urlscan.io logo urlscan.io
SecurityTrails logo

www.tribunadonorte.com.br Open in urlscan Pro
23.246.230.134  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.tribunadonorte.com.br/
Submission: On October 24 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 3 countries across 17 domains to perform 161 HTTP transactions. The main IP is 23.246.230.134, located in Dallas, United States and belongs to SOFTLAYER, US. The main domain is www.tribunadonorte.com.br.
This is the only time www.tribunadonorte.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
52 23.246.230.134 36351 (SOFTLAYER)
4 104.16.85.20 13335 (CLOUDFLAR...)
3 172.217.16.138 15169 (GOOGLE)
1 69.16.175.42 33438 (HIGHWINDS2)
1 216.58.212.136 15169 (GOOGLE)
6 216.58.212.130 15169 (GOOGLE)
2 216.58.212.142 15169 (GOOGLE)
1 23.246.230.135 36351 (SOFTLAYER)
6 142.250.186.67 15169 (GOOGLE)
2 142.250.181.238 15169 (GOOGLE)
14 142.250.185.238 15169 (GOOGLE)
13 142.250.184.238 15169 (GOOGLE)
1 142.251.5.155 15169 (GOOGLE)
4 142.250.181.228 15169 (GOOGLE)
6 142.250.185.226 15169 (GOOGLE)
1 142.250.185.193 15169 (GOOGLE)
1 3 142.250.185.66 15169 (GOOGLE)
2 142.250.186.166 15169 (GOOGLE)
1 15 104.22.77.91 13335 (CLOUDFLAR...)
1 142.250.184.226 15169 (GOOGLE)
14 172.217.16.131 15169 (GOOGLE)
1 2 148.69.64.76 12353 (VODAFONE-...)
1 172.217.23.98 15169 (GOOGLE)
1 81.94.208.229 34587 (HLM2-AS)
2 142.250.185.225 15169 (GOOGLE)
161 26
52    23.246.230.134 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 86.e6.f617.ip4.static.sl-reverse.com
www.tribunadonorte.com.br
thumbor.tribunadonorte.com.br
4    104.16.85.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com
1    69.16.175.42 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net
code.jquery.com
1    216.58.212.136 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net
www.googletagmanager.com
6    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
securepubads.g.doubleclick.net
2    216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net
img.youtube.com
1    23.246.230.135 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 87.e6.f617.ip4.static.sl-reverse.com
arquivos.tribunadonorte.com.br
6    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
2    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
14    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
www.youtube.com
13    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net
stats.g.doubleclick.net
4    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
adservice.google.com
pagead2.googlesyndication.com
1    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
eede47ad3d2a54a364d7ad575b7972c7.safeframe.googlesyndication.com
3    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
static.doubleclick.net
15    104.22.77.91 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
lp.cleverwebserver.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
14    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net
www.gstatic.com
2    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
adclick.g.doubleclick.net
1    81.94.208.229 (Newcastle-under-Lyme, United Kingdom)

ASN34587 (HLM2-AS, GB)
members.bet365.de
2    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
tpc.googlesyndication.com
Domain Requested by
30 thumbor.tribunadonorte.com.br www.tribunadonorte.com.br
22 www.tribunadonorte.com.br www.tribunadonorte.com.br
14 www.gstatic.com www.youtube.com
fundingchoicesmessages.google.com
www.gstatic.com
14 www.youtube.com www.tribunadonorte.com.br
www.youtube.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.tribunadonorte.com.br
12 lp.cleverwebserver.com www.tribunadonorte.com.br
lp.cleverwebserver.com
6 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
6 securepubads.g.doubleclick.net www.tribunadonorte.com.br
securepubads.g.doubleclick.net
www.googletagservices.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 www.google.com www.tribunadonorte.com.br
www.youtube.com
tpc.googlesyndication.com
4 cdn.jsdelivr.net www.tribunadonorte.com.br
cdn.jsdelivr.net
3 googleads.g.doubleclick.net 1 redirects www.youtube.com
3 fonts.googleapis.com www.tribunadonorte.com.br
lp.cleverwebserver.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 sender.clevernt.com 1 redirects www.tribunadonorte.com.br
2 scripts.cleverwebserver.com 1 redirects www.tribunadonorte.com.br
2 static.doubleclick.net www.youtube.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 img.youtube.com www.tribunadonorte.com.br
1 members.bet365.de lp.cleverwebserver.com
1 adclick.g.doubleclick.net www.tribunadonorte.com.br
1 ui.cleverwebserver.com www.tribunadonorte.com.br
1 www.googletagservices.com securepubads.g.doubleclick.net
1 eede47ad3d2a54a364d7ad575b7972c7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 arquivos.tribunadonorte.com.br www.tribunadonorte.com.br
1 www.googletagmanager.com www.tribunadonorte.com.br
1 code.jquery.com www.tribunadonorte.com.br
0 i.ytimg.com Failed www.youtube.com
0 yt3.ggpht.com Failed www.youtube.com
161 31

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.bet365.de
Thawte RSA CA 2018		 2021-08-13 -
2022-09-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://www.tribunadonorte.com.br/
Frame ID: 978C8D42511B273FCF296092178B81CE
Requests: 102 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Frame ID: 2C062CE7487ECE5C21145FEB8FB13052
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Frame ID: AAB0E8AFA9924D8C438D1537E63B0240
Requests: 15 HTTP requests in this frame

Frame: https://eede47ad3d2a54a364d7ad575b7972c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C07B1322782205A7F41BE784DA5BBA0F
Requests: 1 HTTP requests in this frame

Frame: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Frame ID: 85F2C29B9DBD8BF8ED7AC5F770AF4EBF
Requests: 16 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Frame ID: 603440403026C4B90785FD8E1DD8006C
Requests: 14 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_00968427
Frame ID: 7139ADCCF013F3F18D70E7DE88094145
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DB4660C6566392014C97AC11CB3BA198
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C30C6C2D5C0906C2E83ADB710043DD71
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

161
Requests

63 %
HTTPS

0 %
IPv6

17
Domains

31
Subdomains

26
IPs

3
Countries

3642 kB
Transfer

9443 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 109
  • http://scripts.cleverwebserver.com/b94bbd6ea25ca7e12534f3b421bbd5d4.js HTTP 301
  • https://scripts.cleverwebserver.com/b94bbd6ea25ca7e12534f3b421bbd5d4.js
Request Chain 140
  • http://sender.clevernt.com/transporter/52640.php?ppuc=1&ppu=0&id=534554&ref=aHR0cDovL3d3dy50cmlidW5hZG9ub3J0ZS5jb20uYnIv&ruri=&r=192754993&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&landing=1&hei=undefined&mode=miniscroller&ts=0.321 HTTP 302
  • https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427

161 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tribunadonorte.com.br/ 		112 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx / PHP/5.4.45-0+deb7u5
Resource Hash
04d624496c30ae9ef00aea48862020e2dfb8ee70c562a523c540c57d495b6321

Request headers

Host
www.tribunadonorte.com.br
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Sun, 24 Oct 2021 01:34:13 GMT
Content-Type
text/html
X-Powered-By
PHP/5.4.45-0+deb7u5
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Encoding
gzip
Vary
Accept-Encoding
X-Varnish
4059679 6888377
Age
86
Via
1.1 varnish-v4
x-cache
HIT
Accept-Ranges
bytes
Content-Length
19702
Connection
keep-alive
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/bootstrap.min.css
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tribunadonorte.com.br/
Origin
http://www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3837053
x-jsd-version
5.0.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19144-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"25fef-PDndyutgvrSms9Gt5O+JOaWK1Zo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a2f7843fb864114-PRG
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3837054
x-jsd-version
1.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19135-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a2f7843fccc2788-PRG
default.css
www.tribunadonorte.com.br/public/css/commons/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.tribunadonorte.com.br/public/css/commons/default.css
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
de2f02921c678f7ca43a1b5252b9205f68380972766faea4361aff35c43b733c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.tribunadonorte.com.br/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Wed, 15 Sep 2021 19:49:00 GMT
Server
nginx
ETag
"61424e2c-6f8"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1784
default.css
www.tribunadonorte.com.br/public/css/index/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.tribunadonorte.com.br/public/css/index/default.css
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
02fc178aa9c6515838efbaa21df022c9eed7d41228a8c85551a4998b25bd62cb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.tribunadonorte.com.br/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Tue, 21 Sep 2021 16:48:57 GMT
Server
nginx
ETag
"614a0cf9-50b"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1291
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito&display=swap
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
2483fa39123610a3b3a0111663a4211fdf03d173d9f4c670ba40eb726314844f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:26:34 GMT
server
ESF
date
Sun, 24 Oct 2021 01:35:40 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 01:35:40 GMT
jquery-3.6.0.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.slim.min.js
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 17:27:20 GMT
server
nginx
etag
W/"603e7578-11ab4"
vary
Accept-Encoding
x-hw
1635039340.dop240.fr8.t,1635039340.cds212.fr8.hn,1635039340.cds054.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24587
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1869262-3
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0da2a75f8fc5ea2422b8915c01779a29f7efaeda15ff7edaf68733540950ead2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35720
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 01:35:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
097fb9439186fc5c09ffc7c2537a8ba20da88c443fa4b725d9a29ff12209de96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1023 / 107 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27151
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 01:35:40 GMT
logo-tribuna-header.png
www.tribunadonorte.com.br/app/assets/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/logo-tribuna-header.png
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
2b99e9d86c70070c304f526c3a02123b8e38fce7efbfdb73209d77b32521f8d9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Fri, 01 Oct 2021 14:07:33 GMT
Server
nginx
ETag
"61571625-96cc"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
38604
btn_jp_ouvir.jpeg
www.tribunadonorte.com.br/app/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/btn_jp_ouvir.jpeg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e2e66a4b96917f6296a7c38941004aa9a698f0aaa471908d53bed2d091cfd365

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Tue, 22 Jun 2021 17:14:00 GMT
Server
nginx
ETag
"60d21a58-f06"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
3846
logo-tribuna-header-mobile.png
www.tribunadonorte.com.br/app/assets/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/logo-tribuna-header-mobile.png
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
35edf6768ca5c050a1f69dfbe86b19cda3c23945627cf815e0a2b3947abc85c6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Fri, 01 Oct 2021 14:07:33 GMT
Server
nginx
ETag
"61571625-3f72"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
16242
256459.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256459.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
4ff1165e5033f6442ef5e02e5d1e82ebd349d02049d12faff3d2ba16d5c5c42c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:32 GMT
Via
1.1 varnish-v4
Server
nginx
Age
188
Etag
"c142f299fa6f2d9d3c5a530e4b285dfaa6cf5a14"
x-cache
HIT
X-Varnish
4803960 3385861
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
3544
Expires
Mon, 25 Oct 2021 01:32:32 GMT
256455.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256455.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
a26feb067add48cbc4b833d3d65d94b5cbb13e108bf34bfec278c5bf3d16e05f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:32 GMT
Via
1.1 varnish-v4
Server
nginx
Age
188
Etag
"fadc9345560688325452c2c6ad817eab704cf8d4"
x-cache
HIT
X-Varnish
7115285 4803897
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1864
Expires
Mon, 25 Oct 2021 01:32:32 GMT
256502.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256502.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
1b949ccf79f87c004fa8ca669afbcca724d82df23b4df9aedfa6c16cec010598

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:32 GMT
Via
1.1 varnish-v4
Server
nginx
Age
188
Etag
"29e8b05f434d5b739de1c55b7a2818fe45f146bd"
x-cache
HIT
X-Varnish
6110198 6888066
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
3670
Expires
Mon, 25 Oct 2021 01:32:32 GMT
256457.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256457.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
c26dde169b4b02e810e275ccd6e987b6e170c34f4bd5512834ccd9d7b8328f86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:32 GMT
Via
1.1 varnish-v4
Server
nginx
Age
188
Etag
"346188b15b1e33f5923b59160d1d14e7fff5ffb6"
x-cache
HIT
X-Varnish
5666149 6183198
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4275
Expires
Mon, 25 Oct 2021 01:32:32 GMT
256452.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256452.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
156e8cf597065c2fa6b590cdcf771e60a65cf842285309bf786c65ebaf20121e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:29:08 GMT
Via
1.1 varnish-v4
Server
nginx
Age
392
Etag
"e86b815a65e1836b7b6f679aea2c22192e69bf65"
x-cache
HIT
X-Varnish
4254142 5633698
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4340
Expires
Mon, 25 Oct 2021 01:29:08 GMT
227485.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/227485.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d44ed8c4d4ded329229471f591b332b8e1590980f2e684c03548a40feff0247f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:10 GMT
Via
1.1 varnish-v4
Server
nginx
Age
210
Etag
"2c72698c3bb553a04602d116ca31101c068679b9"
x-cache
HIT
X-Varnish
6110199 7275867
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1768
Expires
Mon, 25 Oct 2021 01:32:10 GMT
256463.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256463.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d88acaf297170713ce66141cc9a67f5dc3959761785173019c567791a45b290e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:27:20 GMT
Via
1.1 varnish-v4
Server
nginx
Age
500
Etag
"ef0e17b880612366b90822ad4b4b2884ff4d273c"
x-cache
HIT
X-Varnish
7115286 7340417
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4154
Expires
Mon, 25 Oct 2021 01:27:20 GMT
256261.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256261.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
7c68f133c89d23d03b4bfd987f7f9dc3777cddf587fcb855908a16c8f675ce6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:10 GMT
Via
1.1 varnish-v4
Server
nginx
Age
210
Etag
"b79b8c0574b275f0ffa0f496a480c6b2c4fc81a7"
x-cache
HIT
X-Varnish
6531461 2154167
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4483
Expires
Mon, 25 Oct 2021 01:32:10 GMT
256491.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256491.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
2bff71ab32b38a748bce0ecff6a9e0e6b1b2345e0eca6862290ca59bdeeb1c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:28:28 GMT
Via
1.1 varnish-v4
Server
nginx
Age
432
Etag
"7a3d4be94785859405b5bd2e6c5c2595c78ce65e"
x-cache
HIT
X-Varnish
2549597 6182823
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
3599
Expires
Mon, 25 Oct 2021 01:28:28 GMT
256471.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256471.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e6d3d4348b766612502ec94d9b8a81b79bcdcb8a86fba6e3935e7322935f3ed7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:29:44 GMT
Via
1.1 varnish-v4
Server
nginx
Age
357
Etag
"10569fe4037fc48a16a12fb5a3e396890523cf88"
x-cache
HIT
X-Varnish
6303440 4389488
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
6297
Expires
Mon, 25 Oct 2021 01:29:44 GMT
256405.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256405.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
468d714fe475026a61b3a39c297f3256accd4ed48f1561a13f3475bd8c41fb3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:29:08 GMT
Via
1.1 varnish-v4
Server
nginx
Age
392
Etag
"4aefbb5d447e89581b06f9f46c510e83fd3679d0"
x-cache
HIT
X-Varnish
6564565 3385512
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
3448
Expires
Mon, 25 Oct 2021 01:29:08 GMT
256506.jpg
thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/150x100/smart/portal/256506.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
40ef89e55d455e6dde9ea40c0af2aec1134c700f6dcb42d4900ccbe20d39fbd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:34:11 GMT
Via
1.1 varnish-v4
Server
nginx
Age
89
Etag
"136493da5da346bf4c1610c2f5b5ddb7d35d6897"
x-cache
HIT
X-Varnish
6595378 5340763
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2412
Expires
Mon, 25 Oct 2021 01:34:11 GMT
256465.jpg
thumbor.tribunadonorte.com.br/unsafe/400x250/smart/portal/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/400x250/smart/portal/256465.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
f43617ed9c7cc3b2f26bda13339bfd9f0ab9bbf428053622cb900fd07d0a57a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:33:12 GMT
Via
1.1 varnish-v4
Server
nginx
Age
147
Etag
"02e6bf96cef85bbfadbb38a6e9e58766dbd83465"
x-cache
HIT
X-Varnish
6595374 7276047
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
15883
Expires
Mon, 25 Oct 2021 01:33:12 GMT
256454.jpg
thumbor.tribunadonorte.com.br/unsafe/400x250/smart/portal/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/400x250/smart/portal/256454.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
56b4a0603308abd8ca33b568035bdf2831059ad01cfc951d164afa8e725d9db4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:27:20 GMT
Via
1.1 varnish-v4
Server
nginx
Age
500
Etag
"cec048046efdcf73ad90914f234fc9a6099160d5"
x-cache
HIT
X-Varnish
4803961 6150981
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
28700
Expires
Mon, 25 Oct 2021 01:27:20 GMT
244291.jpg
thumbor.tribunadonorte.com.br/unsafe/400x250/smart/portal/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/400x250/smart/portal/244291.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
2a57c944bc85b5abacd44f9f5c2c44a941560e5b74490a3b53d70047dd0219e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:29:33 GMT
Via
1.1 varnish-v4
Server
nginx
Age
367
Etag
"deb216e8727eb048e0fab6479ce3eff4b8564eef"
x-cache
HIT
X-Varnish
6110200 4058761
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
18531
Expires
Mon, 25 Oct 2021 01:29:33 GMT
248683.jpg
thumbor.tribunadonorte.com.br/unsafe/400x250/smart/portal/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/400x250/smart/portal/248683.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
eded4386732b423379b071d22dee0bb0f15d00597b60a476d8f8d4b3b6481746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:11 GMT
Via
1.1 varnish-v4
Server
nginx
Age
209
Etag
"bb3cc3f96fb008698b701eec2beeb96bb2c54678"
x-cache
HIT
X-Varnish
3385985 7243979
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
26358
Expires
Mon, 25 Oct 2021 01:32:11 GMT
256481.jpg
thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/256481.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
ad190e83ef3c7bf71ea6ac6b056d3a83e85f7f38cfe77b43e7f007395829495e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:33:12 GMT
Via
1.1 varnish-v4
Server
nginx
Age
147
Etag
"62615942e84c7abe6ad32936d4e486637ec8dd46"
x-cache
HIT
X-Varnish
4254138 2154379
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
8180
Expires
Mon, 25 Oct 2021 01:33:12 GMT
256475.jpg
thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/256475.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
6a429cd0c2082e1dbcd477293f27555a57845b1b74fa507408bca869fa6a2aa5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:27:50 GMT
Via
1.1 varnish-v4
Server
nginx
Age
470
Etag
"b1adcc6e2c7e4382b734e5cff07121426178c9ba"
x-cache
HIT
X-Varnish
6564558 6887295
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
5823
Expires
Mon, 25 Oct 2021 01:27:50 GMT
254222.jpg
thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/254222.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
0d9048d3172f10825fd3c5dc88fdcd9cc6fedf5424ab0e623acad58ba6059b8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:11 GMT
Via
1.1 varnish-v4
Server
nginx
Age
209
Etag
"d4f2838e327404c4bddbfec6b7ca0858ff1eaf0a"
x-cache
HIT
X-Varnish
4059687 6403554
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
3193
Expires
Mon, 25 Oct 2021 01:32:11 GMT
256492.jpg
thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/256492.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
ddea84af3bf253512d13980367c44e9c07334a2b96f094d831bd033ea1f8d277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:33:13 GMT
Via
1.1 varnish-v4
Server
nginx
Age
147
Etag
"69b66f72ad047560edf1d9ce4dac244285186603"
x-cache
HIT
X-Varnish
6531457 7341181
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4888
Expires
Mon, 25 Oct 2021 01:33:13 GMT
256464.jpg
thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/256464.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
c6caa5b267c892e093db2521d319cfa3b45d5a91b2adf7b5f95c5a3dbab17a34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:32:33 GMT
Via
1.1 varnish-v4
Server
nginx
Age
187
Etag
"07c89a30ba059152288f9c6bdcafac8c0e3702b3"
x-cache
HIT
X-Varnish
6303438 5917748
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2816
Expires
Mon, 25 Oct 2021 01:32:33 GMT
256476.jpg
thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/160x100/smart/portal/256476.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
97e9a361c4f175d984cdaedc75357e9ddee660e7a594dc7d7ed57002f48bb01b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:31:40 GMT
Via
1.1 varnish-v4
Server
nginx
Age
240
Etag
"76bf69e2846a53a9a0efd36628b48925a376178f"
x-cache
HIT
X-Varnish
6303439 3385705
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4785
Expires
Mon, 25 Oct 2021 01:31:40 GMT
tn-youtube-subscribe.png
www.tribunadonorte.com.br/app/assets/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/tn-youtube-subscribe.png
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
ea776bf66e0ce1d823675111d4ebd4426957237f2a05772195c868133087a48a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Mon, 11 Oct 2021 18:53:13 GMT
Server
nginx
ETag
"61648819-3231"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
12849
0.jpg
img.youtube.com/vi/49QTE0ac7NM/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/49QTE0ac7NM/0.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
sffe /
Resource Hash
ba41a4a4453c9652134fffdc5cd151d2a5a633b03d09cac274c0245d4785277b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33052
x-xss-protection
0
server
sffe
etag
"1634935935"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 24 Oct 2021 01:40:40 GMT
jp-youtube-subscribe.png
www.tribunadonorte.com.br/app/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/jp-youtube-subscribe.png
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d402c4fd8377a83a44ba6eb249bfd7cf94eab73597e180be0cd13ff3767c6d1d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Fri, 27 Aug 2021 15:47:33 GMT
Server
nginx
ETag
"61290915-1ab2"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
6834
territoriolivre.jpg
www.tribunadonorte.com.br/app/assets/images/bloggers/small/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/bloggers/small/territoriolivre.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
93479b7bcc76ab51f759e12b78a3dc99115b8fb9a6455b9dc298b14c18f07416

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Tue, 05 Nov 2019 20:04:47 GMT
Server
nginx
ETag
"5dc1d5df-29eb"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
10731
agitosebaladas.jpg
www.tribunadonorte.com.br/app/assets/images/bloggers/small/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/bloggers/small/agitosebaladas.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
de474d7643968327128b3a09b540e1ea6d79f073ea09205d2eaaed6dcaae5605

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Mon, 18 Nov 2019 19:36:32 GMT
Server
nginx
ETag
"5dd2f2c0-27f0"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
10224
eturismo.jpg
www.tribunadonorte.com.br/app/assets/images/bloggers/small/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/bloggers/small/eturismo.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
3a6ea070710f8396dec970bdee2fb6e578cf2b8493ba53df6e462eeae00ce5ce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Fri, 13 Mar 2015 18:43:35 GMT
Server
nginx
ETag
"55032fd7-16da"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
5850
alexmedeiros.jpg
www.tribunadonorte.com.br/app/assets/images/bloggers/small/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/bloggers/small/alexmedeiros.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
887bfa07f86942d91b1b8f7e6d0e4b2dcdc22741590cde9cdb7100413e7273b8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Sat, 21 Aug 2021 12:40:53 GMT
Server
nginx
ETag
"6120f455-32ac"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
12972
direito_e_desenvolvimento.png
www.tribunadonorte.com.br/app/assets/images/columns/small/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/columns/small/direito_e_desenvolvimento.png
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
9c064de97e9f32f90a55a526257ba43c578fec3f0ecc1e75536a95cce488e3bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Fri, 29 Nov 2019 18:49:28 GMT
Server
nginx
ETag
"5de16838-2c1c"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
11292
alex_medeiros.jpg
www.tribunadonorte.com.br/app/assets/images/columns/small/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/columns/small/alex_medeiros.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
887bfa07f86942d91b1b8f7e6d0e4b2dcdc22741590cde9cdb7100413e7273b8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Sat, 21 Aug 2021 00:24:47 GMT
Server
nginx
ETag
"612047cf-32ac"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
12972
vicente_serejo.jpg
www.tribunadonorte.com.br/app/assets/images/columns/small/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/columns/small/vicente_serejo.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
b77f695cc0259ec4ed541eb34c9c752a02f3533b48a082ca2aabe90388b8d8ba

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Last-Modified
Tue, 02 Jul 2019 19:39:35 GMT
Server
nginx
ETag
"5d1bb2f7-3971"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
14705
cassiano_arruda.jpg
www.tribunadonorte.com.br/app/assets/images/columns/small/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/columns/small/cassiano_arruda.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
dde992cd2987445c5ba69ec70cc8db135a60e9897f6f6f141fd37be32089de81

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Last-Modified
Tue, 02 Jul 2019 19:39:35 GMT
Server
nginx
ETag
"5d1bb2f7-39be"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
14782
logo-tnplay-multimidia-desktop.jpeg
www.tribunadonorte.com.br/app/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/logo-tnplay-multimidia-desktop.jpeg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
3e740bf84b8ed97e01cb4a1215fff27fa7886c189924bf4d7e09e5be1415bf5d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Last-Modified
Wed, 13 Oct 2021 19:11:27 GMT
Server
nginx
ETag
"61672f5f-186a"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
6250
tnplay-vejamais.png
www.tribunadonorte.com.br/app/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/tnplay-vejamais.png
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
1efd0164e9698343b492665db1a3e9ddfc812e7c75464892e9b9c6e6345adc26

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Last-Modified
Wed, 13 Oct 2021 19:11:27 GMT
Server
nginx
ETag
"61672f5f-1a50"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
6736
0.jpg
img.youtube.com/vi/PjH1nigeN3w/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/PjH1nigeN3w/0.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
sffe /
Resource Hash
d4d417d4df921b38bd9b67917dccb1c80a5d2e47065d63166a8072d3ddbf024a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30778
x-xss-protection
0
server
sffe
etag
"1634565044"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 24 Oct 2021 03:35:40 GMT
6938.jpg
thumbor.tribunadonorte.com.br/unsafe/180x100/smart/videos/capa/multimidia/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/180x100/smart/videos/capa/multimidia/6938.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
2fc7e190630715ab652e6296e2357c5513abc29219717f5c1c4975fd454fa839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:30:24 GMT
Via
1.1 varnish-v4
Server
nginx
Age
316
Etag
"3c26c0355ba867d31638f95a52d786c343fac1f2"
x-cache
HIT
X-Varnish
6595379 5369371
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4063
Expires
Mon, 25 Oct 2021 01:30:24 GMT
6893.jpg
thumbor.tribunadonorte.com.br/unsafe/180x100/smart/videos/capa/multimidia/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/180x100/smart/videos/capa/multimidia/6893.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
0089c5b2cf1c1e6546922336307debb315a48cf9ba2dfb272732dd8c3144febd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:27:55 GMT
Via
1.1 varnish-v4
Server
nginx
Age
466
Etag
"27a4fab65bf6c1fde3cdff3216d6f8f9619ffd93"
x-cache
HIT
X-Varnish
5666152 7178735
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4764
Expires
Mon, 25 Oct 2021 01:27:55 GMT
17063867.jpg
thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/144647/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/144647/17063867.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
0863b44e5eff907a1f0509a80b93aeb112c260bbba33eb38c2d364b443f5330a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:34:24 GMT
Via
1.1 varnish-v4
Server
nginx
Age
76
Etag
"91f2065bcc67e46b8fc894241beebba23b10e9d0"
x-cache
HIT
X-Varnish
6110204 7307721
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
7536
Expires
Mon, 25 Oct 2021 01:34:24 GMT
17042691.jpg
thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/120834/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/120834/17042691.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cba5bf06efcec1168cc22a311f81bb130722eedec83fe2eb1a8448f9268b43a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:34:24 GMT
Via
1.1 varnish-v4
Server
nginx
Age
76
Etag
"551b0a34d0c03e5b570f79c090efad59a44b5310"
x-cache
HIT
X-Varnish
4254146 6201509
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
7033
Expires
Mon, 25 Oct 2021 01:34:24 GMT
16909009.JPG
thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/142972/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/142972/16909009.JPG
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
f350178a05a7215f94899809d396da2c73a429c27c73977f99e96201e76034cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:34:24 GMT
Via
1.1 varnish-v4
Server
nginx
Age
76
Etag
"f7f6ae4e2f0a394432138cf5d595ac5013d31858"
x-cache
HIT
X-Varnish
5666153 5340811
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4268
Expires
Mon, 25 Oct 2021 01:34:24 GMT
17036086.jpg
thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/122986/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/122986/17036086.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
867db37d633a8fc4bfd72dfc69838363dcfee7e15e00698dd4af8770bdf9423a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:34:24 GMT
Via
1.1 varnish-v4
Server
nginx
Age
76
Etag
"c86dae1e368ddf5e18f4d2b6f9d18875e10ed846"
x-cache
HIT
X-Varnish
3385987 6956277
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
4762
Expires
Mon, 25 Oct 2021 01:34:24 GMT
17067349.jpeg
thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/114634/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/114634/17067349.jpeg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
b5a8b821aedf5da9f00b120d69d2bb1c7217a6dcdefc74fb81679db8353d0b0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:33:06 GMT
Via
1.1 varnish-v4
Server
nginx
Age
154
Etag
"2a66c05a750cb8bdc7b9c84d0f0cb43391a14856"
x-cache
HIT
X-Varnish
6303444 6329408
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
8529
Expires
Mon, 25 Oct 2021 01:33:06 GMT
17027084.jpg
thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/128148/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thumbor.tribunadonorte.com.br/unsafe/210x160/smart/classificados/fotos/128148/17027084.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
00135fa1d5237c24f8e5b2949f2b01257a73a2540556d3a94190808231023070

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:33:06 GMT
Via
1.1 varnish-v4
Server
nginx
Age
154
Etag
"30245294852b8318f486ae3a0d5b55659a6260a1"
x-cache
HIT
X-Varnish
3385988 4059302
Cache-Control
max-age=86400,public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
6203
Expires
Mon, 25 Oct 2021 01:33:06 GMT
heitorgregorio.jpg
www.tribunadonorte.com.br/app/assets/images/bloggers/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/bloggers/small/heitorgregorio.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
7137238480e33b4d69e28bac0371f20f5226451d5e3252a33f1b16863a6735d1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:40 GMT
Last-Modified
Thu, 14 Oct 2021 13:46:12 GMT
Server
nginx
ETag
"616834a4-68e"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
1678
augustobezerril.jpg
www.tribunadonorte.com.br/app/assets/images/bloggers/small/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/bloggers/small/augustobezerril.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
4cbd32b8bad80a34daa8ec5a9fa3ce9b71f0d4d8bc947f10ffeaf1a26e94fafe

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]; __gads=ID=afa6a07831a38883-22a3b177feca00de:T=1635039340:S=ALNI_MZTncWRdQLt5C2x9bvzOcKQMMg_mA
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Last-Modified
Tue, 17 Apr 2018 15:21:29 GMT
Server
nginx
ETag
"5ad610f9-1576"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
5494
btn-apple.png
www.tribunadonorte.com.br/app/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/btn-apple.png
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e49c1ce0450b9d586bcde5d3f8068589f270cb9935bf622fc624cc6c91ff1099

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039340701]]; __gads=ID=afa6a07831a38883-22a3b177feca00de:T=1635039340:S=ALNI_MZTncWRdQLt5C2x9bvzOcKQMMg_mA
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Last-Modified
Fri, 27 Aug 2021 19:01:40 GMT
Server
nginx
ETag
"61293694-17bf"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
6079
btn-play.png
www.tribunadonorte.com.br/app/assets/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tribunadonorte.com.br/app/assets/images/btn-play.png
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.134 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d20b62b8c1683dafc4b91f9098bb82354f31e1a74aa4dce76b86eddd137dfa00

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tribunadonorte.com.br/
Cookie
_ga=GA1.3.143642675.1635039341; _gid=GA1.3.1353099270.1635039341; _gat_gtag_UA_1869262_3=1; __gads=ID=afa6a07831a38883-22a3b177feca00de:T=1635039340:S=ALNI_MZTncWRdQLt5C2x9bvzOcKQMMg_mA; FCNEC=[["AKsRol8fQFDWtX85wN-BsOzf6iLhNr-Z7nPj7bFGp-Bft8R-e1t6xV87ps2vyqPiCIhS4aJhO_KSndjrbb8KYehwsvMtwUeJyd9K_BVhYRcUlifp2C9su_gXdv-TSOFWKyu9p2TYfNG2rMzLqbGcI1J4fpQpv2HM2w=="]]; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1635039341365]]
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Last-Modified
Fri, 27 Aug 2021 19:01:40 GMT
Server
nginx
ETag
"61293694-191e"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
6430
ji_2021-10-23.jpg
arquivos.tribunadonorte.com.br/fotos/capa/jornal_impresso/ 		526 KB
526 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://arquivos.tribunadonorte.com.br/fotos/capa/jornal_impresso/ji_2021-10-23.jpg
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
23.246.230.135 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
87.e6.f617.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
5d02bafb5c490dcf3a38c8921aa9e04eaa8f052c2d9a57de3095544cbd3b9fbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:33:21 GMT
Via
1.1 varnish-v4
Last-Modified
Sat, 23 Oct 2021 03:31:59 GMT
Server
nginx
Age
139
ETag
"6173822f-836d5"
x-cache
HIT
X-Varnish
7081726 6921686
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
538325
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tribunadonorte.com.br/
Origin
http://www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3837055
x-jsd-version
5.0.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19180-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1339c-XbTEDbxr09liPumKIGHdJliFzy4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a2f78458c414114-PRG
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:51:52 GMT
x-content-type-options
nosniff
age
571428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18972
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 17 Oct 2022 10:51:52 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
Origin
http://www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3837053
x-jsd-version
1.5.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
90528
x-served-by
cache-fra19160-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
cf-ray
6a2f78458c404114-PRG
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1869262-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
5706
date
Sun, 24 Oct 2021 00:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sun, 24 Oct 2021 02:00:34 GMT
pubads_impl_2021101301.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
124656
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 20:34:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 01:35:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		106 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tribunadonorte.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
edab301c56ed6df142b9a55ce3c65c0c884f49d486cc1ffdf859cb8bc77466d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
88
x-xss-protection
0
expires
Sun, 24 Oct 2021 01:35:40 GMT
truncated
/ 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
videoseries
www.youtube.com/embed/ Frame 2C06 		206 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
3ffc420d41371277590bc5faa96beec37aeae42ce10d4083a86fcc9d3e2859a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tribunadonorte.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 24 Oct 2021 01:35:40 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=EqRImCtFmBY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=0PgVM9t03WA; Domain=.youtube.com; Expires=Fri, 22-Apr-2022 01:35:40 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=2125794636&t=pageview&_s=1&dl=http%3A%2F%2Fwww.tribunadonorte.com.br%2F&ul=en-us&de=UTF-8&dt=Tribuna%20do%20Norte%3A%20Not%C3%ADcias%2C%20Imagens%2C%20V%C3%ADdeos%20e%20Entrevistas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1883644064&gjid=1580257441&cid=143642675.1635039341&tid=UA-1869262-3&_gid=1353099270.1635039341&_r=1&gtm=2ouak0&z=1237727469
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 01:35:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1007775
fundingchoicesmessages.google.com/i/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/1007775?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
8dd23156d6438c1662bc07110b0b8bf2b8e04cd96c0e19b15a365d5e00e790f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Sm6tOs5OJ9j7vTA52A4xdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-Sm6tOs5OJ9j7vTA52A4xdw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-Sm6tOs5OJ9j7vTA52A4xdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-Sm6tOs5OJ9j7vTA52A4xdw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
videoseries
www.youtube.com/embed/ Frame AAB0 		206 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
3476be35233a4c3fd5885acde3444d06938d2714c22639f3213dba5ed201467a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tribunadonorte.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 24 Oct 2021 01:35:40 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=g9SyVBhRYsM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=ruyc-3H6C3E; Domain=.youtube.com; Expires=Fri, 22-Apr-2022 01:35:40 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
collect
stats.g.doubleclick.net/j/ 		2 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-1869262-3&cid=143642675.1635039341&jid=1883644064&gjid=1580257441&_gid=1353099270.1635039341&_u=YEBAAUAAAAAAAC~&z=1069820195
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 Oct 2021 01:35:40 GMT
content-type
text/plain
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
ga-audiences
www.google.com/ads/ 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-1869262-3&cid=143642675.1635039341&jid=1883644064&_u=YEBAAUAAAAAAAC~&z=890332585
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 01:35:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player-webp.css
www.youtube.com/s/player/26b082a8/ Frame 2C06 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
31b0cffeab2ce48e9b49c9c833bf549db30ae841c4e2d5512c30823042b36bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
294173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
46946
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 15:52:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2C06 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:41:55 GMT
x-content-type-options
nosniff
age
240825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 06:41:55 GMT
AGSKWxUI7uxi6AHy-Bb5d0A-CuuqA-ZfaOptUUwgQFlzFhrkCH_JeuxBUmhwY88yzkmt0XdOsTDmJU9tPk8VLPtvDrA=
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUI7uxi6AHy-Bb5d0A-CuuqA-ZfaOptUUwgQFlzFhrkCH_JeuxBUmhwY88yzkmt0XdOsTDmJU9tPk8VLPtvDrA=?pvid=E0BB0833-CCBB-4EC7-AC21-939A0C67286F&anonid=B7E5153B-8E12-455F-B5E2-0EF3CA62630F
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nh32gIB9bGc.es5.O/d=1/rs=AJlcJMx731qpX3HslPduIZ-bycvFUSTllw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RO4VU9RDUEAaYjuQgeuFBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-RO4VU9RDUEAaYjuQgeuFBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RO4VU9RDUEAaYjuQgeuFBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-RO4VU9RDUEAaYjuQgeuFBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUI7uxi6AHy-Bb5d0A-CuuqA-ZfaOptUUwgQFlzFhrkCH_JeuxBUmhwY88yzkmt0XdOsTDmJU9tPk8VLPtvDrA=
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUI7uxi6AHy-Bb5d0A-CuuqA-ZfaOptUUwgQFlzFhrkCH_JeuxBUmhwY88yzkmt0XdOsTDmJU9tPk8VLPtvDrA=?pvid=E0BB0833-CCBB-4EC7-AC21-939A0C67286F&anonid=B7E5153B-8E12-455F-B5E2-0EF3CA62630F
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nh32gIB9bGc.es5.O/d=1/rs=AJlcJMx731qpX3HslPduIZ-bycvFUSTllw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EzGOnmk0S4lkXEnDXS9pkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-EzGOnmk0S4lkXEnDXS9pkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 01:35:40 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EzGOnmk0S4lkXEnDXS9pkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-EzGOnmk0S4lkXEnDXS9pkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUr_csU7SGz1cKvF7PS7VoJK1mtmXhnGQG_EC7U_ggwn_CAKeB7F58SCI9g8GgX-WQ9gOl6Qhy-ilpuz42UVeM=
fundingchoicesmessages.google.com/f/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUr_csU7SGz1cKvF7PS7VoJK1mtmXhnGQG_EC7U_ggwn_CAKeB7F58SCI9g8GgX-WQ9gOl6Qhy-ilpuz42UVeM=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1MDM5MzQwLDcxMzAwMDAwMF0sIkUwQkIwODMzLUNDQkItNEVDNy1BQzIxLTkzOUEwQzY3Mjg2RiIsIkI3RTUxNTNCLThFMTItNDU1Ri1CNUUyLTBFRjNDQTYyNjMwRiIsbnVsbCxbbnVsbCxbN11dLCJodHRwOi8vd3d3LnRyaWJ1bmFkb25vcnRlLmNvbS5ici8iXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nh32gIB9bGc.es5.O/d=1/rs=AJlcJMx731qpX3HslPduIZ-bycvFUSTllw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
3d53807eca7cf12c6d15526c2b835463450f739313727532f6fb5d0f65449a54
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-55Pgcx2nkJ0tYg632pJPCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-55Pgcx2nkJ0tYg632pJPCQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-55Pgcx2nkJ0tYg632pJPCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-55Pgcx2nkJ0tYg632pJPCQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tribunadonorte.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 01:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		411 KB
74 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2701174899072204&correlator=1007431394637186&output=ldjh&impl=fifs&eid=31063226%2C21065724%2C31062524%2C31063182&vrg=2021101301&ptt=17&sc=0&sfv=1-0-38&ecs=20211024&iu_parts=1007775%2C71-DESKTOP-CAPA-HOME-CABECALHO%2C71-DESKTOP-CAPA-HOME-BETWEEN-NEWS-1%2C71-DESKTOP-CAPA-HOME-BETWEEN-NEWS-2%2C71-DESKTOP-CAPA-HOME-BETWEEN-NEWS-3%2C71-DESKTOP-CAPA-HOME-BETWEEN-NEWS-4%2C71-DESKTOP-CAPA-HOME-DHTML%2C71-DESKTOP-HOME-RETANGULO-SIDEBAR-1%2C71-DESKTOP-HOME-RETANGULO-SIDEBAR-2%2C71-DESKTOP-HOME-RETANGULO-SIDEBAR-3%2C71-DESKTOP-HOME-RETANGULO-SIDEBAR-4%2C71-DESKTOP-HOME-RETANGULO-SIDEBAR-5%2C71-DESKTOP-HOME-SUPERBANNER-TRIBUNA-PLAY%2C71-DESKTOP-HOME-SUPERBANNER-CLASSIFICADOS%2C71-DESKTOP-HOME-SUPERBANNER-ESPECIAIS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14&prev_iu_szs=1x1%7C960x90%7C950x90%7C970x66%7C970x250%7C750x100%7C980x120%7C750x200%7C750x300%7C728x300%7C1024x300%7C980x90%7C930x180%7C970x90%7C970x300%7C728x90%2C320x50%7C320x100%7C300x50%7C300x75%7C300x100%2C300x100%7C320x50%7C300x75%7C300x50%7C320x100%2C300x50%7C320x100%7C300x100%7C300x75%7C320x50%2C300x31%7C300x100%7C300x50%7C320x100%7C320x50%7C300x75%2C400x400%2C320x480%7C300x100%7C400x400%7C320x285%7C300x250%7C320x50%7C320x100%7C300x50%7C360x300%7C300x31%7C300x75%7C336x280%2C320x100%7C300x75%7C300x50%7C360x300%7C400x400%7C300x31%7C320x480%7C320x50%7C320x285%7C300x250%7C336x280%7C300x100%2C320x100%7C300x50%7C360x300%7C300x31%7C300x75%7C336x280%7C320x50%7C320x480%7C300x100%7C400x400%7C300x600%7C320x285%7C300x250%2C300x75%7C360x300%7C300x31%7C300x600%7C300x100%7C320x285%7C320x50%7C336x280%7C300x250%7C300x50%7C320x480%7C320x100%7C400x400%2C300x75%7C320x480%7C320x100%7C400x400%7C360x300%7C300x50%7C300x31%7C300x250%7C320x285%7C336x280%7C300x600%7C320x50%7C300x100%2C728x90%2C728x90%2C728x90&cookie_enabled=1&bc=23&abxe=1&lmt=1635039340&dt=1635039340722&dlt=1635039340102&idt=453&frm=20&biw=1600&bih=1200&oid=2&adxs=12%2C152%2C152%2C592%2C592%2C-9%2C1032%2C1032%2C1032%2C1032%2C1032%2C152%2C152%2C-9&adys=229%2C875%2C1423%2C819%2C1003%2C-9%2C245%2C664%2C987%2C1521%2C1892%2C2243%2C3172%2C-9&adks=3050843566%2C1698195508%2C1329348465%2C55181709%2C2777368268%2C1966868017%2C2172267812%2C2648715364%2C3519950921%2C2181637587%2C549856775%2C904785938%2C893726821%2C354408449&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.tribunadonorte.com.br%2F&vis=1&scr_x=0&scr_y=0&psz=1576x0%7C416x0%7C416x0%7C416x0%7C416x0%7C0x-1%7C416x0%7C416x0%7C416x0%7C416x0%7C416x0%7C856x0%7C856x0%7C0x-1&msz=1576x0%7C416x0%7C416x0%7C416x0%7C416x0%7C0x-1%7C416x0%7C416x0%7C416x0%7C416x0%7C416x0%7C856x0%7C856x0%7C0x-1&ga_vid=143642675.1635039341&ga_sid=1635039341&ga_hid=2125794636&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C2%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C0%7C-1%7C0%7C0%7C0%7C2%7C3%7C4%7C5%7C-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c3e77bccfd8ac7b1b56e65bb1e741661fa1787d8c216942a14a5bf10807eec25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
76012
x-xss-protection
0
google-lineitem-id
5763108617,-1,-2,-1,-1,-2,5769554538,5806793019,5799767031,5775230358,5776560928,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138359491326,-1,-2,-1,-1,-2,138360386505,138367309165,138365699096,138361305440,138361697518,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eede47ad3d2a54a364d7ad575b7972c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C07B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eede47ad3d2a54a364d7ad575b7972c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eede47ad3d2a54a364d7ad575b7972c7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tribunadonorte.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 01:35:40 GMT
expires
Mon, 24 Oct 2022 01:35:40 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
www-embed-player.js
www.youtube.com/s/player/26b082a8/www-embed-player.vflset/ Frame 2C06 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
f3356621955604161ae6d36cb9e4b1e6f845a7e925149e1fe12727e784d8aab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
255543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70164
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Oct 2022 02:36:37 GMT
base.js
www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame 2C06 		2 MB
513 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
c5f418acd5d1fbf61ef502361aedbf010f7ad13676e8c5e8cf1234c94aafb33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
294173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
525264
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 15:52:47 GMT
fetch-polyfill.js
www.youtube.com/s/player/26b082a8/fetch-polyfill.vflset/ Frame 2C06 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
32674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2830
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 23 Oct 2022 16:31:06 GMT
www-player-webp.css
www.youtube.com/s/player/26b082a8/ Frame AAB0 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
31b0cffeab2ce48e9b49c9c833bf549db30ae841c4e2d5512c30823042b36bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
294173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
46946
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 15:52:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAB0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:41:55 GMT
x-content-type-options
nosniff
age
240825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 06:41:55 GMT
www-embed-player.js
www.youtube.com/s/player/26b082a8/www-embed-player.vflset/ Frame AAB0 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
f3356621955604161ae6d36cb9e4b1e6f845a7e925149e1fe12727e784d8aab8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
255543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
70164
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Oct 2022 02:36:37 GMT
base.js
www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame AAB0 		2 MB
513 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
c5f418acd5d1fbf61ef502361aedbf010f7ad13676e8c5e8cf1234c94aafb33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
294173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
525264
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 15:52:47 GMT
fetch-polyfill.js
www.youtube.com/s/player/26b082a8/fetch-polyfill.vflset/ Frame AAB0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:31:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
32674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2830
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 23 Oct 2022 16:31:06 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 2C06
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
1ccbc19fac437d5c60edf0294cfb5b658afa49d284ef55caa7c39feed64c67d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Oct 2021 01:35:40 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2C06 		29 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:28:00 GMT
x-content-type-options
nosniff
age
460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 01:43:00 GMT
remote.js
www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame 2C06 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
debc0a0131c7217733fc951d268c25e41fbb95eddefb13a7f5b52a7799af4dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
218560
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29610
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Oct 2022 12:53:00 GMT
DgMOLZGLl3aD-gmBdY0gyGhgk8t52sjlBqPju8TolM8.js
www.google.com/js/th/ Frame 2C06 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/DgMOLZGLl3aD-gmBdY0gyGhgk8t52sjlBqPju8TolM8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
sffe /
Resource Hash
0e030e2d918b977683fa0981758d20c8686093cb79dac8e506a3e3bbc4e894cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:40:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
183283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13332
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 22:40:57 GMT
embed.js
www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame 2C06 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
21894e36aff6b0414607a89e6b22688ca4e539488f2398726d7d873e2fb4f549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
294171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7354
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 15:52:49 GMT
id
googleads.g.doubleclick.net/pagead/ Frame AAB0 		113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
80e766ebc499dd2e0093664a62f87c17c3080202f33a08b53f7211e8294b2689
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame AAB0 		29 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:28:00 GMT
x-content-type-options
nosniff
age
461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 01:43:00 GMT
remote.js
www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame AAB0 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
debc0a0131c7217733fc951d268c25e41fbb95eddefb13a7f5b52a7799af4dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
218561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29610
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 21 Oct 2022 12:53:00 GMT
DgMOLZGLl3aD-gmBdY0gyGhgk8t52sjlBqPju8TolM8.js
www.google.com/js/th/ Frame AAB0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/DgMOLZGLl3aD-gmBdY0gyGhgk8t52sjlBqPju8TolM8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
sffe /
Resource Hash
0e030e2d918b977683fa0981758d20c8686093cb79dac8e506a3e3bbc4e894cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:40:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
183284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13332
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 21 Oct 2022 22:40:57 GMT
embed.js
www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame AAB0 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
21894e36aff6b0414607a89e6b22688ca4e539488f2398726d7d873e2fb4f549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
294172
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7354
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 00:17:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 15:52:49 GMT
truncated
/ Frame AAB0 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQNmASjiPK6dEHB0eGinLJ-3Mp3zG81-WionSLa=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame AAB0 		0
0
sddefault.jpg
i.ytimg.com/vi/mi4VX_sdLn4/ Frame AAB0 		0
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2C06 		0
0
generate_204
www.youtube.com/ Frame 2C06 		0
0
atr
www.youtube.com/api/stats/ Frame 2C06 		0
0
atr
www.youtube.com/api/stats/ Frame AAB0 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJNFiUwL0CFfpebsFgK-cIJhNuvGb05zFKwL-55iPJwMZphWu_UlLQxtVPFnH4gPIErf4xRXnkFv-iUsbHns2LbYQNbROvDJCO3zNQpXWLkwbP1pCfDKwoI9cmStxlWRWLZhv61shg26H30jFIBdfmuhPPlLq4f7m5H4nVxQlVD_PljTw5kzeGbbg6lcSHtc-3VFkPchecC39Z1l6sw-tMAtI48R_1bjDbRLqFtnN84B6-vjo0MlSLyLhpH1x9ntA7uWRg16q5WG0VP54QIyn78bG4SvrDOxqN5AR32ZNGV2O1ZgqksN0eLNBhhRnIh_LAbm-NyR2Gv85GLS-ol1h3ZNYF&sai=AMfl-YQMvhJWAaWF_aXclniWf1ak8mofcoSSZXQx-dnVLnfQTUmZVJUisY5LzGz3GuugHiHBTpA5KAHIb5Ie2PZsaeoSbF4n0gVh1YA8_L3klmMAzsWaBQp0HjWvWxRcie0r&sig=Cg0ArKJSzIW3ohNSLVqhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 01:35:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
b94bbd6ea25ca7e12534f3b421bbd5d4.js
scripts.cleverwebserver.com/
Redirect Chain
  • http://scripts.cleverwebserver.com/b94bbd6ea25ca7e12534f3b421bbd5d4.js
  • https://scripts.cleverwebserver.com/b94bbd6ea25ca7e12534f3b421bbd5d4.js
126 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/b94bbd6ea25ca7e12534f3b421bbd5d4.js
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51898b84e15b94fbdab0b1d777cd1b59929b8b281b42da12319caa445db3920c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Oct 2021 16:09:56 GMT
server
cloudflare
x-amz-request-id
9V867DKAAGBDPED6
etag
W/"d2fdfe5eb83e044dbe4f503256cab8f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
4RBRLsu41vfpdM7CWt.zECmLnppfNPvT
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6a2f784c8e23f9e6-PRG
x-amz-id-2
E/27SccXJ3Gv3G5ZxfmINEdplFntPxb3DtK1NNT+iP+F01ix9e3DBN+3AItC3Ec11B1kD8RehJg=

Redirect headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://scripts.cleverwebserver.com/b94bbd6ea25ca7e12534f3b421bbd5d4.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6a2f784c19e34108-PRG
Expires
Sun, 24 Oct 2021 02:35:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 01:35:41 GMT
AGSKWxX1OQgmTYGManOqNrL6ZrHPRv7on0oZ4k82KzFLTf2qiEPWwUx3GtjsLpgT0zTdmeYWc6Zye941kz7VR4ktYo57aV_TcFYSF0ZlHcZKlh2-uKlwYzakJEhzYOr8eXH7LDAOTs4Letl6tTV1JYZp5VGXynTCCmo5z_f-Vsi-Egs9WBAaVxnVZZPd4eBS
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1OQgmTYGManOqNrL6ZrHPRv7on0oZ4k82KzFLTf2qiEPWwUx3GtjsLpgT0zTdmeYWc6Zye941kz7VR4ktYo57aV_TcFYSF0ZlHcZKlh2-uKlwYzakJEhzYOr8eXH7LDAOTs4Letl6tTV1JYZp5VGXynTCCmo5z_f-Vsi-Egs9WBAaVxnVZZPd4eBS
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-35Cg2dYE++3/CW3pK7oGVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-35Cg2dYE++3/CW3pK7oGVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-35Cg2dYE++3/CW3pK7oGVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-35Cg2dYE++3/CW3pK7oGVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwdbEPnI3aBiZx8MPWMaA9YdE3tXHOS623vffUHf-ijiTmHHYUCy69wsQyxi7IdiQRjjdJrouWzZPq5NC1CW8-_5z66X9cPb3dW-_99YGRqOUB8ggDLLrMNYzdnLMkERugIKEps83X5rT8pv28BHPvQzri7AfaVAUDJ8aMfQiCrKoJJopxh2sqSEYN
fundingchoicesmessages.google.com/f/ 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVwdbEPnI3aBiZx8MPWMaA9YdE3tXHOS623vffUHf-ijiTmHHYUCy69wsQyxi7IdiQRjjdJrouWzZPq5NC1CW8-_5z66X9cPb3dW-_99YGRqOUB8ggDLLrMNYzdnLMkERugIKEps83X5rT8pv28BHPvQzri7AfaVAUDJ8aMfQiCrKoJJopxh2sqSEYN?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1MDM5MzQxLDIwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzIsWzcsNl1dLCJodHRwOi8vd3d3LnRyaWJ1bmFkb25vcnRlLmNvbS5ici8iXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
550e57e109478f414b95f16e48604ced150358458fb6fdb9a1c46c10993f4e9f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c4LEJ87dLQI9mRuBQDMbRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-c4LEJ87dLQI9mRuBQDMbRg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 01:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-c4LEJ87dLQI9mRuBQDMbRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-c4LEJ87dLQI9mRuBQDMbRg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX1OQgmTYGManOqNrL6ZrHPRv7on0oZ4k82KzFLTf2qiEPWwUx3GtjsLpgT0zTdmeYWc6Zye941kz7VR4ktYo57aV_TcFYSF0ZlHcZKlh2-uKlwYzakJEhzYOr8eXH7LDAOTs4Letl6tTV1JYZp5VGXynTCCmo5z_f-Vsi-Egs9WBAaVxnVZZPd4eBS
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1OQgmTYGManOqNrL6ZrHPRv7on0oZ4k82KzFLTf2qiEPWwUx3GtjsLpgT0zTdmeYWc6Zye941kz7VR4ktYo57aV_TcFYSF0ZlHcZKlh2-uKlwYzakJEhzYOr8eXH7LDAOTs4Letl6tTV1JYZp5VGXynTCCmo5z_f-Vsi-Egs9WBAaVxnVZZPd4eBS
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Pzkn6oUlWAg.es5.O/d=1/rs=AJlcJMz6lYLs0-zxiv9w7zuX6e0kLl7UtA/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DaQHW7xPW5LMJoAPYpuHmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DaQHW7xPW5LMJoAPYpuHmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-DaQHW7xPW5LMJoAPYpuHmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DaQHW7xPW5LMJoAPYpuHmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e31fdbc81b358932951e4e488dcbfd641b1d0214fff56e2537ec14784e3212d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ 		54 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdWallClientJs.de.a728tDgx9nM.es5.O/d=1/rs=AJlcJMweHSifZU89USrXD_JNzFeYa87FJA/m=adwall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
e23fa6b36ae789b036c92fedf9d9fa6d53ec38933b8413048c40fa473e809941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 01:35:41 GMT
server
ESF
date
Sun, 24 Oct 2021 01:35:41 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 01:35:41 GMT
AGSKWxU37JX1rWMrO2PPKwDtSgmcv7GjCXU95Wa7pKrw1W6iXfmMFm62ZCgoLgL8zpEszBbNawaTYNWaxraMD-V4KLNVmESfuoLw98KmdIaHLlnMMcOaXZw1_gs-Zzv72ERv_vN_1Wqg9Qy2lroKRr7QO68ox8gCytQdujKy3rR5I_9vCNxtbtH-4cqZVObN
fundingchoicesmessages.google.com/f/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU37JX1rWMrO2PPKwDtSgmcv7GjCXU95Wa7pKrw1W6iXfmMFm62ZCgoLgL8zpEszBbNawaTYNWaxraMD-V4KLNVmESfuoLw98KmdIaHLlnMMcOaXZw1_gs-Zzv72ERv_vN_1Wqg9Qy2lroKRr7QO68ox8gCytQdujKy3rR5I_9vCNxtbtH-4cqZVObN?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1MDM5MzQxLDMwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzIsWzcsNiw1XV0sImh0dHA6Ly93d3cudHJpYnVuYWRvbm9ydGUuY29tLmJyLyJd
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdWallClientJs.de.a728tDgx9nM.es5.O/d=1/rs=AJlcJMweHSifZU89USrXD_JNzFeYa87FJA/m=adwall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
52e3bacb47a71c373744a42bf25329667987872810e723a25975a4c7e7faa632
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZSMhuZMvceIt9uyJ5E7ZPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ZSMhuZMvceIt9uyJ5E7ZPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 01:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-ZSMhuZMvceIt9uyJ5E7ZPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ZSMhuZMvceIt9uyJ5E7ZPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW-Bp_Gm02OFK5iiYDqtRw87xCW5tTJe4ry1DHOZvJTD8TcXlaabux5DtxNW--lIutoRDO6C_eFxvbPzTY2P_3MOtV5ouT360A7v7r7_-E-qADmpt-cls1xdPDLpyy_kSlFmqgnqKpspkhmsmNqFY3iw-mQG0KjaEY2CIZNH0N4e6FTo-UZRNOkbD6G
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW-Bp_Gm02OFK5iiYDqtRw87xCW5tTJe4ry1DHOZvJTD8TcXlaabux5DtxNW--lIutoRDO6C_eFxvbPzTY2P_3MOtV5ouT360A7v7r7_-E-qADmpt-cls1xdPDLpyy_kSlFmqgnqKpspkhmsmNqFY3iw-mQG0KjaEY2CIZNH0N4e6FTo-UZRNOkbD6G
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdWallClientJs.de.a728tDgx9nM.es5.O/d=1/rs=AJlcJMweHSifZU89USrXD_JNzFeYa87FJA/m=adwall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G3/keV/VuhkK4exQ75GqPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-G3/keV/VuhkK4exQ75GqPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-G3/keV/VuhkK4exQ75GqPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-G3/keV/VuhkK4exQ75GqPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
whitelist
fundingchoicesmessages.google.com/s/ Frame 85F2 		71 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdWallClientJs.de.a728tDgx9nM.es5.O/d=1/rs=AJlcJMweHSifZU89USrXD_JNzFeYa87FJA/m=adwall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
85236e98312de85e9bb7afb872581e2397fd4f5705fbedc3f301d0ca22133069
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingAdwallUi/cspreport script-src 'report-sample' 'nonce-K+Hqqjlbo+C3xsmpZw+eyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingAdwallUi/cspreport;worker-src 'self' script-src 'nonce-K+Hqqjlbo+C3xsmpZw+eyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingAdwallUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
fundingchoicesmessages.google.com
:scheme
https
:path
/s/whitelist?hl=pt-BR
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tribunadonorte.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 24 Oct 2021 01:35:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingAdwallUi/cspreport script-src 'report-sample' 'nonce-K+Hqqjlbo+C3xsmpZw+eyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingAdwallUi/cspreport;worker-src 'self' script-src 'nonce-K+Hqqjlbo+C3xsmpZw+eyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingAdwallUi/cspreport
cross-origin-resource-policy
same-site
cross-origin-opener-policy
same-origin
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v111/ 		113 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v111/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
0c2c69ba33a4d4eb53419c912ea55131208d76852cc632e2544833497d165bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 02:15:39 GMT
x-content-type-options
nosniff
age
256802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
115204
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 19:56:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 02:15:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.tribunadonorte.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
291840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:31:41 GMT
AGSKWxWznFjtrqazH-LmYYdSdIr1w0gs5fT_ieIs32YncltLkPagJEykY3fE6YrIwHcm9Xwy6i_POCqD4M9xe_WqsEwy-yeg0EjJDyBXSXaJkgX7DjkC9nlvYEDjQM0iBE0jJmoAnMSs57NUqgVvM13kG23MFIkHjlMSgbR8_6j3WTMmu_fnp2VjlEh7-TWn
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWznFjtrqazH-LmYYdSdIr1w0gs5fT_ieIs32YncltLkPagJEykY3fE6YrIwHcm9Xwy6i_POCqD4M9xe_WqsEwy-yeg0EjJDyBXSXaJkgX7DjkC9nlvYEDjQM0iBE0jJmoAnMSs57NUqgVvM13kG23MFIkHjlMSgbR8_6j3WTMmu_fnp2VjlEh7-TWn
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.I0FrTO-0Gzg.es5.O/d=1/rs=AJlcJMzHTK17iW9hOKhJybVs_M_jUXlbyA/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LZBgxR7GJmM/T5TjbToAjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-LZBgxR7GJmM/T5TjbToAjQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-LZBgxR7GJmM/T5TjbToAjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-LZBgxR7GJmM/T5TjbToAjQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWznFjtrqazH-LmYYdSdIr1w0gs5fT_ieIs32YncltLkPagJEykY3fE6YrIwHcm9Xwy6i_POCqD4M9xe_WqsEwy-yeg0EjJDyBXSXaJkgX7DjkC9nlvYEDjQM0iBE0jJmoAnMSs57NUqgVvM13kG23MFIkHjlMSgbR8_6j3WTMmu_fnp2VjlEh7-TWn
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWznFjtrqazH-LmYYdSdIr1w0gs5fT_ieIs32YncltLkPagJEykY3fE6YrIwHcm9Xwy6i_POCqD4M9xe_WqsEwy-yeg0EjJDyBXSXaJkgX7DjkC9nlvYEDjQM0iBE0jJmoAnMSs57NUqgVvM13kG23MFIkHjlMSgbR8_6j3WTMmu_fnp2VjlEh7-TWn
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.I0FrTO-0Gzg.es5.O/d=1/rs=AJlcJMzHTK17iW9hOKhJybVs_M_jUXlbyA/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zjrWkzN8VMrnMgiU4h8gnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-zjrWkzN8VMrnMgiU4h8gnA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tribunadonorte.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.tribunadonorte.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zjrWkzN8VMrnMgiU4h8gnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-zjrWkzN8VMrnMgiU4h8gnA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
cspreport
fundingchoicesmessages.google.com/_/ContributorServingAdwallUi/ Frame 85F2 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/_/ContributorServingAdwallUi/cspreport
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
/
Resource Hash
01dc14f286bb9847b3d25b27349fec3e34bc2992887fbd6015d3a9b77d373fa2

Request headers

Referer
https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 24 Oct 2021 01:35:41 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1599
content-type
text/html; charset=UTF-8
m=_b,_tp
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/am=AkA/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/esmo=1/rs=... Frame 85F2 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/am=AkA/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/esmo=1/rs=AJlcJMz5McOkCEzl5YZn47B759RxS1pH0Q/m=_b,_tp
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
0f02f4325a8899ec87a8974e8fea228c13ff73eff787d90811a5171cadcf7830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:57:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51394
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 22:39:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
expires
Fri, 21 Oct 2022 06:57:53 GMT
ab_icon-1.svg
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		20 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ab_icon-1.svg
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
c75fbc4fd1beb52bbe64df89d8c402290f5b23bb518abbdd159a268aa0a5f782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 11:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15597
x-xss-protection
0
last-modified
Fri, 26 Apr 2019 18:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 17 Oct 2022 11:16:53 GMT
abp_icon-1.svg
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/abp_icon-1.svg
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
bf72e9d16e37c6c685185dfc73478765de0cb102f34872cd90cc28b6a9ab3736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2071
x-xss-protection
0
last-modified
Fri, 26 Apr 2019 18:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 12:04:26 GMT
uo_icon-1.svg
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/uo_icon-1.svg
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
f194962656d2b52acaba476410973194ffc377f15f8710a25b7fbee9fd99a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 01:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1483
x-xss-protection
0
last-modified
Fri, 26 Apr 2019 18:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 01:11:12 GMT
browser_ab-2.png
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/browser_ab-2.png
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
6a78e39523162f0e193c43e548698cc19f4d91bdf4f3df81694c223c590d3d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:02:54 GMT
x-content-type-options
nosniff
age
459167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7697
x-xss-protection
0
last-modified
Wed, 31 Jul 2019 11:15:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 18 Oct 2022 18:02:54 GMT
browser_abp-2.png
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/browser_abp-2.png
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
00536e1285b49440c99bc55299b2feb426b2a3d56157419145a65d75f55e3d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 21:29:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Jul 2019 11:15:00 GMT
server
sffe
age
187601
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7401
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 21:29:00 GMT
abp_power_icon-1.svg
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		2 KB
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/abp_power_icon-1.svg
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
56ff7605344ed5eb3a68f8edc6b048658ee714bdfed56d487cb1e1bb62eb24f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251863
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
848
x-xss-protection
0
last-modified
Wed, 26 Jun 2019 18:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 03:37:58 GMT
browser_uo-2.png
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/browser_uo-2.png
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
4f8950fcc2b6e2fee49c343047fd3f12338cc92b761d687bbf9f0bc90a52d637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:52:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Jul 2019 11:15:00 GMT
server
sffe
age
571421
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7217
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 17 Oct 2022 10:52:00 GMT
uo_power_icon-1.svg
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/uo_power_icon-1.svg
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
948d4f22997d81459f229f2fbe783f3f4ec3ff0910e455f4306903eca7980c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1520
x-xss-protection
0
last-modified
Wed, 26 Jun 2019 18:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 22 Oct 2022 02:46:38 GMT
uo_refresh_icon-1.svg
www.gstatic.com/fundingchoices/whitelist/blockers/chrome/ Frame 85F2 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/fundingchoices/whitelist/blockers/chrome/uo_refresh_icon-1.svg
Requested by
Host: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/s/whitelist?hl=pt-BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
bc6e55b647b6656e06c02477e957a9ab8dd2164058f8046bf2c5522a219b7e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1666
x-xss-protection
0
last-modified
Wed, 26 Jun 2019 18:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 03:32:32 GMT
m=IZT63,vfuNJf,PrPYRd,hc6Ubd,Pxibof
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.1QW... Frame 85F2 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.1QWTN3ZLFhU.L.B1.O/am=AkA/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/esmo=1/ed=1/wt=2/rs=AJlcJMxP_lC9a6ODjy0069BfYbfz8QCNtQ/m=IZT63,vfuNJf,PrPYRd,hc6Ubd,Pxibof
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/am=AkA/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/esmo=1/rs=AJlcJMz5McOkCEzl5YZn47B759RxS1pH0Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
5c72e5dcbdcc733984de36479ca3537278b4087a88282dc87c76ef9cf29ab3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 22:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
expires
Thu, 20 Oct 2022 15:51:31 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.1QW... Frame 85F2 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.1QWTN3ZLFhU.L.B1.O/am=AkA/d=1/exm=IZT63,PrPYRd,Pxibof,_b,_tp,hc6Ubd,vfuNJf/excm=_b,_tp,allowadsview/esmo=1/ed=1/wt=2/rs=AJlcJMxP_lC9a6ODjy0069BfYbfz8QCNtQ/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/am=AkA/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/esmo=1/rs=AJlcJMz5McOkCEzl5YZn47B759RxS1pH0Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
bb0c0344b6f0631913464d6ae8f006f825f3b4c9b675f0d7248d977fd8baeaad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12113
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 22:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
expires
Thu, 20 Oct 2022 15:51:31 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.1QW... Frame 85F2 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.1QWTN3ZLFhU.L.B1.O/am=AkA/d=1/exm=FCpbqb,IZT63,PrPYRd,Pxibof,WhJNk,Wt6vjf,_b,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_tp,allowadsview/esmo=1/ed=1/wt=2/rs=AJlcJMxP_lC9a6ODjy0069BfYbfz8QCNtQ/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/am=AkA/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/esmo=1/rs=AJlcJMz5McOkCEzl5YZn47B759RxS1pH0Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
65ad8b701f1c18c709781fff53fa40bd28a5b3c4606d65b1e97e120cbdd515d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 10:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 22:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
expires
Sat, 22 Oct 2022 10:59:10 GMT
m=i5dxUd,m9oV,RAnnUd,uu7UOe,soHxf
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.1QW... Frame 85F2 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.1QWTN3ZLFhU.L.B1.O/am=AkA/d=1/exm=EFQ78c,FCpbqb,IZT63,LEikZe,PrPYRd,Pxibof,WhJNk,Wt6vjf,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,lwddkf,vfuNJf,ws9Tlc/excm=_b,_tp,allowadsview/esmo=1/ed=1/wt=2/rs=AJlcJMxP_lC9a6ODjy0069BfYbfz8QCNtQ/m=i5dxUd,m9oV,RAnnUd,uu7UOe,soHxf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.pt_BR.Ac_DoNL1oj4.es5.O/am=AkA/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/esmo=1/rs=AJlcJMz5McOkCEzl5YZn47B759RxS1pH0Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
77d24ed78912530c2db0308fe4e3f49b0c45308a63e222d39e025206d8cd491a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundingchoicesmessages.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8147
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 22:34:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
expires
Thu, 20 Oct 2022 15:51:31 GMT
/
ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/ 		161 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.19
Resource Hash
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/javascript;charset=UTF-8
cf-ray
6a2f784e8ed9f9e6-PRG
52640.php
sender.clevernt.com/transporter/ 		43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sender.clevernt.com/transporter/52640.php?ppuc=0&ppu=0&id=0&ref=aHR0cDovL3d3dy50cmlidW5hZG9ub3J0ZS5jb20uYnIv&ruri=&r=142885222&tok=33419711310201791433&op=called&wn=null&res=1600x1200&ts=0.003&cc=1&iv=-1
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
HTTP/1.1
Server
148.69.64.76 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
are.clevernt.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 01:35:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
/
lp.cleverwebserver.com/bet365/de/sports/grp2/ Frame 6034
Redirect Chain
  • http://sender.clevernt.com/transporter/52640.php?ppuc=1&ppu=0&id=534554&ref=aHR0cDovL3d3dy50cmlidW5hZG9ub3J0ZS5jb20uYnIv&ruri=&r=192754993&tok=33419711310201791433&cc=1&iv=-1&ctr=DE&sz=1200&landing...
  • https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
3 KB
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4126161cb1bbd353d5ef32a8e37f83ce17ebb88fab1cdfb3299cf98bfc22a40f

Request headers

:method
GET
:authority
lp.cleverwebserver.com
:scheme
https
:path
/bet365/de/sports/grp2/?affiliate=365_00968427
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tribunadonorte.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-type
text/html
x-amz-id-2
bwRflFwwCUyy4/HIWDaq7Ru3CClSw2bWs1qzJeTtHdpPTVwo9wwXdkyPwFfegn8V/wIooN/FmN4=
x-amz-request-id
PACZN05C1PGTARDB
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
cache-control
max-age=1800
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6a2f7850efdef9e6-PRG
content-encoding
br

Redirect headers

Server
nginx
Date
Sun, 24 Oct 2021 01:35:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
hstpv4user=eyJJRCI6IjI0NzgxNzAwd2FuNjE3NGI4NmUyYTQ0NyIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMzYzMjQ5MzI0MiIsIkxhc3RVcGRhdGUiOjE2MzUwMzkzNDJ9; expires=1666575342; path=/; domain=.clevernt.com; SameSite=None; Secure
Expires
Fri, 27 Jun 1986 23:00:00 GMT
Last-Modified
Sun, 24 Oct 2021 01:35:42 GMT
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma
no-cache
Location
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
click%253Fxai%253DAKAOjsuWq79q_EndX3wIWEM-VLnjRniq_XQBetuTGyJiHQjIRVVRvaLgNYrsV8tKDwG-lrQ0mc1UbqTQSk1ljd7kpiU3WazxtBLZm5kG1Uos4Zdql2jKimwfTkPhKaLcWRbphu-MnfJ5YR2_IxoY5y93iQ7VECyK_jJrIEpGIlZyuXxrSPs...
adclick.g.doubleclick.net/pcs/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuWq79q_EndX3wIWEM-VLnjRniq_XQBetuTGyJiHQjIRVVRvaLgNYrsV8tKDwG-lrQ0mc1UbqTQSk1ljd7kpiU3WazxtBLZm5kG1Uos4Zdql2jKimwfTkPhKaLcWRbphu-MnfJ5YR2_IxoY5y93iQ7VECyK_jJrIEpGIlZyuXxrSPsN5RS_uPPMxDY-JYblPGlKbr69ehONt5WSoy-BwOopFM8sZSeJTU3zXg6z1lgw-FcPNWpj7YaxjI4Km1lBuA5wBH7uDY5WDwyAd0_Aj4AirGPSdDQaeImz-cbiGyILsu1Z9F4N1DbDCXNf6uk-HP5wmgdAZLHp7QaRTW6fK-4K%2526sai%253DAMfl-YSoXUpamlCSjD59wZJcPPknPMS7zXfWUQtMSME800bVpQopgbWqgO7pZ6Nt1DpxAArAR4leF5qQDv2rRTcXxnCHZkVqJLxI6C24R7MBG-BjtucjyacxRxqYECsUHE7m%2526sig%253DCg0ArKJSzBe5M84X7RcdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: www.tribunadonorte.com.br
URL: http://www.tribunadonorte.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
style.css
lp.cleverwebserver.com/bet365/de/sports/grp2/ Frame 6034 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/style.css?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982472542e86b415b1f2b9ab1d81d8bab6da51f6d6abfc05e3516fa2e09e6057

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACJYZHXPRFKDT50
etag
W/"5febca14f405bd0344c3fa4942534a42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-ray
6a2f7851e81df9e6-PRG
x-amz-id-2
4xCTWYDmWnJcrNZlSCvtrRZeUEcyqUR0Ip36y8kGg44VapEmnZIRykKt+Sc8OXvRZ7lnqcbrpdQ=
ad.svg
lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ Frame 6034 		2 KB
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ad.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACH9RVC6TTF36RK
etag
W/"479e7dbe9215ddc11cd4defff4f3eb85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6a2f7851e81ef9e6-PRG
x-amz-id-2
JDGdb+oxyhmbdC0Ti5jqPPiJl5+UnyN+l502ke1r/RTQ1N6ju0LADk1XUWCvFyP7dJqkXCyz0zA=
logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ Frame 6034 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/logo.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACKAZB7CZPMV42G
etag
W/"89cc1efb4630095200908a2c0e01275c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6a2f7851e820f9e6-PRG
x-amz-id-2
hnNBaQK0kRcDY6g29D8vfaA7VmqF446JJBCwrNS4rgK9UzwnGP4JRrbY9lLqtP5PlCXyZo5Hiyo=
copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ Frame 6034 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/copy_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACZHWNE2YNZ2MB8
etag
W/"b021ae3bd30deb5a02a9d0476e269ae5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6a2f7851e821f9e6-PRG
x-amz-id-2
e++R4SvTnuPprzhPv0aG1vV5h2CxJjJpIy/Ae56dvFV9JJlIv3ehKnGMxZlyezhlrkVnY4YcyKw=
copy2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ Frame 6034 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/copy2_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACVVF2GHQDPK3E1
etag
W/"5dafc545e73be5464256dd78dc118a9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6a2f7851e822f9e6-PRG
x-amz-id-2
cTuAjDjY23Wyptk+zaCyo0+UNSXxc5ETP2v5c0tc+Cslezpm5jIGPZnV1rVZNAz2e0jnT0v8f48=
copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ Frame 6034 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/copy3.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACM691CJKX9KW10
etag
W/"9048820dc635dbe10d09725e919ba54f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6a2f7851e823f9e6-PRG
x-amz-id-2
GfbnBMCGqksy2lka2+r/hUTnp72DG5XqDVzk4pWVpox25eqyQQ/QkbsFKwG+w8ndNSGqsw4ApbU=
cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ Frame 6034 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/cta.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACM1H7A9X33VY41
etag
W/"b26d0f732978180e7c2480406f97e7f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6a2f7852b85cf9e6-PRG
x-amz-id-2
01TbaMrSvElXGpZ1QQE1D548yT40+ktqD0EeHTKHF8oGGZskz4iCx7RJQ1qOECoUpKxeshK0j4A=
legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ Frame 6034 		33 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/legal2_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACZCVK9F4B5B3H6
etag
W/"19cfc2171558b226e44590caa30ac756"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
cf-ray
6a2f7852b85ef9e6-PRG
x-amz-id-2
ML5h++i9lVEpJ/8QdQFFuigppNex7TMbCzqxOH2zDdpRspvT8XzkoTMA63x4UqC9ehF8IeilK+g=
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 6034 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6a2f7852c860f9e6-PRG
vary
Accept-Encoding
expires
Tue, 26 Oct 2021 01:35:42 GMT
css
fonts.googleapis.com/ Frame 6034 		8 KB
724 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/style.css?v=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
f22481805d6453a622982405799ccf298e0d6ca2f56a1b97712acb38ed9e330c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 01:01:47 GMT
server
ESF
date
Sun, 24 Oct 2021 01:35:42 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 01:35:42 GMT
clever.de.min.js
lp.cleverwebserver.com/bet365/js/ Frame 6034 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/?affiliate=365_00968427
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 14:06:39 GMT
server
cloudflare
age
170
etag
W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
cf-ray
6a2f7852d869f9e6-PRG
x-amz-request-id
MAC5S92P7W0CX7GC
x-amz-id-2
1H51NMRfdC07IPXqkMMbzi0+XpmAa8vOHIg7lvUMivmNdU3F4PZCvmjzFNeFu49QAr/a13E+JgA=
bg-interstitial_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/ Frame 6034 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp2/imgs/bg-interstitial_2.jpg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp2/style.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.77.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ed103557b15caa16acd6f60270ca736e8c6008ed09ea37ed36e1078d50aa90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp2/style.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Oct 2021 20:51:49 GMT
server
cloudflare
x-amz-request-id
PACG2D9PHS1CTS27
etag
"7d1d2825873f79c09308406be23edd7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
6a2f7852e86af9e6-PRG
content-length
64220
x-amz-id-2
FarTVRzK2AKf9U4TMxo7+H3vk2w1mYygfW5igxESkG0labXSBtVatZf3RGPkDjjkLVCBBSHr3x0=
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ Frame 6034 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp.cleverwebserver.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options
nosniff
age
198568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 18:26:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f4a3a74b594e6c82c19f65a11b6db8209ad97bc870a87d6dd082b356c2eee126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8611
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqODeci8KbooPlMxHiUJAaOmEBElDyFVpKi9cyaLVwErxCPOBZEh4Z4Ehnz0qI58bJgOk9oXzpel0L7VVZJLu0_Cm8uoRqI8BuUByG51m3S6JpwkniO4JYueY-jPR4kl_wLC6DyVzr7SeBoH869aJde_ZRHpT6Urhee2Sd19BrYFrzcFGNYRRBamwg--ReLsq5-1usPBl-zTOt5bmpIiYzRF0Ivvc9L6GgeIeDM2-dbk5QKijPCtXuxVSxwOP7YN2Dde1CUZ47ox5K2XbHHbMJzXyShyJEKJIPhEc9CNLWWD9c2ABanclCDn8QXRIDAkcbTqPA8m60L5Jm9BI9uMM8zdmo1h8&sai=AMfl-YS2yAwsqXVh5JtCTXY9MlhgjqzC5zW2V3cZfvQoS9uxMPh-AZb-jN7n-Qhd0VoS_KVAPL0uBFqS5QWGeOSNX7Fp8W8foIEvPnImwCuZQ2vUg9mCAZC1n2WXm_9bP4LE&sig=Cg0ArKJSzPm440mBlKqWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 01:35:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 24 Oct 2021 01:35:42 GMT
Cookie set DefaultAff.aspx
members.bet365.de/Members/Helpers/ Frame 7139 		84 B
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_00968427
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.208.229 Newcastle-under-Lyme, United Kingdom, ASN34587 (HLM2-AS, GB),
Reverse DNS
Software
/
Resource Hash
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Host
members.bet365.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://lp.cleverwebserver.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
ME-Redirect
PQB
Set-Cookie
Affiliates=Code=365_00968427%2f111779714877&prd=Sports; domain=.bet365.de; expires=Wed, 08-Dec-2021 02:35:42 GMT; path=/; secure ; SameSite=None session=processform=0; path=/; secure ; SameSite=None pstk=68647891902241138EBDC657EBCF8D1F000003; domain=.bet365.de; path=/; secure ; SameSite=None
Date
Sun, 24 Oct 2021 01:35:42 GMT
Content-Length
177
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 24 Oct 2021 01:35:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DB46 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tribunadonorte.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 23 Oct 2021 19:33:26 GMT
expires
Sun, 23 Oct 2022 19:33:26 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
21736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame C30C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
ff492ca13cd718a8aa821c9c4fd4aeb8470ebb12d6e25efffc4b38b97b2db3d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+3+JrDHMMrJJdgl0Vfg2Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tribunadonorte.com.br/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 24 Oct 2021 01:35:42 GMT
date
Sun, 24 Oct 2021 01:35:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+3+JrDHMMrJJdgl0Vfg2Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ Frame C30C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101301&jk=2701174899072204&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame DB46 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options
nosniff
age
90235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35616
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 23 Oct 2022 00:31:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101301&jk=2701174899072204&bg=!5uWl5aHNAAbUs_yW1LM7ACkAdvg8WtK4wOADR7EyRrr1aS9xTYU17aF0JD7xW1gPYFrnugHcuQ8gVgIAAABaUgAAAAtoAQcKAH1PKJitsrpM7s2RGnQRjkHyCJJ6hGfB0HrfuQqADtRj-HctnZJnFalWpbZI5jcxjgYSTr0XCkNVZBCOYvQTssyJFHwMIdY13ykwYdKKE5WPUB01nKDoPr9REOuVZj-tk3wBIWmM9JR3MUr53h8-tpzgaWKl19k4B9MTGAqFfpkC4RxKtG-rrYwPzTwCuMNCm3tCbQnb8nWANv-MtEWX6K9JtILbE5oYi-jU3KlpQQcv85I7Q5Gs5vZO6xe9r9Y4bCm2NAheSsLDVoQ0QCJTMzNN81qH82ttVZRYQmlQpf70vjcVA8kQFH3CrIV_R40cW9NTdwFfSuXwzyIoUP_ioVTDt0aYYbcx5tQ8UGLkdt9c22qkQNupU8KXQ-Q_0UJPY9USurcsZtpG5thI8fuJX5TyMTrjND32EFH_gJJbT4DEBGRqJEmOJRma_Z3OOAfexk_1XYY_e3x0mUisGucpNZND8efWp5b2Wr8YQAkVo5DTVpG6gFh0DHIlHlwpW4tPuyV_qgNoY6nHtMmERMzXCCngj-C-_6ae4c7a51ehEVfTAICHGKAXpknEVQPnLobMWp_R-cuDcfVZ5usPvzNvfQepPNrmCJ3LK689FvXgv1dx6wtDQC86hlo57vpQK3Ewex0X-q9QcoRzdVNWS-k6hhrYcDQvjYFkEM3fr8kyroO0O-sYLvSiPRfoJRgwMC9-7LKlHGaT0ENBceTvZQ7ARkVv7cpJPll7WdvIh8lZ7sOma2FAUmCbBGwXfJZ1e48vsp0Ms1kJrkRWGwyeqzr9jVNsWAgst2WFwgCsD533jjpC7AXAxcwq9uo7LQVnhnOv6S6ejQLNT1xcknQ0JXCa2_4Ez2BJ2D7GKbtgk8J8ZmfCENDaCgYl-bRPz7U9XQGHrtETlk4Bvn2CpabGO9GvWrnQzykwWyJ0kkcnDXS0GvkH6HKwYEEd1xlmKnD7rqHMb81pstykxBfTSlczeSmTJOm4l1tU_CRH7ueWCq1WEy8FhQBuDFTyV8PAHrucRgs40LFxrIKsLkzsJrBQnSpbtdJfNPDYc0xIexTJ-eai-lQoMrA8RU8UovcZhfxAcSDL_IgSXGE4GdrBTiScWaoMi0LP2G70aaYVwo2Kee8_EfbcYxKEGfGFsb_Sa4YePH7INnSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 01:35:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfMrNSsHbvkZ2i-OaSo2xy3oP2FptnHIwwXiUpn2O3VlcMPdsf8oogb7lZveLhXuluSBCXmfQMADGA9g3itUHUveN4YuRmskzF6rIf8eQ2-cJ6xIt6&sig=Cg0ArKJSzAYEaMk_yZPlEAE&id=lidar2&mcvt=1000&p=0,0,360,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3050843566&rs=4&la=1&cr=0&osd=1&vs=4&r=v&rst=1635039338129&rpt=4606&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tribunadonorte.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 01:35:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yt3.ggpht.com
URL
https://yt3.ggpht.com/ytc/AKedOLQNmASjiPK6dEHB0eGinLJ-3Mp3zG81-WionSLa=s68-c-k-c0x00ffffff-no-rj
Domain
i.ytimg.com
URL
https://i.ytimg.com/vi/mi4VX_sdLn4/sddefault.jpg
Domain
www.gstatic.com
URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Domain
www.youtube.com
URL
https://www.youtube.com/generate_204?L1Co2A
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=mF-aitIdFRXMIIjy&docid=mi4VX_sdLn4&ver=2&cmt=0&fs=0&rt=0&euri=http%3A%2F%2Fwww.tribunadonorte.com.br%2F&lact=283&cl=404391210&mos=0&volume=100&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20211019.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=de_DE&cr=US&len=3071&fexp=23983296%2C23993306%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082662%2C24101841%2C24116772&list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_&muted=0&vis=3
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=P5IE0IiUwx_sIq1r&docid=mi4VX_sdLn4&ver=2&cmt=0&fs=0&rt=0&euri=http%3A%2F%2Fwww.tribunadonorte.com.br%2F&lact=170&cl=404391210&mos=0&volume=100&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20211019.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=de_DE&cr=US&len=3071&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24027699%2C24064555%2C24080738%2C24082661%2C24101841%2C24116772&list=PLqo6OpUDhMpNOUMMRhSPXgCIMgf5v_oj_&muted=0&vis=3

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| gtag object| dataLayer number| wscreen object| googletag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| autoPlayYouTubeModal number| reloadTime number| uidEvent object| bootstrap object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc string| NjIwMGRmMWE5NWI1ZTRmYmxvYWRlcl9qcw== string| NjIwMGRmMWE5NWI1ZTRmYmNhY2hlZF9qcw== object| __fcInternalApiManager string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| default_ContributorServingAdWallClientJs function| __a16dn1255na7__ object| closure_lm_351046 number| closure_uid_41311182 object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| CleverCore undefined| sentryScript number| CleverCoreRegistryLoaded object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
.tribunadonorte.com.br/ Name: _ga
Value: GA1.3.143642675.1635039341
.tribunadonorte.com.br/ Name: _gid
Value: GA1.3.1353099270.1635039341
.tribunadonorte.com.br/ Name: _gat_gtag_UA_1869262_3
Value: 1
.youtube.com/ Name: YSC
Value: g9SyVBhRYsM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ruyc-3H6C3E
.doubleclick.net/ Name: IDE
Value: AHWqTUkCEEqv56YnIUHAxMep2sFxPBx4QDnJbbHuAUTUwl7VqP2Agyw8RCgE9WEw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tribunadonorte.com.br/ Name: __gads
Value: ID=afa6a07831a38883-22a3b177feca00de:T=1635039340:S=ALNI_MZTncWRdQLt5C2x9bvzOcKQMMg_mA
.tribunadonorte.com.br/ Name: FCNEC
Value: [["AKsRol8fQFDWtX85wN-BsOzf6iLhNr-Z7nPj7bFGp-Bft8R-e1t6xV87ps2vyqPiCIhS4aJhO_KSndjrbb8KYehwsvMtwUeJyd9K_BVhYRcUlifp2C9su_gXdv-TSOFWKyu9p2TYfNG2rMzLqbGcI1J4fpQpv2HM2w=="]]
.tribunadonorte.com.br/ Name: FCCDCF
Value: [null,null,["[[],[],[],[],null,null,true]",1635039341365]]
www.tribunadonorte.com.br/ Name: clever-last-tracker-52640
Value: 1
.bet365.de/ Name: Affiliates
Value: Code=365_00968427%2f111779714877&prd=Sports
members.bet365.de/ Name: session
Value: processform=0
.bet365.de/ Name: pstk
Value: 68647891902241138EBDC657EBCF8D1F000003

4 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://fundingchoicesmessages.google.com/_/ContributorServingAdwallUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adclick.g.doubleclick.net
adservice.google.com
arquivos.tribunadonorte.com.br
cdn.jsdelivr.net
code.jquery.com
eede47ad3d2a54a364d7ad575b7972c7.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.ytimg.com
img.youtube.com
lp.cleverwebserver.com
members.bet365.de
pagead2.googlesyndication.com
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
sender.clevernt.com
static.doubleclick.net
stats.g.doubleclick.net
thumbor.tribunadonorte.com.br
tpc.googlesyndication.com
ui.cleverwebserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tribunadonorte.com.br
www.youtube.com
yt3.ggpht.com
i.ytimg.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.85.20
104.22.77.91
142.250.181.228
142.250.181.238
142.250.184.226
142.250.184.238
142.250.185.193
142.250.185.225
142.250.185.226
142.250.185.238
142.250.185.66
142.250.186.166
142.250.186.67
142.251.5.155
148.69.64.76
172.217.16.131
172.217.16.138
172.217.23.98
216.58.212.130
216.58.212.136
216.58.212.142
23.246.230.134
23.246.230.135
69.16.175.42
81.94.208.229
00135fa1d5237c24f8e5b2949f2b01257a73a2540556d3a94190808231023070
00536e1285b49440c99bc55299b2feb426b2a3d56157419145a65d75f55e3d0f
0089c5b2cf1c1e6546922336307debb315a48cf9ba2dfb272732dd8c3144febd
01dc14f286bb9847b3d25b27349fec3e34bc2992887fbd6015d3a9b77d373fa2
02fc178aa9c6515838efbaa21df022c9eed7d41228a8c85551a4998b25bd62cb
04d624496c30ae9ef00aea48862020e2dfb8ee70c562a523c540c57d495b6321
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0863b44e5eff907a1f0509a80b93aeb112c260bbba33eb38c2d364b443f5330a
097fb9439186fc5c09ffc7c2537a8ba20da88c443fa4b725d9a29ff12209de96
0c2c69ba33a4d4eb53419c912ea55131208d76852cc632e2544833497d165bc3
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0d9048d3172f10825fd3c5dc88fdcd9cc6fedf5424ab0e623acad58ba6059b8f
0da2a75f8fc5ea2422b8915c01779a29f7efaeda15ff7edaf68733540950ead2
0e030e2d918b977683fa0981758d20c8686093cb79dac8e506a3e3bbc4e894cf
0f02f4325a8899ec87a8974e8fea228c13ff73eff787d90811a5171cadcf7830
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80
156e8cf597065c2fa6b590cdcf771e60a65cf842285309bf786c65ebaf20121e
1b949ccf79f87c004fa8ca669afbcca724d82df23b4df9aedfa6c16cec010598
1ccbc19fac437d5c60edf0294cfb5b658afa49d284ef55caa7c39feed64c67d4
1efd0164e9698343b492665db1a3e9ddfc812e7c75464892e9b9c6e6345adc26
21894e36aff6b0414607a89e6b22688ca4e539488f2398726d7d873e2fb4f549
2483fa39123610a3b3a0111663a4211fdf03d173d9f4c670ba40eb726314844f
266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f
2a57c944bc85b5abacd44f9f5c2c44a941560e5b74490a3b53d70047dd0219e0
2b99e9d86c70070c304f526c3a02123b8e38fce7efbfdb73209d77b32521f8d9
2bff71ab32b38a748bce0ecff6a9e0e6b1b2345e0eca6862290ca59bdeeb1c05
2e31fdbc81b358932951e4e488dcbfd641b1d0214fff56e2537ec14784e3212d
2fc7e190630715ab652e6296e2357c5513abc29219717f5c1c4975fd454fa839
31b0cffeab2ce48e9b49c9c833bf549db30ae841c4e2d5512c30823042b36bca
3476be35233a4c3fd5885acde3444d06938d2714c22639f3213dba5ed201467a
35edf6768ca5c050a1f69dfbe86b19cda3c23945627cf815e0a2b3947abc85c6
3a6ea070710f8396dec970bdee2fb6e578cf2b8493ba53df6e462eeae00ce5ce
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
3d53807eca7cf12c6d15526c2b835463450f739313727532f6fb5d0f65449a54
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e740bf84b8ed97e01cb4a1215fff27fa7886c189924bf4d7e09e5be1415bf5d
3ffc420d41371277590bc5faa96beec37aeae42ce10d4083a86fcc9d3e2859a4
40ef89e55d455e6dde9ea40c0af2aec1134c700f6dcb42d4900ccbe20d39fbd4
4126161cb1bbd353d5ef32a8e37f83ce17ebb88fab1cdfb3299cf98bfc22a40f
468d714fe475026a61b3a39c297f3256accd4ed48f1561a13f3475bd8c41fb3e
4cbd32b8bad80a34daa8ec5a9fa3ce9b71f0d4d8bc947f10ffeaf1a26e94fafe
4f8950fcc2b6e2fee49c343047fd3f12338cc92b761d687bbf9f0bc90a52d637
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4ff1165e5033f6442ef5e02e5d1e82ebd349d02049d12faff3d2ba16d5c5c42c
51898b84e15b94fbdab0b1d777cd1b59929b8b281b42da12319caa445db3920c
52e3bacb47a71c373744a42bf25329667987872810e723a25975a4c7e7faa632
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3
550e57e109478f414b95f16e48604ced150358458fb6fdb9a1c46c10993f4e9f
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0
56b4a0603308abd8ca33b568035bdf2831059ad01cfc951d164afa8e725d9db4
56ff7605344ed5eb3a68f8edc6b048658ee714bdfed56d487cb1e1bb62eb24f8
5c72e5dcbdcc733984de36479ca3537278b4087a88282dc87c76ef9cf29ab3ef
5d02bafb5c490dcf3a38c8921aa9e04eaa8f052c2d9a57de3095544cbd3b9fbe
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
65ad8b701f1c18c709781fff53fa40bd28a5b3c4606d65b1e97e120cbdd515d1
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69ed103557b15caa16acd6f60270ca736e8c6008ed09ea37ed36e1078d50aa90
6a429cd0c2082e1dbcd477293f27555a57845b1b74fa507408bca869fa6a2aa5
6a78e39523162f0e193c43e548698cc19f4d91bdf4f3df81694c223c590d3d2b
7137238480e33b4d69e28bac0371f20f5226451d5e3252a33f1b16863a6735d1
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
77d24ed78912530c2db0308fe4e3f49b0c45308a63e222d39e025206d8cd491a
79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9
7c68f133c89d23d03b4bfd987f7f9dc3777cddf587fcb855908a16c8f675ce6a
80e766ebc499dd2e0093664a62f87c17c3080202f33a08b53f7211e8294b2689
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
85236e98312de85e9bb7afb872581e2397fd4f5705fbedc3f301d0ca22133069
867db37d633a8fc4bfd72dfc69838363dcfee7e15e00698dd4af8770bdf9423a
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33
887bfa07f86942d91b1b8f7e6d0e4b2dcdc22741590cde9cdb7100413e7273b8
8dd23156d6438c1662bc07110b0b8bf2b8e04cd96c0e19b15a365d5e00e790f1
93479b7bcc76ab51f759e12b78a3dc99115b8fb9a6455b9dc298b14c18f07416
948d4f22997d81459f229f2fbe783f3f4ec3ff0910e455f4306903eca7980c59
97e9a361c4f175d984cdaedc75357e9ddee660e7a594dc7d7ed57002f48bb01b
982472542e86b415b1f2b9ab1d81d8bab6da51f6d6abfc05e3516fa2e09e6057
9c064de97e9f32f90a55a526257ba43c578fec3f0ecc1e75536a95cce488e3bd
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a26feb067add48cbc4b833d3d65d94b5cbb13e108bf34bfec278c5bf3d16e05f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad190e83ef3c7bf71ea6ac6b056d3a83e85f7f38cfe77b43e7f007395829495e
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5a8b821aedf5da9f00b120d69d2bb1c7217a6dcdefc74fb81679db8353d0b0e
b77f695cc0259ec4ed541eb34c9c752a02f3533b48a082ca2aabe90388b8d8ba
ba41a4a4453c9652134fffdc5cd151d2a5a633b03d09cac274c0245d4785277b
bb0c0344b6f0631913464d6ae8f006f825f3b4c9b675f0d7248d977fd8baeaad
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385
bc6e55b647b6656e06c02477e957a9ab8dd2164058f8046bf2c5522a219b7e98
bf72e9d16e37c6c685185dfc73478765de0cb102f34872cd90cc28b6a9ab3736
c26dde169b4b02e810e275ccd6e987b6e170c34f4bd5512834ccd9d7b8328f86
c3e77bccfd8ac7b1b56e65bb1e741661fa1787d8c216942a14a5bf10807eec25
c5f418acd5d1fbf61ef502361aedbf010f7ad13676e8c5e8cf1234c94aafb33a
c6caa5b267c892e093db2521d319cfa3b45d5a91b2adf7b5f95c5a3dbab17a34
c75fbc4fd1beb52bbe64df89d8c402290f5b23bb518abbdd159a268aa0a5f782
cba5bf06efcec1168cc22a311f81bb130722eedec83fe2eb1a8448f9268b43a2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406
d20b62b8c1683dafc4b91f9098bb82354f31e1a74aa4dce76b86eddd137dfa00
d402c4fd8377a83a44ba6eb249bfd7cf94eab73597e180be0cd13ff3767c6d1d
d44ed8c4d4ded329229471f591b332b8e1590980f2e684c03548a40feff0247f
d4d417d4df921b38bd9b67917dccb1c80a5d2e47065d63166a8072d3ddbf024a
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
d88acaf297170713ce66141cc9a67f5dc3959761785173019c567791a45b290e
dde992cd2987445c5ba69ec70cc8db135a60e9897f6f6f141fd37be32089de81
ddea84af3bf253512d13980367c44e9c07334a2b96f094d831bd033ea1f8d277
de2f02921c678f7ca43a1b5252b9205f68380972766faea4361aff35c43b733c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de474d7643968327128b3a09b540e1ea6d79f073ea09205d2eaaed6dcaae5605
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
debc0a0131c7217733fc951d268c25e41fbb95eddefb13a7f5b52a7799af4dcb
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470
e23fa6b36ae789b036c92fedf9d9fa6d53ec38933b8413048c40fa473e809941
e2e66a4b96917f6296a7c38941004aa9a698f0aaa471908d53bed2d091cfd365
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49c1ce0450b9d586bcde5d3f8068589f270cb9935bf622fc624cc6c91ff1099
e6d3d4348b766612502ec94d9b8a81b79bcdcb8a86fba6e3935e7322935f3ed7
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d
ea776bf66e0ce1d823675111d4ebd4426957237f2a05772195c868133087a48a
edab301c56ed6df142b9a55ce3c65c0c884f49d486cc1ffdf859cb8bc77466d6
eded4386732b423379b071d22dee0bb0f15d00597b60a476d8f8d4b3b6481746
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f194962656d2b52acaba476410973194ffc377f15f8710a25b7fbee9fd99a2df
f22481805d6453a622982405799ccf298e0d6ca2f56a1b97712acb38ed9e330c
f3356621955604161ae6d36cb9e4b1e6f845a7e925149e1fe12727e784d8aab8
f350178a05a7215f94899809d396da2c73a429c27c73977f99e96201e76034cf
f43617ed9c7cc3b2f26bda13339bfd9f0ab9bbf428053622cb900fd07d0a57a8
f4a3a74b594e6c82c19f65a11b6db8209ad97bc870a87d6dd082b356c2eee126
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd
ff492ca13cd718a8aa821c9c4fd4aeb8470ebb12d6e25efffc4b38b97b2db3d4