5KkjVjX2sy5YLFf7tvchAaV0
.gazetadopovo.com.br/	1970-01-23 13:55:41	Name: GPSDK_TKTID Value: us-east-1_02cf5829-00b1-43c4-af9c-1bbde013e6fc
www.gazetadopovo.com.br/	1970-01-19 22:19:43	Name: tt_c_vmt Value: 1635581492
www.gazetadopovo.com.br/	1970-01-19 22:19:43	Name: tt_c_c Value: referral
www.gazetadopovo.com.br/	1970-01-19 22:19:43	Name: tt_c_s Value: referral
www.gazetadopovo.com.br/	1970-01-19 22:19:43	Name: tt_c_m Value: referral
.gazetadopovo.com.br/	1970-01-19 22:19:43	Name: GPSDK_SESID Value: us-east-1-fd9bbc70-3958-11ec-bb7c-1becc1ece4c7
.gazetadopovo.com.br/	1970-01-23 13:55:41	Name: GPSDK_LOCCT Value: LONDON
.gazetadopovo.com.br/	1970-01-23 13:55:41	Name: GPSDK_LOCCY Value: UNITED%20KINGDOM
.gazetadopovo.com.br/	1970-01-23 13:55:41	Name: GPSDK_LOCRG Value: LONDON%2C%20CITY%20OF
www.gazetadopovo.com.br/	1970-01-20 15:36:29	Name: _ttuu.s Value: 1635581492021

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gazetadopovo.com.br/login.php/ Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
deprecation	warning	URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69 Message: Application Cache API manifest selection is deprecated and will be removed in M85, around August 2020. See https://www.chromestatus.com/features/6192449487634432 for more details.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/js/core/bridge3.486.2_pt_br.html(Line 347) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100026685.collect.igodigital.com
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
4a5f5cccf6b8f04975aca1179f9a4463.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
b.t.tailtarget.com
cdn.onesignal.com
cdn.privacytools.com.br
choices.trustarc.com
csi.gstatic.com
events-api.gazetadopovo.com.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
mcasproxy.azureedge.net
me.jsuol.com.br
news.google.com
nova.collect.igodigital.com
onesignal.com
pagead2.googlesyndication.com
play.google.com
pubads.g.doubleclick.net
s.dynad.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
t.dynad.net
t.tailtarget.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
vast.adsafeprotected.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.admin-mcas.ms
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
www.semprefamilia.com.br
www.umdoisesportes.com.br
csi.gstatic.com
t.dynad.net
tm.uol.com.br
108.128.131.149
13.32.99.23
142.250.185.130
143.204.98.111
18.66.97.104
200.187.199.64
2600:9000:223c:e00:1d:7626:ce40:93a1
2600:9000:223c:f800:6:45ad:3580:93a1
2600:9000:223f:a400:13:9bf5:7100:93a1
2600:9000:2250:7800:6:9eb2:5cc0:93a1
2606:4700:20::ac43:4a70
2606:4700:3032::ac43:c0b6
2606:4700::6812:e134
2804:49c:3102:401:ffff:ffff:ffff:50
2804:49c:3104:401:ffff:ffff:ffff:34
2804:49c:3403:2676:ffff:ffff:ffff:6
2a00:1450:4001:801::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c04::9c
2a02:26f0:ef::5c7b:c35c
3.224.144.253
34.102.185.99
51.137.137.121
52.222.214.4
52.48.236.71
041ea156ac1202b50b3916b1bd57933b4ef2cdec42688037dc9afcb6c98f6b5b
09b01eee0310df56a731cb96f972791b6d1b35017c32ae616e332f1f4ca25dea
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0bc9b6f6407c898027427ce2772e3f0eb95f6e9c845a8d73cb079207661ecb77
0cf9b28bdc6b12d5c304c7f95f5243286798373be8d79265f17ea449295ae4b1
0e275872784212de73a7a1b0385a96c63311aa5f67cbad7b654b813fa18f5408
0e5889395974c20cb35a4981f12dbf0112b108459eb045b9df81b9bfa2f73392
100f230d29d2aaafb2f878ce8181c317823192009163e7c2e47ae76104ff97c5
19e011d9a556628501b1557416b8af87442f7baf56cd957a1561d3075c6404c7
1bb5c90ffc3684f650603caf21e3d8d8c913de1acca7866ce3a17d066891a1c3
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
20916f1391658b352497c76cb94597062d80bfb8ffdde00ef146def851b75c92
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a
27b18da3b3d59c7757073e123fbbae5cfd16c5de947538d999732bc67469001c
2d6559b142bc7278dd009ba2a7f63d38f2222c8736cc6b0ca6bb786b3acbfed5
2daf405f47ac39aa411fde7f9a7109f74077e8c17d1344daaded390e8791717d
2eaf9feb4899e0468d0f69cdda23a5c1d4b8e46cc59b63b84756524e304d5042
32f46680a49cfdfd4b2d9fbabd139d0a3b95cfcf5e6bc64a4dab027ffc4fa272
33dd2297a865be9e95bc5600cbb0f390d76915a2936647ea39b37020bbdba5ee
3668a567290fbca647db2c1bcb4131ade0781cd0ece02a7d17c9e0b6323bed30
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c348cdb6ae9e9dcf27587876cde2c8c36dacfd43c48d0f2808dcb9720f93483
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3f1e6f136106f07b47d61f5fc1a84b47e3817983dc605ad1ed79ad05ce29e5f2
3fb165ce78d3f35c036d5f75cd3536d5259b886e206b6c947a3fe736e7b3b2a5
415b89bc5a2cc540059c9195bb5fe46a7002ddd30882f7ea82e28b8aa8cbe6d0
43af4a12b5ad12a42f48de52c75b8e500fbf845a4b952cdb7361ebed57b1eadf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
485f70d34183710f1a8afc4e70e01ef9bad970c26a08c516968ce1901a5d2fa7
4a095c4b655aa774d4b1eb479908d0aa5ce3482b701c4b25af75050e0fe85ebb
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
54dfbf90bd0505ed3f0a6f25772e3b651ab73ba47a43c764e06b624e0fe18c2d
55a75d636531490fa125a4829e64eb04496e32b448f844f5bdd5c53b433284ee
58a037df6363b1c9619199cf7fdfad3a84469cd508cfa83320e2bedf64aadc8d
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
5d0e694b43c18f087ac0ff6107485101722820e9c6ed85ca60a715304b734a86
60c84b45ef1460c5394c433d6f302ca54369ac1aac3ec1c530c57c37787ad85f
61c07ee507dd11704cdee7a368f945f6861b8241bfaa3adf6ba2d51c87c9d911
66504ec78d7e7b32437cab90dedf6f2dd30431a1eca1d84b9188d9f7886242fd
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
6d73194a3f163e6f775e14e6610b974828e46d1f30cb4ebe2cb0a9f2083615b5
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
71c0d01b58340e2f3b93195cf397530548c4a1c47c2dd06658d4d6ab885411b7
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
830905755abc15192a4819768230d82cca6eb5a16b181213d4fbe0a613ec126b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734
866229495ace15f688488e782403a5e5e966c7712c0ac56a230577c304c02668
86cfc79636e6bbb0c5606c78bf605bb9a387c7429b385567d3232908a107ca56
87679a1492e54c3d5fc043b4d12a70c42bc669fdb5b44039bdd858166d7346ca
8cfcf32c00cf4b29fd4d27154543097a0c5cb8296d64732f64170e4a9a122f07
8d50e329b90bd25c1a5b3b9a50fa840fa0daceb7dd7ea9e4c9a083f25b75705e
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
97666956e5e2edfb7808901e0069bed90df2996ff466b9d67de8f3efe9c8e56c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99d5189d1f5ac6bffd0c91be9fc4c4e554dbfed1b03446402d952b88c9181ed2
9b3d46869c59c0a5581161d440ad620d2055214f27fb4fd0e812a9eefa464c7e
9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a261f99bc019e963882813925eb4b81fb15ce33ef2735cc2d699f7d4a548d17f
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b22431c77bcb1bfbf4d4a8efd58e7763f982f548dd02eea1ae2a58e8386bb0d9
b5bce8beded4f5fe812c49a187b72cfc9f79388b03e5fd642cf8de04ccefe5d2
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b7d4f30f8e4bd6201f82b7de28f208241760d4c1990aabf6fa79afc97a3fca42
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2e66d1d7a17d523ccf19986ee33561b335b75dcd51713ba4c60d098d9ee3e59
d4bce8e36820f0cd745c95912ec506eebf956ceac9220352954c12d1a4b05c1a
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b
f01a36c7a242f4cb126c5df21a820d4d85666c33d8b5d5bc174372bb1091720c
f227e07a7f3faa6b65ffd85413cd58d620b9ea2b2cec79d5b438f7ab4d939b6f
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f57a38c51ea5089b2dc752cf618b4e7fbf79eacd23784d433e4f1b3eadf8ddfa
f6856da453ffc3040ba45f9deeb22cfc0c1d91830568cd710739a5955306bb75
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

www.gazetadopovo.com.br Open in urlscan Pro 2600:9000:223c:f800:6:45ad:3580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

130 Requests

94 %HTTPS

71 %IPv6

26 Domains

47 Subdomains

39 IPs

5 Countries

1579 kBTransfer

4928 kBSize

15 Cookies

63 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:223c:f800:6:45ad:3580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

94 %
HTTPS

71 %
IPv6

26
Domains

47
Subdomains

39
IPs

5
Countries

1579 kB
Transfer

4928 kB
Size

15
Cookies

130 HTTP transactions
3 data transactions