urlscan.io logo urlscan.io
SecurityTrails logo

www.geraldopost.com Open in urlscan Pro
2a00:1450:4001:811::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://geraldopost.com/
Effective URL: https://www.geraldopost.com/
Submission: On April 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 5 countries across 28 domains to perform 430 HTTP transactions. The main IP is 2a00:1450:4001:811::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.geraldopost.com.
TLS certificate: Issued by GTS CA 1D2 on March 6th 2021. Valid for: 3 months.
This is the only time www.geraldopost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.239.32.21 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
97 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 13.225.87.116 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
61 194.126.175.195 29802 (HVC-AS)
2 151.101.65.195 54113 (FASTLY)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a03:2880:f01... 32934 (FACEBOOK)
29 2a00:1450:400... 15169 (GOOGLE)
6 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 186.192.91.9 28604 (Globo Com...)
1 2a00:1450:400... 15169 (GOOGLE)
66 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a03:2880:f11... 32934 (FACEBOOK)
3 2a03:2880:f02... 32934 (FACEBOOK)
10 2a03:2880:f02... 32934 (FACEBOOK)
10 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f01... 32934 (FACEBOOK)
430 39
1    216.239.32.21 (San Mateo, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
geraldopost.com
21    2a00:1450:4001:811::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.geraldopost.com
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
97    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
4.bp.blogspot.com
2.bp.blogspot.com
5    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    13.225.87.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-116.fra2.r.cloudfront.net
ad.lomadee.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh5.googleusercontent.com
lh4.googleusercontent.com
61    194.126.175.195 (Amsterdam, Netherlands)

ASN29802 (HVC-AS, US)
PTR: 194-126-175-195.static.hvvc.us
www.magazinevoce.com.br
mvc.mlcdn.com.br
a-static.mlcdn.com.br
2    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
plugin.bebeofertas.com.br
14    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:811::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
external-frt3-2.xx.fbcdn.net
29    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
6    2a03:b0c0:3:d0::d26:4001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
unruffled-brown-9d316c.netlify.app
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3037::ac43:a3fb (United States)

ASN13335 (CLOUDFLARENET, US)
vigilianerd.com.br
1    186.192.91.9 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com
s2.glbimg.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
66    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
40    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
scontent-frx5-1.xx.fbcdn.net
10    2a03:2880:f02d:f:face:b00c:0:1823 (United States)

ASN32934 (FACEBOOK, US)
video-frx5-1.xx.fbcdn.net
10    2a03:2880:f01c:20f:face:b00c:0:1823 (United States)

ASN32934 (FACEBOOK, US)
video-frt3-1.xx.fbcdn.net
2    2a03:2880:f01c:216:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
scontent-frt3-1.xx.fbcdn.net
Apex Domain
Subdomains		 Transfer
98 blogspot.com
3.bp.blogspot.com
1.bp.blogspot.com
4.bp.blogspot.com
2.bp.blogspot.com
7 MB
80 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
837 KB
51 mlcdn.com.br
mvc.mlcdn.com.br
a-static.mlcdn.com.br
206 KB
40 facebook.com
www.facebook.com
767 KB
30 fbcdn.net
scontent-frx5-1.xx.fbcdn.net
static.xx.fbcdn.net
video-frx5-1.xx.fbcdn.net
video-frt3-1.xx.fbcdn.net
scontent-frt3-1.xx.fbcdn.net
external-frt3-2.xx.fbcdn.net
1 MB
29 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
231 KB
22 geraldopost.com
geraldopost.com
www.geraldopost.com
637 KB
15 google.com
www.google.com
adservice.google.com
776 B
10 magazinevoce.com.br
www.magazinevoce.com.br
116 KB
8 googletagservices.com
www.googletagservices.com
274 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
120 KB
6 netlify.app
unruffled-brown-9d316c.netlify.app Failed
5 google-analytics.com
www.google-analytics.com
57 KB
4 google.de
www.google.de
adservice.google.de
1 KB
4 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
35 KB
3 lomadee.com
ad.lomadee.com
2 KB
2 facebook.net
connect.facebook.net
67 KB
2 googletagmanager.com
www.googletagmanager.com
65 KB
2 bebeofertas.com.br
plugin.bebeofertas.com.br
4 KB
2 googleusercontent.com
lh5.googleusercontent.com
lh4.googleusercontent.com
5 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com
83 KB
1 2mdn.net
s0.2mdn.net
23 KB
1 youtube.com
img.youtube.com
21 KB
1 glbimg.com
s2.glbimg.com
54 KB
1 vigilianerd.com.br
vigilianerd.com.br
1 MB
1 googleadservices.com
partner.googleadservices.com
644 B
1 blogger.com
www.blogger.com
53 KB
0 statistcdn.com Failed
statistcdn.com Failed
430 28
Domain Requested by
93 1.bp.blogspot.com www.geraldopost.com
66 tpc.googlesyndication.com googleads.g.doubleclick.net
www.geraldopost.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
40 www.facebook.com connect.facebook.net
www.facebook.com
28 googleads.g.doubleclick.net pagead2.googlesyndication.com
ajax.googleapis.com
www.geraldopost.com
googleads.g.doubleclick.net
27 mvc.mlcdn.com.br www.magazinevoce.com.br
24 a-static.mlcdn.com.br www.magazinevoce.com.br
21 www.geraldopost.com www.geraldopost.com
ajax.googleapis.com
14 pagead2.googlesyndication.com www.geraldopost.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
12 www.google.com 6 redirects www.geraldopost.com
googleads.g.doubleclick.net
10 video-frt3-1.xx.fbcdn.net static.xx.fbcdn.net
www.facebook.com
10 video-frx5-1.xx.fbcdn.net static.xx.fbcdn.net
www.facebook.com
10 www.magazinevoce.com.br www.geraldopost.com
www.magazinevoce.com.br
8 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
6 unruffled-brown-9d316c.netlify.app plugin.bebeofertas.com.br
5 www.google-analytics.com www.geraldopost.com
www.google-analytics.com
www.googletagmanager.com
ad.lomadee.com
3 external-frt3-2.xx.fbcdn.net
3 scontent-frx5-1.xx.fbcdn.net www.facebook.com
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 2.bp.blogspot.com www.geraldopost.com
3 ad.lomadee.com www.geraldopost.com
ad.lomadee.com
ajax.googleapis.com
3 fonts.googleapis.com www.geraldopost.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
2 scontent-frt3-1.xx.fbcdn.net
2 static.xx.fbcdn.net www.facebook.com
2 connect.facebook.net www.geraldopost.com
connect.facebook.net
2 www.googletagmanager.com plugin.bebeofertas.com.br
2 plugin.bebeofertas.com.br www.geraldopost.com
ajax.googleapis.com
2 stackpath.bootstrapcdn.com www.geraldopost.com
stackpath.bootstrapcdn.com
1 s0.2mdn.net tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 img.youtube.com www.geraldopost.com
1 s2.glbimg.com www.geraldopost.com
1 vigilianerd.com.br www.geraldopost.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.blogger.com www.geraldopost.com
1 www.google.de www.geraldopost.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ajax.googleapis.com www.geraldopost.com
1 lh4.googleusercontent.com www.geraldopost.com
1 4.bp.blogspot.com www.geraldopost.com
1 lh5.googleusercontent.com www.geraldopost.com
1 3.bp.blogspot.com www.geraldopost.com
1 geraldopost.com 1 redirects
0 statistcdn.com Failed ad.lomadee.com
430 45
Subject Issuer Validity Valid
www.geraldopost.com
GTS CA 1D2		 2021-03-06 -
2021-06-04		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.lomadee.com
Amazon		 2021-03-31 -
2022-04-29		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.magazinevoce.com.br
Sectigo RSA Domain Validation Secure Server CA		 2020-03-05 -
2022-03-05		 2 years crt.sh
admin.galia.es
GTS CA 1D2		 2021-03-19 -
2021-06-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.netlify.app
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-03-09 -
2022-03-01		 a year crt.sh
*.glbimg.com
RapidSSL RSA CA 2018		 2020-04-15 -
2021-06-14		 a year crt.sh
*.mlcdn.com.br
Sectigo RSA Domain Validation Secure Server CA		 2021-01-13 -
2022-02-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 44 frames:

Primary Page: https://www.geraldopost.com/
Frame ID: E3BFE2546D7163A47F27E69F5E21F624
Requests: 155 HTTP requests in this frame

Frame: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Frame ID: 2065EFB0D6030DA154E519D162899B51
Requests: 7 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=36890606&dimension=25&width=200&height=200&method=1&advertisers=5644&tags=25
Frame ID: 6813C02E43D8B841976C85B513AED6E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Frame ID: 0A16E07088B5689CE1D76E0EB8940DFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Frame ID: F0E8FA3593F89F6825EF89C09DEA1FBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Frame ID: E505E33CB7876330A15F963245A81984
Requests: 1 HTTP requests in this frame

Frame: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Frame ID: 6B410DDA2F037EE9DDCCC82E41B8F03C
Requests: 9 HTTP requests in this frame

Frame: https://ad.lomadee.com/banner/view?sourceId=36890606&dimension=25&width=200&height=200&method=1&advertisers=5644&tags=25
Frame ID: 25EA3FD443B515C603E85A9047E5AE5B
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Frame ID: CE35397ED741134A2D88FBFC1202A1F8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Frame ID: F1D6B8ED04261935E94D9EAE64A2147D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&adk=1812271804&adf=3025194257&lmt=1619163522&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.geraldopost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727049&bpp=1&bdt=475&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C370x280&nras=1&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=16
Frame ID: D60BBA7037C21711ED2BCBF78E0A49A5
Requests: 1 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Frame ID: 3A4542BA9693A6E0B319CAEA87883E3C
Requests: 8 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Frame ID: EE034F5848FB17C2A63C6F4B6B9A99F1
Requests: 8 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Frame ID: FCE418F9364532040798DB40119734BD
Requests: 4 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Frame ID: A9751446887436A99A348DD188A675DC
Requests: 8 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Frame ID: 661E4A4A2B895ACD17D7BA0ACB160182
Requests: 8 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Frame ID: 638C7AC592A765713FAA10E840E62D28
Requests: 4 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Frame ID: 3705A0BB9DECB186CF6694E3E5D7D295
Requests: 8 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Frame ID: 475030FA6236F4B26F66C83036225ED0
Requests: 8 HTTP requests in this frame

Frame: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Frame ID: 0C4F6D186ED037897A6BD0158990896D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Frame ID: 7A8ED44A0E80725120FDC2FD695D27BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Frame ID: B9F79E629D576D3153191D649271EC0F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Frame ID: 1FC5E6C79E6C5BF4D9841F3B1659AC1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Frame ID: 17E07E537D9D83B37E1905211C25DD07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Frame ID: 33D2A803A29122BF9F2F45835D6326A7
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Frame ID: 6BB046A2A6C84DBA9564416F2FD195A2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CFdCu14GEYJynA4iIrASZzQ3LmZLxYeTgooOGDp_VmM_aGRABIMOL5ClglQKgAZ_n0vkCyAEJqQLomteo8Uu0PqgDAcgDSKoEwgFP0Bm27b9v-2VpgQOy3EVE1GTH_IIt0NsuNMfTVeCLnhKqYXa7GWJaJGWA6xMVxWoltdfrYVvZarmjDiJNtwF0OjdaQnSqXh0a_mV3yv9JICkUbtxMQxwAmz5m2UcS8iY0McZR22g97G6rqXDCtDb5GfKikBD4xcJNdHV0YISlujWCeqplXtDVrjYYOikek9eo23pIdAOl-YyEkMBAplFtHhcp3lkt3KuFxMF0ckTGs8RV6lJYl0qArWxvUdN84-3CA8AE1_HutbADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8mYrYYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEO3sB9IICQiA4YBwEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0zOTMyODUxMTEyODA3Nzk5&sigh=g15UdOaZnQE&template_id=419
Frame ID: AF3F0CBAD30E45140DEAACC0D7D9D9DE
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html
Frame ID: 74907D035D51367CC5E5AB7E86CE12A1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E3768B96C8EC3146F38948F5F4273FCD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FDE6F0F503BA05B73E40DFA9D7653D74
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F604C6F1E70D5B4DA894D08AFD74995A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html
Frame ID: AF5A088820CFBF0ABCF384F8BF00F623
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C89PE14GEYPusGIWgrATdv4ZY04K5jWGw7Oqpywy36aK9wAEQASDDi-QpYJUCoAHjivalAsgBCakC6JrXqPFLtD6oAwHIA0iqBLwBT9AMFFI9eTbuInnxeORBDW_TrI_2WnJirC0t_AIXwXtq0B8O-cPIxpSZOJ0wCSyMBx9PC63zACxXD4zDVFdjJ7PtF8etWnvhax8F_x9rg4aP9BohiUhqdda2QzADukO_ehgNnVuv4_V09oIUWeC_Fs6BDVcfK_XwvwAA0zQdTQs8TOtrFal8VRHeWKciXXNbD8pKoqGebqZVfMOATEnPzofUiH4qCRJCx8IjXhPYO3LxjLjOtJ7KE5vZpQvABIn6kZeKA5IFBAgEGAGSBQQIBRgEoAYugAeF9YnaAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCc0QbSCAkIgOGAcBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItMzkzMjg1MTExMjgwNzc5OQ&sigh=IPi-C_r1FS0&template_id=419
Frame ID: 9A7BA4068C47B1E9165E42C63C36892D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Frame ID: B68E08F39DD7D12F856E2797508A0D8F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CET4V14GEYOevGIjm3wPj-7a4B8uZkvFh5OCig4YOqbj4vrUaEAEgw4vkKWCVAqABn-fS-QLIAQmpAuia16jxS7Q-qAMByANIqgTCAU_QkLheu8LGEBdetvHtMboy7U0kEP2RyVP0BVvopLU8eLyGC88AUGa605N8DA50XjwtLoH-250tSWgMAQ1mUceD8wzD1W1aBcPn1s5EaEg1iYBwBaAyNiJnFaLqaZPJGtt_t6iCAHMtFyOr9zI-3w0amfZFx5rXZugDMtdj4bXvCH1tcN7nTP9vObgqFqd9T_GyM8vqZ7WPt2rjTkbVcAgOAFwwAy2AaSzqMm2ANgk9Yhw-ecqNsLPgPcOIYEDGMq50wATX8e61sAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHyZithgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ2bgD0ggJCIDhgHAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTM5MzI4NTExMTI4MDc3OTk&sigh=Qs_BcKpB1yw&template_id=419
Frame ID: 966F4E5BC29B55261C1A4D4ECC65CCCF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 19AE33782EE78BA0DAB32FED6162D45B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 149BA0D3504A1E113A13733E199D2C87
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Frame ID: E61E4F21797B9F848C1708B2DF75B193
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CDqew14GEYKzSF_qMjuwPzvKcsAaNpPKkYcaqg96rDbP5_avbFhABIMOL5ClglQKgAaPWsMQDyAEJqQLomteo8Uu0PqgDAcgDSKoEwAFP0D5aUm92UZcke_173Tyvll0P_BBq6D50OyGru_GC-xUOIkkAVgzLLgiCPQGuvC1FRJJjjwr15CB3h1pl5cM3XAbWk_zZtcImhFRFAl8t6Yyo2aAXPAOnI_g9gtJ3ad2NEOR0SOPBvususmlD8P0lfCl66nRZsc22zvx5-CkwR38e4sMFVbgwPHZ6Jk9DuFy96Xj3BFlhO5jqYmd_G-t0Poa28_SGst2U77V0BrvYUTefp4x52Uf8dkLsMH9ugvjABMfPtL6yApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfFqc87qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENj1BtIICQiA4YBwEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0zOTMyODUxMTEyODA3Nzk5&sigh=zDfNJ3ndauw&template_id=419
Frame ID: 4B39F4A9770A044EBC3D65D4E4A82776
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: 0EBFCBF878C71282C97296CF4BE79880
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CBCE85429D4424F6FDE569BDE6C4C213
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Frame ID: 56BC4E2CFA49708F63464172F0061559
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Frame ID: 4BB12633104A0F539327D789BCB53A1D
Requests: 71 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F1108011C78C2991BC43D28B98E35064
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://geraldopost.com/ HTTP 301
    https://www.geraldopost.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

430
Requests

98 %
HTTPS

85 %
IPv6

28
Domains

45
Subdomains

39
IPs

5
Countries

13640 kB
Transfer

20450 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://geraldopost.com/ HTTP 301
    https://www.geraldopost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 280
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 283
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 286
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 314
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 315
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 326
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

430 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.geraldopost.com/
Redirect Chain
  • https://geraldopost.com/
  • https://www.geraldopost.com/
558 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
138f144cf717cc843576af4d95f1a6343a3ac2a64aa3ed87781e68fba894ed12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.geraldopost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Sat, 24 Apr 2021 20:38:46 GMT
date
Sat, 24 Apr 2021 20:38:46 GMT
cache-control
private, max-age=0
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
etag
W/"06a581ce00adc5e81d441f064f08baee12b818582f9399af0c1427a4b8c4eeb8"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
82630
server
GSE

Redirect headers

location
https://www.geraldopost.com/
date
Sat, 24 Apr 2021 20:38:46 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
225
x-xss-protection
0
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		8 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f53dcdc3266e25bbf97ae08454bbece27738b72ef14ea510afd3cf491817f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 19:37:04 GMT
server
ESF
date
Sat, 24 Apr 2021 20:38:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Apr 2021 20:38:46 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
2850173
cdn-cachedat
2021-03-11 11:57:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a734463400001f3912a24000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6fc1a75116c932681ed09108db37b84c
cf-ray
6452231d1dc41f39-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
UltraMag-Small.png
3.bp.blogspot.com/-j_zbrFXFwu8/XtJUZ8Yn6YI/AAAAAAAAIlw/73EoYU9ipxA25eMceRlGkFipmQ8p_9BmwCK4BGAYYCw/s1600/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-j_zbrFXFwu8/XtJUZ8Yn6YI/AAAAAAAAIlw/73EoYU9ipxA25eMceRlGkFipmQ8p_9BmwCK4BGAYYCw/s1600/UltraMag-Small.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
076ae6e0319c4ed63f5c688bf91ffe6de1ed2a74499e01f3eedb40cb52b56954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:22:44 GMT
x-content-type-options
nosniff
age
11762
content-disposition
inline;filename="UltraMag-Small.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2648
x-xss-protection
0
server
fife
etag
"v2261"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 15 Apr 2021 15:15:38 GMT
pocah.jpg
1.bp.blogspot.com/-wDpfyDkym2k/YII1mfNDUzI/AAAAAAAAWNk/oYHYThD_vw0bsyxZuCNaWpC7onvNx1XxwCNcBGAsYHQ/w640/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-wDpfyDkym2k/YII1mfNDUzI/AAAAAAAAWNk/oYHYThD_vw0bsyxZuCNaWpC7onvNx1XxwCNcBGAsYHQ/w640/pocah.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e1cc9ab03d8e0c74b82cb8c13f1f4061a64219ebe1d74d8e348c6f1c72d89000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58da"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pocah.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45112
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
bbb21.jpg
1.bp.blogspot.com/-AgYDKWAw6dU/YIIuxwYbDtI/AAAAAAAAWNQ/XSFu4iKwtY4OEYwBaBw98T1M6-tKNq-4QCNcBGAsYHQ/w640/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-AgYDKWAw6dU/YIIuxwYbDtI/AAAAAAAAWNQ/XSFu4iKwtY4OEYwBaBw98T1M6-tKNq-4QCNcBGAsYHQ/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
89ea8a064ce022ae90fd0390423aef77ae69c8cd0f2582e09d19e67792cc7e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58d5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44212
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
juliette.jpg
1.bp.blogspot.com/-p-zADuhPEVc/YH3SPrNfSsI/AAAAAAAAWM4/KDRuHBMlpesccDN_cKduPIa3QBlSOqk7gCNcBGAsYHQ/w640/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-p-zADuhPEVc/YH3SPrNfSsI/AAAAAAAAWM4/KDRuHBMlpesccDN_cKduPIa3QBlSOqk7gCNcBGAsYHQ/w640/juliette.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
98beccf228576939289a853df7bafe78a4c6b4154241a2e031bd2c972c795b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58cf"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="juliette.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35137
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
globo.jpg
1.bp.blogspot.com/-qbrkBTupXko/YEF6MCRaW9I/AAAAAAAAWCk/JOhQ0P3aG_MzirKZeZL5fcHiWtNPOWQgACPcBGAYYCw/w640/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-qbrkBTupXko/YEF6MCRaW9I/AAAAAAAAWCk/JOhQ0P3aG_MzirKZeZL5fcHiWtNPOWQgACPcBGAYYCw/w640/globo.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bfdbd875943b5ff8446f037e6525ee3664319a2b9682c2134b808c464b9bbf01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v5829"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="globo.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66352
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
18-Roberto-Carlos-e-Gloria-Perez-.jpg
1.bp.blogspot.com/-3aXlwYjajBo/YHxWvrePF6I/AAAAAAAAWMw/STYIldgsCi4qrxPPHdrj8xi1YaymAiWuACNcBGAsYHQ/w640/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-3aXlwYjajBo/YHxWvrePF6I/AAAAAAAAWMw/STYIldgsCi4qrxPPHdrj8xi1YaymAiWuACNcBGAsYHQ/w640/18-Roberto-Carlos-e-Gloria-Perez-.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4970a65dfa8227ff3387bd0840d4360c3aa10dfc02a3aeef9ee86f8d491b0a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58cd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="18-Roberto-Carlos-e-Gloria-Perez-.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73574
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
1617372587-820730160-810x471.png
1.bp.blogspot.com/-L7ecJj-JrdU/YHj5O7ZZX0I/AAAAAAAAWMk/ygtlRDs_UI8AqIkkgw92d9F-B9QK0B8rACNcBGAsYHQ/w640/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-L7ecJj-JrdU/YHj5O7ZZX0I/AAAAAAAAWMk/ygtlRDs_UI8AqIkkgw92d9F-B9QK0B8rACNcBGAsYHQ/w640/1617372587-820730160-810x471.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
75b4738a919ed452ae8effde6499144170bb3a663087194a461af36d14003d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58cb"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="1617372587-820730160-810x471.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30313
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
imperio.jpg
1.bp.blogspot.com/-sPlSOtTJcUw/YHXJYrTH3TI/AAAAAAAAWME/CVYMGjHSfw49wUCJoq_7U3KVdcA0yhz4QCNcBGAsYHQ/w640/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-sPlSOtTJcUw/YHXJYrTH3TI/AAAAAAAAWME/CVYMGjHSfw49wUCJoq_7U3KVdcA0yhz4QCNcBGAsYHQ/w640/imperio.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
49adb14e9bca3a1a9b5fa08e8a069f54fb835bca2acf0293f75787ef4fd7eacc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58c2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="imperio.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50889
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
bbb21.jpg
1.bp.blogspot.com/-xnfjGAQtqgw/YHW2A3lEQqI/AAAAAAAAWL8/b68v3Cyl0pwNWKjIGLpf6pCGS86R87yfACNcBGAsYHQ/w640/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-xnfjGAQtqgw/YHW2A3lEQqI/AAAAAAAAWL8/b68v3Cyl0pwNWKjIGLpf6pCGS86R87yfACNcBGAsYHQ/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9f2d51874c78d93e5549c4057b1fd650ee43f8b987267ac585ff1ee5f7eeab8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58c0"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32799
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
bbb21.jpg
1.bp.blogspot.com/-LVTwKi4BG8U/YHMnOwF-9MI/AAAAAAAAWL0/MS6Ne606jPE8l6NAP2-CLXX1OXMgB_bJQCNcBGAsYHQ/w640/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-LVTwKi4BG8U/YHMnOwF-9MI/AAAAAAAAWL0/MS6Ne606jPE8l6NAP2-CLXX1OXMgB_bJQCNcBGAsYHQ/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
030686d51286cbbca3a0f5fe63d82c51a041bfd46112daaf7efead3183039db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58be"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38355
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
plant%25C3%25A3obbb.jpg
1.bp.blogspot.com/-2Vmpo9eYxVo/YHCiVifiITI/AAAAAAAAWLs/1A88sNYJlqU4rtHt_RJJQxHWeCAMaQjQQCNcBGAsYHQ/w640/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-2Vmpo9eYxVo/YHCiVifiITI/AAAAAAAAWLs/1A88sNYJlqU4rtHt_RJJQxHWeCAMaQjQQCNcBGAsYHQ/w640/plant%25C3%25A3obbb.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
14e467613326899b156d3a4dcdbdc15aac12fc549a6b1f0addcb936414d61dca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58bc"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="plant_obbb.jpg";filename*=UTF-8''plant%C3%A3obbb.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50700
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
caio.jpg
1.bp.blogspot.com/-sw_DdjVqM4s/YG_Gk0H6_BI/AAAAAAAAWLk/pxKUrw6rqLIoBrbwGIypHfc5_1HJfLH2gCNcBGAsYHQ/w640/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-sw_DdjVqM4s/YG_Gk0H6_BI/AAAAAAAAWLk/pxKUrw6rqLIoBrbwGIypHfc5_1HJfLH2gCNcBGAsYHQ/w640/caio.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cdadfb9a7faeb78306a70c7701e16ec84d549b03be89691f97c4088ca914b66d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58ba"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="caio.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22466
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
rodolffo%2Bbbb.png
1.bp.blogspot.com/-kYrWojeRW2E/YG9R-2-bHcI/AAAAAAAAWLY/M-Q64rLnjCUMZcprz7sLAl2IyQEitNsRACPcBGAYYCw/w640/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-kYrWojeRW2E/YG9R-2-bHcI/AAAAAAAAWLY/M-Q64rLnjCUMZcprz7sLAl2IyQEitNsRACPcBGAYYCw/w640/rodolffo%2Bbbb.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4d408c02f9ffc1402240c42f378c8270c9bb8333b98b926b42cd528231bcfb4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58b6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="rodolffo bbb.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248814
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3493
date
Sat, 24 Apr 2021 19:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 24 Apr 2021 21:40:33 GMT
/
www.geraldopost.com/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geraldopost.com/
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
GSE
etag
W/"06a581ce00adc5e81d441f064f08baee12b818582f9399af0c1427a4b8c4eeb8"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
content-length
82630
x-xss-protection
1; mode=block
expires
Sat, 24 Apr 2021 20:38:46 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.geraldopost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
413289
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Wed, 20 Apr 2022 01:50:37 GMT
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.geraldopost.com
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-04-24 21:00:27
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
09a734466b00004a67aeb30000000001
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
653084ffbae51eeb9be906cd0122046a
accept-ranges
bytes
cf-ray
6452231d7c7a4a67-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.geraldopost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 20:40:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
345488
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Wed, 20 Apr 2022 20:40:38 GMT
rodolffo%2Bbbb.png
1.bp.blogspot.com/-kYrWojeRW2E/YG9R-2-bHcI/AAAAAAAAWLU/ah972KQh2fcU0vy_h_7KLlYAUC0i4f4_gCNcBGAsYHQ/w640/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-kYrWojeRW2E/YG9R-2-bHcI/AAAAAAAAWLU/ah972KQh2fcU0vy_h_7KLlYAUC0i4f4_gCNcBGAsYHQ/w640/rodolffo%2Bbbb.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4d408c02f9ffc1402240c42f378c8270c9bb8333b98b926b42cd528231bcfb4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58b6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="rodolffo bbb.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248814
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
bbb21.jpg
1.bp.blogspot.com/-nslk4RmwV60/YGs1GPRI_-I/AAAAAAAAWKw/Ff2LKs4AZXIkXl97DND1EOaSoaglS6aOQCPcBGAYYCw/w640/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-nslk4RmwV60/YGs1GPRI_-I/AAAAAAAAWKw/Ff2LKs4AZXIkXl97DND1EOaSoaglS6aOQCPcBGAYYCw/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
14488b4fa81133271455c649af8da5c7d6d6e55242b992ca0d8a3f948274ef0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58ac"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28763
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
bbb21.jpg
1.bp.blogspot.com/-nslk4RmwV60/YGs1GPRI_-I/AAAAAAAAWKk/7Nr2aaSiZJEw5or8wBl-t05RlYFALK8GwCNcBGAsYHQ/w640/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-nslk4RmwV60/YGs1GPRI_-I/AAAAAAAAWKk/7Nr2aaSiZJEw5or8wBl-t05RlYFALK8GwCNcBGAsYHQ/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
14488b4fa81133271455c649af8da5c7d6d6e55242b992ca0d8a3f948274ef0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58ac"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28763
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
bbb21.jpg
1.bp.blogspot.com/-KO_GkUzcNa0/YGp622_rIQI/AAAAAAAAWKc/UrjnILdYU60Z2K13ix6ugKeb7EDjAYsbgCNcBGAsYHQ/w640/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-KO_GkUzcNa0/YGp622_rIQI/AAAAAAAAWKc/UrjnILdYU60Z2K13ix6ugKeb7EDjAYsbgCNcBGAsYHQ/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a4521991b3389b19cda9d851d625fb63cb89e2713fa05f11b864fc881df12edf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58a8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47985
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
ludmilla%2Bbbb21.png
1.bp.blogspot.com/-_VIStROt8L0/YGns0hWvAkI/AAAAAAAAWKU/fXlx029_8QExpqvJqJK72KfFDJHS_AQSQCNcBGAsYHQ/w640/ 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-_VIStROt8L0/YGns0hWvAkI/AAAAAAAAWKU/fXlx029_8QExpqvJqJK72KfFDJHS_AQSQCNcBGAsYHQ/w640/ludmilla%2Bbbb21.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5a065309cb85fe04a4d4ffc231b05ef058421b9a8f02f5a4032d20c26790da17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58a6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="ludmilla bbb21.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
214342
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
amordemae.jpg
1.bp.blogspot.com/-PmK8UGsIpv4/YGTw6ccOGYI/AAAAAAAAWKE/p6dUm7fFxnsn4OP7fvtKMfVmo71fmjI2ACNcBGAsYHQ/w640/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-PmK8UGsIpv4/YGTw6ccOGYI/AAAAAAAAWKE/p6dUm7fFxnsn4OP7fvtKMfVmo71fmjI2ACNcBGAsYHQ/w640/amordemae.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1d91a336f739464d9a91cb2424edf9dd880d11044377fee933c1e4a14397d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58a2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="amordemae.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23045
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
bbb21.jpg
1.bp.blogspot.com/-yai2I4bDWYg/YGSqVwBDhzI/AAAAAAAAWJ8/lgDMeQn6UTsLCDZ92xLkTNqW9sV7yP_7wCNcBGAsYHQ/w640/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-yai2I4bDWYg/YGSqVwBDhzI/AAAAAAAAWJ8/lgDMeQn6UTsLCDZ92xLkTNqW9sV7yP_7wCNcBGAsYHQ/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
80ba75209c76d8383613acd48486dbff5be48479ea1a947fbce9b9e5bf44e81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58a0"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55297
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
karina%2Bpereira.png
1.bp.blogspot.com/-Bk5qA1IvqcA/YGSkwGLeBTI/AAAAAAAAWJ0/2PdkTYgVMscG_dRypoyEyo0UKu_nroIGgCNcBGAsYHQ/w640/ 		278 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Bk5qA1IvqcA/YGSkwGLeBTI/AAAAAAAAWJ0/2PdkTYgVMscG_dRypoyEyo0UKu_nroIGgCNcBGAsYHQ/w640/karina%2Bpereira.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ad4a26210c8a3df59cc76a8e31301ac61ca0baada3b270942a343cbce4a2f2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v589e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="karina pereira.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284623
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
bbb21.jpg
1.bp.blogspot.com/-xIKRMSog798/YGNsMtN8XkI/AAAAAAAAWJc/zpWNL8zt1UcTiBiCFMLB_t0d5sPXZZ4lgCNcBGAsYHQ/w640/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-xIKRMSog798/YGNsMtN8XkI/AAAAAAAAWJc/zpWNL8zt1UcTiBiCFMLB_t0d5sPXZZ4lgCNcBGAsYHQ/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
995f69e19b0273ca0777fba962f0592720129301d8b74d4c72b5967aadb59293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v5898"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41237
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
bbb21.jpg
1.bp.blogspot.com/-_d6t2AOyTVc/YGM4F95UMoI/AAAAAAAAWJU/3Xfm4ZjJDMgHXhzR38WWBxytwL36RlyWgCNcBGAsYHQ/w640/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-_d6t2AOyTVc/YGM4F95UMoI/AAAAAAAAWJU/3Xfm4ZjJDMgHXhzR38WWBxytwL36RlyWgCNcBGAsYHQ/w640/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ee284a19ae791a104f61073ed480ac6d50097a5808840e0a27b4a43582dee165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v5896"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36251
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
redebbb.jpg
1.bp.blogspot.com/-0XBCMe-b_24/YGJmfQ36MjI/AAAAAAAAWI8/5B39snptHBMQ0xTCrcpkeXneJ48qTSHpgCNcBGAsYHQ/w640/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0XBCMe-b_24/YGJmfQ36MjI/AAAAAAAAWI8/5B39snptHBMQ0xTCrcpkeXneJ48qTSHpgCNcBGAsYHQ/w640/redebbb.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0088946671f71076a5c93b6c524318c7e36a6f3dc5b2d3136158dceebcfb40ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v5890"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="redebbb.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72060
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
script.js
ad.lomadee.com/banners/ 		439 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.com/banners/script.js?sourceId=36890606&dimension=25&height=200&width=200&method=1&advertisers=5644&tags=25
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-116.fra2.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
3c92cb4ebadb6f0919e02ddaf45364a7196ebadc035aec7a499d59af58f0cf40

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 19:22:30 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
age
1905375
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-language
en-US
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-type
text/html;charset=UTF-8
content-length
280
x-amz-cf-id
VbDV7tMvt3WT28vTceLOJ5JHZyB1viMAbEGhFRuDzDya4Yb7aIKB_g==
maria.jpg
1.bp.blogspot.com/-Erhef-hDU1I/XjzBB1YPnqI/AAAAAAAAU4w/bvQNK2tJYfEXBBgy8chbWP8Aa_gCzX7BwCNcBGAsYHQ/w100/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Erhef-hDU1I/XjzBB1YPnqI/AAAAAAAAU4w/bvQNK2tJYfEXBBgy8chbWP8Aa_gCzX7BwCNcBGAsYHQ/w100/maria.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b14fb3516e30b4eb7f5fbfb70eb2cd1488f0ddd4b72e3799b237c4287f8b8f1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v538d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="maria.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3719
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
Ljt-iJmyLTMdftNyV-Gpu2DtYdvyc05MdnK9M56T4DEUG7jS7VtnDP7e-17CdK6-1wOthdYAW7L2Ho_4xkV0tfKxg-nmRY57yMNMSoiyRRdb05II8QNJdhlbPiK0=w100
lh5.googleusercontent.com/proxy/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/Ljt-iJmyLTMdftNyV-Gpu2DtYdvyc05MdnK9M56T4DEUG7jS7VtnDP7e-17CdK6-1wOthdYAW7L2Ho_4xkV0tfKxg-nmRY57yMNMSoiyRRdb05II8QNJdhlbPiK0=w100
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2586105e18e0bb273cc833654769ef54891d67da769888a1b4a3f5a6e9230e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2379
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
3.jpg
1.bp.blogspot.com/-0qzkzT71vhA/XW7sSS1cKoI/AAAAAAAAUlc/jZiMo_6G67MNE8fiXaTsgazd1F2vhIinwCLcBGAs/w100/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0qzkzT71vhA/XW7sSS1cKoI/AAAAAAAAUlc/jZiMo_6G67MNE8fiXaTsgazd1F2vhIinwCLcBGAs/w100/3.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aca59ef5fce66bdacda6fdd7872db2c18b5c42e3d92e6ad5c3828651b4b50c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v5259"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="3.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6216
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
banner.js
www.magazinevoce.com.br/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
27e29f9f1d9b13ab1ff1d065d13dc45d6127e109b80e26e32d7fa98f626205cd

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
via
1.1 google
server
nginx/1.14.2
alt-svc
clear
vary
Cookie
content-type
text/javascript
index.html
plugin.bebeofertas.com.br/ Frame 2065 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53610bc0121596f1ac958ea0c2b15261a98e63893fa24c171dea09f816c0395a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
plugin.bebeofertas.com.br
:scheme
https
:path
/index.html?sourceId=36901826
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"7807027ac71db682dc4cc3f06e0600e1c4007d687073aa69d26beed41e2cf37a-br"
last-modified
Wed, 17 Feb 2021 00:01:20 GMT
strict-transport-security
max-age=31556926
accept-ranges
bytes
date
Sat, 24 Apr 2021 20:38:46 GMT
x-served-by
cache-cdg20726-CDG
x-cache
HIT
x-cache-hits
1
x-timer
S1619296727.883240,VS0,VE1
vary
x-fh-requested-host, accept-encoding
content-length
1720
1.jpg
1.bp.blogspot.com/-gBLWugjPEY4/VPY_qh5ImJI/AAAAAAAAPHY/JH1KZcsSbSg/w100/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-gBLWugjPEY4/VPY_qh5ImJI/AAAAAAAAPHY/JH1KZcsSbSg/w100/1.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8d0e6af2928a1055c8da030563ded4d74deae971503f6fe2975aca83b5e47891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v3c77"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="1.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3514
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
pocah.jpg
1.bp.blogspot.com/-wDpfyDkym2k/YII1mfNDUzI/AAAAAAAAWNk/oYHYThD_vw0bsyxZuCNaWpC7onvNx1XxwCNcBGAsYHQ/w100/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-wDpfyDkym2k/YII1mfNDUzI/AAAAAAAAWNk/oYHYThD_vw0bsyxZuCNaWpC7onvNx1XxwCNcBGAsYHQ/w100/pocah.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7854adbb2f82aa2160f0c388f893aecdf3616d077fde2d1bf2e19e912684d035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58da"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pocah.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2903
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
Capturar.PNG
4.bp.blogspot.com/-hZFGYzFcrf0/W5a8yuRKvlI/AAAAAAAAT3Y/KFqqx9O02f0n0oLpeAnpOnX3N2WwW0QEACLcBGAs/w100/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-hZFGYzFcrf0/W5a8yuRKvlI/AAAAAAAAT3Y/KFqqx9O02f0n0oLpeAnpOnX3N2WwW0QEACLcBGAs/w100/Capturar.PNG
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ab2a0bde05429b6c1a2a98a2988272c5342d92188ad04f94402a655f730ae1bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v4f77"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Capturar.PNG"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13599
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
juliette.jpg
1.bp.blogspot.com/-p-zADuhPEVc/YH3SPrNfSsI/AAAAAAAAWM4/KDRuHBMlpesccDN_cKduPIa3QBlSOqk7gCNcBGAsYHQ/w100/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-p-zADuhPEVc/YH3SPrNfSsI/AAAAAAAAWM4/KDRuHBMlpesccDN_cKduPIa3QBlSOqk7gCNcBGAsYHQ/w100/juliette.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
357cbdf03d42d24db7f6797be5659d9c14c335fc84219fbec369e61e5859d5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
fife
etag
"v58cf"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="juliette.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5855
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
yon%25C3%25A1%2Be%2Bmarcos%2Bpaulo%2Btieta.jpg
2.bp.blogspot.com/-HY6-_TVPQsg/ViZE-eyLVbI/AAAAAAAAQXc/RzdNdQ0-De0/w100/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-HY6-_TVPQsg/ViZE-eyLVbI/AAAAAAAAQXc/RzdNdQ0-De0/w100/yon%25C3%25A1%2Be%2Bmarcos%2Bpaulo%2Btieta.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0a575a90f6ac207ca6d17eac0b580a19a4a1be76d4cd6d4b3a5804a847da93c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v4178"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="yon_ e marcos paulo tieta.jpg";filename*=UTF-8''yon%C3%A1%20e%20marcos%20paulo%20tieta.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5096
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:46 GMT
bbb21.jpg
1.bp.blogspot.com/-LVTwKi4BG8U/YHMnOwF-9MI/AAAAAAAAWL0/MS6Ne606jPE8l6NAP2-CLXX1OXMgB_bJQCNcBGAsYHQ/w100/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-LVTwKi4BG8U/YHMnOwF-9MI/AAAAAAAAWL0/MS6Ne606jPE8l6NAP2-CLXX1OXMgB_bJQCNcBGAsYHQ/w100/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
77f012414e7fb72d0ec033484cac533085ed07255ba9b2f4c34ad3f7722f57ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58be"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3044
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
8mIdDvdIQks7jt4vJGQ3FpPKSpOcvRJrfMhSS7TaCU4ADu-Vi4Wb4-qvT8pS4wktB-NTy86VMvWGHmZsN6zKSOH_IRj73wnlAWwbPFjNENgrKtUEJ8HJ9MC13aoQ6JRWOFmF89J4IOVSlvovU20lWLUS7MscQb2kYeYitiXkEuMx19IFxGI=w100
lh4.googleusercontent.com/proxy/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/8mIdDvdIQks7jt4vJGQ3FpPKSpOcvRJrfMhSS7TaCU4ADu-Vi4Wb4-qvT8pS4wktB-NTy86VMvWGHmZsN6zKSOH_IRj73wnlAWwbPFjNENgrKtUEJ8HJ9MC13aoQ6JRWOFmF89J4IOVSlvovU20lWLUS7MscQb2kYeYitiXkEuMx19IFxGI=w100
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c8ba40ab414eb90c0426f1c04b7bb65fdecc97fa8d8893158f98705609be5925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2784
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48209
x-xss-protection
0
server
cafe
etag
2341374986041078434
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Apr 2021 20:38:46 GMT
Design%2Bsem%2Bnome%2B%25289%2529.png
1.bp.blogspot.com/-mLN8K7n_5vM/X7VLryo264I/AAAAAAAABVw/JCXVjir-hS4o7FbxK62MHMHJfVYvZI4BgCK4BGAYYCw/s1600/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-mLN8K7n_5vM/X7VLryo264I/AAAAAAAABVw/JCXVjir-hS4o7FbxK62MHMHJfVYvZI4BgCK4BGAYYCw/s1600/Design%2Bsem%2Bnome%2B%25289%2529.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a7359c7038dac6dbd6b34882e49b2f2ce3248bd61738f8e85ce1d87fc9cda962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v55d"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Design sem nome (9).png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7603
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
transexual-Maria-Clara-Spinelli-745x483.jpg
2.bp.blogspot.com/-EWCEX3OX4_I/WOKsBCX2vHI/AAAAAAAASac/2uTnE1JRqOAN9R5zFxCpacCxcHHcBgJ3wCLcB/w100/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-EWCEX3OX4_I/WOKsBCX2vHI/AAAAAAAASac/2uTnE1JRqOAN9R5zFxCpacCxcHHcBgJ3wCLcB/w100/transexual-Maria-Clara-Spinelli-745x483.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
964dbc1b127912ab2d9f2cb89d83e3bc3f9be61d29923b34cf42501e8d77856f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v49a9"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="transexual-Maria-Clara-Spinelli-745x483.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2255
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 16:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188771
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 16:12:35 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1390142020&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geraldopost.com%2F&ul=en-us&de=UTF-8&dt=%23geraldopost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=932483327&gjid=1336912213&cid=1717309228.1619296727&tid=UA-15987968-2&_gid=379390104.1619296727&_r=1&_slc=1&z=899542546
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.geraldopost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-15987968-2&cid=1717309228.1619296727&jid=932483327&gjid=1336912213&_gid=379390104.1619296727&_u=IEBAAEAAAAAAAC~&z=1084232305
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 24 Apr 2021 20:38:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.geraldopost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-15987968-2&cid=1717309228.1619296727&jid=932483327&_u=IEBAAEAAAAAAAC~&z=1497353388
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-15987968-2&cid=1717309228.1619296727&jid=932483327&_u=IEBAAEAAAAAAAC~&z=1497353388
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:38:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookienotice.js
www.geraldopost.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/js/cookienotice.js
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/js/cookienotice.js
pragma
no-cache
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 24 Apr 2021 20:08:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Sat, 01 May 2021 20:38:46 GMT
53698643-widgets.js
www.blogger.com/static/v1/widgets/ 		144 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/53698643-widgets.js
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5ff8d7ffd90641a4ce0a1ea4eb7ff7b77d5e3d3e5d61fefa12c42be7d0051be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 05:46:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 02:15:39 GMT
server
sffe
age
53552
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53568
x-xss-protection
0
expires
Sun, 24 Apr 2022 05:46:14 GMT
view
ad.lomadee.com/banner/ Frame 6813 		0
0
mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.geraldopost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:37 GMT
server
sffe
age
190484
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13780
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:02 GMT
summary
www.geraldopost.com/feeds/posts/ 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
b8a57814a99d32fe393c703635318607ac2f24899f739806dd30be89b0129087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed
pragma
no-cache
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"f7381c0be83f24863a27ed414ab58adb96c8124ae49238188bad4cafac7f74f3"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
23654
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:47 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
18044138429448666955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 24 Apr 2021 20:38:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/ Frame 0A16 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210422/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 24 Apr 2021 19:22:05 GMT
expires
Sat, 08 May 2021 19:22:05 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
4601
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		205 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.geraldopost.com&callback=_gfp_s_&client=ca-pub-3932851112807799
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bb659df59af0c5b06af697bdefa02f6a33cf022de4e2c80318b3f83ad00d2b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.geraldopost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.geraldopost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F0E8 		0
0
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017352525402"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28270
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E505 		0
0
3.659959f0.chunk.css
unruffled-brown-9d316c.netlify.app/static/css/ Frame 2065 		0
0
main.9a52486c.chunk.css
unruffled-brown-9d316c.netlify.app/static/css/ Frame 2065 		0
0
3.df5fb226.chunk.js
unruffled-brown-9d316c.netlify.app/static/js/ Frame 2065 		0
0
main.f7fdfbf1.chunk.js
unruffled-brown-9d316c.netlify.app/static/js/ Frame 2065 		0
0
gtm.js
www.googletagmanager.com/ Frame 2065 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBDJ4KC
Requested by
Host: plugin.bebeofertas.com.br
URL: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5406cf9905501e032658eee1184e8ac1082de5bccb21cfb7f609eae6deb8471
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33089
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Apr 2021 20:38:46 GMT
analytics.js
www.google-analytics.com/ Frame 2065 		48 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBDJ4KC
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3493
date
Sat, 24 Apr 2021 19:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 24 Apr 2021 21:40:33 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c35071d9088bb7f78b3945676fbb9b83c8e9704f0ed7530031b1e2b9935205fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
oNudPpeHkzGPI5w96fZS8g==
cross-origin-resource-policy
cross-origin
expires
Sat, 24 Apr 2021 20:40:56 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
FLTufosfvjVeKBaX3m9O/PRbpF9l0B1g9LH9dvgRxKptzCHKXLmHtvrsr/npbzVtVTBBm11N/XVMBr0SuNCuZA==
x-fb-trip-id
686109401
x-fb-content-md5
dc07225befde025b073f51876cf5c7ca
date
Sat, 24 Apr 2021 20:38:46 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7fbd549fb459b0011426ca7c5960119d"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
index.html
plugin.bebeofertas.com.br/ Frame 6B41 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53610bc0121596f1ac958ea0c2b15261a98e63893fa24c171dea09f816c0395a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
plugin.bebeofertas.com.br
:scheme
https
:path
/index.html?sourceId=36901826
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"7807027ac71db682dc4cc3f06e0600e1c4007d687073aa69d26beed41e2cf37a-br"
last-modified
Wed, 17 Feb 2021 00:01:20 GMT
strict-transport-security
max-age=31556926
accept-ranges
bytes
date
Sat, 24 Apr 2021 20:38:47 GMT
x-served-by
cache-cdg20726-CDG
x-cache
HIT
x-cache-hits
2
x-timer
S1619296727.042554,VS0,VE0
vary
x-fh-requested-host, accept-encoding
content-length
1720
view
ad.lomadee.com/banner/ Frame 25EA 		1 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lomadee.com/banner/view?sourceId=36890606&dimension=25&width=200&height=200&method=1&advertisers=5644&tags=25
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-116.fra2.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
f07d37cc8b64c615c2730647a48f894bbcf7bd2ee92886a5e736ec2d8598549a

Request headers

:method
GET
:authority
ad.lomadee.com
:scheme
https
:path
/banner/view?sourceId=36890606&dimension=25&width=200&height=200&method=1&advertisers=5644&tags=25
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

content-type
text/html;charset=UTF-8
content-encoding
gzip
content-language
en-US
date
Sat, 24 Apr 2021 20:38:46 GMT
server
Apache-Coyote/1.1
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
b8eDEoSoR7AfKb--6upu0pU_sms-mhRGkDkEHV2TavlbUOMXjRvJWA==
ads
googleads.g.doubleclick.net/pagead/ Frame CE35 		96 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa27e4a29de9734c3aa204fe05f5fb8829cc9ac226ac41ef701d3e5828e1795e
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIX4zrHel_ACFZIHiwodgtQEUg&gqi=14GEYMvjApKV9u8P3rOooA4&layout=/sadbundle/%24csp%253Der3%24/78096498092133154/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIX4zrHel_ACFZIHiwodgtQEUg&gqi=14GEYMvjApKV9u8P3rOooA4&layout=/sadbundle/%24csp%253Der3%24/78096498092133154/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Apr 2021 20:38:47 GMT
server
cafe
content-length
34687
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 24-Apr-2021 20:53:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame F1D6 		115 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1498069f58ed149bc3e7564a3cbced6606e03d3682437a316de64ba467268173
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNzuzrHel_ACFQgEiwodmWYDAA&gqi=14GEYMToArGV9u8P952iWA&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNzuzrHel_ACFQgEiwodmWYDAA&gqi=14GEYMToArGV9u8P952iWA&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Apr 2021 20:38:47 GMT
server
cafe
content-length
37528
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 24-Apr-2021 20:53:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:47 GMT
cache-control
private
globo
www.geraldopost.com/feeds/posts/default/-/ 		126 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/globo?alt=json-in-script&max-results=5&callback=jQuery1124032956473873126946_1619296726797&_=1619296726798
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
4befaff609a14c590d0f906170350e19ba348ec254c9590d6bf6e22fa8ec23bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/globo?alt=json-in-script&max-results=5&callback=jQuery1124032956473873126946_1619296726797&_=1619296726798
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"ef71b23fcae62fe26047da901e45098fbe6f8babb2b3a4bdf213fc792ed91b42"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
35271
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
default
www.geraldopost.com/feeds/posts/ 		109 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery1124032956473873126946_1619296726799&_=1619296726800
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
b3844900c09935d5d00e41ab8544b901818d463a885c4143dea93841f7454eda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery1124032956473873126946_1619296726799&_=1619296726800
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"d8d74a0f45baeb8b75c3aaa6794122ba1116ea84cf6f13abe9db3aa80f0705e5"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
28918
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
default
www.geraldopost.com/feeds/posts/ 		98 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default?alt=json-in-script&max-results=4&callback=jQuery1124032956473873126946_1619296726801&_=1619296726802
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
3fb04f95b7c5e60244dc9c677c6e2e4cdd0e05835eb3a9484717b8d6a3c75aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default?alt=json-in-script&max-results=4&callback=jQuery1124032956473873126946_1619296726801&_=1619296726802
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"4e56b26cb830a52bdf9e83fee3ef3f59569a647ab0f58f2b1d77d50f049edccb"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
26839
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
mem%C3%B3ria%20geraldopost
www.geraldopost.com/feeds/posts/default/-/ 		156 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/mem%C3%B3ria%20geraldopost?alt=json-in-script&max-results=12&callback=jQuery1124032956473873126946_1619296726803&_=1619296726804
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
e8fad7f4bdd291c665575c5a8ef5361c0a8c6d0bee58b7cfc895a6c78617489d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/mem%C3%B3ria%20geraldopost?alt=json-in-script&max-results=12&callback=jQuery1124032956473873126946_1619296726803&_=1619296726804
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"aea76679b354f0f74870f627270e581c98ef1037156e9616b359fde0e662b831"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
41781
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
bbb21
www.geraldopost.com/feeds/posts/default/-/ 		107 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/bbb21?alt=json-in-script&max-results=5&callback=jQuery1124032956473873126946_1619296726805&_=1619296726806
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
2b8912f4749f05b598f763d8e841321ed014684ac394b7c734be34b1f194ff2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/bbb21?alt=json-in-script&max-results=5&callback=jQuery1124032956473873126946_1619296726805&_=1619296726806
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"31d8791600154ef04a0200f5e539f2aaaad81191460b07bc9bfa21610d893bf7"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
29507
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
amor%20de%20m%C3%A3e
www.geraldopost.com/feeds/posts/default/-/ 		105 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/amor%20de%20m%C3%A3e?alt=json-in-script&max-results=5&callback=jQuery1124032956473873126946_1619296726807&_=1619296726808
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
35a9dc16e6edacebc35ab5b2acbb39253577613c096c5155e5a315cb27ac53ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/amor%20de%20m%C3%A3e?alt=json-in-script&max-results=5&callback=jQuery1124032956473873126946_1619296726807&_=1619296726808
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"e57a158b3e2879720e2c0bef363a9c170c64648cca52b4588674b6c773bd8f37"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
28555
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
audi%C3%AAncia
www.geraldopost.com/feeds/posts/default/-/ 		95 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/audi%C3%AAncia?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726809&_=1619296726810
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
03bcc81265f29a52443c76c229e1dd749a95ae82d89298c1466fea0986568165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/audi%C3%AAncia?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726809&_=1619296726810
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"be47697ad1273d2a4b9bf78e5d9da8306b70aa5d33b09c5b44a0716e5506f419"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
26751
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
globoplay
www.geraldopost.com/feeds/posts/default/-/ 		91 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/globoplay?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726811&_=1619296726812
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
9dad76b260e50505e477cfd2b38967303864095860aba347454929457cfe11fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/globoplay?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726811&_=1619296726812
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"db422e94f385e2998929d771aa8b62d42976c75bd672704dedd150463dfdfb51"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
25873
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
tv%20hist%C3%B3rica
www.geraldopost.com/feeds/posts/default/-/ 		112 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/tv%20hist%C3%B3rica?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726813&_=1619296726814
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
6cf2180abf1884f88d08aa3b412b74a3eaaf19f7e6ff84339dc009101b465e11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/tv%20hist%C3%B3rica?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726813&_=1619296726814
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"e9b5a12050367c8387b16f5bad3d47143a18961f3c4e97f5114df112651acaa7"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
29945
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
jornalismo
www.geraldopost.com/feeds/posts/default/-/ 		108 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/jornalismo?alt=json-in-script&max-results=6&callback=jQuery1124032956473873126946_1619296726815&_=1619296726816
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
965939a3a3046dff5c5e10fc42b7f62461f5e86a11910fb757a43985a17997cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/jornalismo?alt=json-in-script&max-results=6&callback=jQuery1124032956473873126946_1619296726815&_=1619296726816
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"9575d08215547349e0bcaa00d408aefeaeb7785db9f3eaf353183a2fd875640d"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
29148
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
cultura
www.geraldopost.com/feeds/posts/default/-/ 		89 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/cultura?alt=json-in-script&max-results=2&callback=jQuery1124032956473873126946_1619296726817&_=1619296726818
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
3453d38eeadcaad1cc41bcbd5512b78cdb57d9a8c234e28ba00b86cb5e1f01ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/cultura?alt=json-in-script&max-results=2&callback=jQuery1124032956473873126946_1619296726817&_=1619296726818
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"e536b6178f5543e90758bad237ae930dc661f32c2514828c0191e8add15d0500"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
25847
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
tv
www.geraldopost.com/feeds/posts/default/-/ 		96 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/tv?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726819&_=1619296726820
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
bf0f9355e1b23c2a4e36c0cf23734e66a80ee1efbd5fbe01d19ba6b43bbc96e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/tv?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726819&_=1619296726820
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"e7183030db734aa19bf84b2b5b3206afbd0d2f846472deb2e32db458845bd897"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
27259
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
lgbt
www.geraldopost.com/feeds/posts/default/-/ 		96 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/lgbt?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726821&_=1619296726822
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
401990451835f858ea9431a15cbac54df27ea4a17012b09957d865d07d0fc35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/lgbt?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726821&_=1619296726822
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"5ce81ce1f33da505750810852e7f263246801ca4ed433fc0b7e272ea90247ffb"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
27536
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
blackfriday
www.geraldopost.com/feeds/posts/default/-/ 		78 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/blackfriday?alt=json-in-script&max-results=8&callback=jQuery1124032956473873126946_1619296726823&_=1619296726824
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
4bab105125a3c98d9709f83f70dad78c24cce2523d5bbd58dedcdbf8960331e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/blackfriday?alt=json-in-script&max-results=8&callback=jQuery1124032956473873126946_1619296726823&_=1619296726824
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"e163db92725f6cc55e5821a9f3a63efeb1e5f7c9cba6f25abb6aa99a85607a68"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
23100
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
Technology
www.geraldopost.com/feeds/posts/default/-/ 		78 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default/-/Technology?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726825&_=1619296726826
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
8b83189b3bd8e63a0b42e876c52b6d4f6c0dc12b9e87674e6f181be4f4768f46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default/-/Technology?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726825&_=1619296726826
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"1c55d1021f96423adfb81db77ae674316adf65bc425d24cb2f6133aabc4decf7"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
23101
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
default
www.geraldopost.com/feeds/posts/ 		96 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default?max-results=3&start-index=3&alt=json-in-script&callback=jQuery1124032956473873126946_1619296726827&_=1619296726828
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
6c3c916f7d3924d47210e5af850a0cdb2c8a309159763bd2ffa0a9286657c301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default?max-results=3&start-index=3&alt=json-in-script&callback=jQuery1124032956473873126946_1619296726827&_=1619296726828
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"3a8304ea58714571d8e007452ebb5b3e96f04363b93173f575cf3e99dafe78e7"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
27133
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
default
www.geraldopost.com/feeds/posts/ 		93 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.geraldopost.com/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726829&_=1619296726830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
88d921a5a81c84a5705b33e687863db2416c572b01362ddbfa3ad7010f86b688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1717309228.1619296727; _gid=GA1.2.379390104.1619296727; _gat_blogger=1
:path
/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery1124032956473873126946_1619296726829&_=1619296726830
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.geraldopost.com
referer
https://www.geraldopost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.geraldopost.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Apr 2021 07:38:42 GMT
server
blogger-renderd
etag
W/"0fe5b8fea207fdca63a8f81f7a43f84b251b77fb56842415c1f13a1ea6e24a61"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
25825
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.geraldopost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.geraldopost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D60B 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&adk=1812271804&adf=3025194257&lmt=1619163522&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.geraldopost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727049&bpp=1&bdt=475&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C370x280&nras=1&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3d1dd15f3508747d76dd3c9be6568b24c67d3551e460bd0e6ec7135697b3196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&adk=1812271804&adf=3025194257&lmt=1619163522&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.geraldopost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727049&bpp=1&bdt=475&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C370x280&nras=1&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Apr 2021 20:38:47 GMT
server
cafe
content-length
4881
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 24-Apr-2021 20:53:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:47 GMT
cache-control
private
sdk.js
connect.facebook.net/en_US/ 		218 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=eb6d6ab6e9f6452446c779aeb45830b0&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5290c2234ca98096eaa441b46feedd8d54cac1e0581f65bf2a432354ef839d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.geraldopost.com
Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OHYE4G/IukEwOTysUiO+8A==
cross-origin-resource-policy
cross-origin
expires
Sun, 24 Apr 2022 19:18:21 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66008
x-fb-rlafr
0
x-fb-debug
pT2PM3brXVJPQREcqs1pMYHnM+1sy5bROYRB7yFM0PX8g1/JBfwPyrpwbYIkFLz0dYL+tLAVY5pSkBwRQRXQWQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
94278dc1e9d677ce04d24499d1134f5b
date
Sat, 24 Apr 2021 20:38:47 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"65cc63ac96b7c6a387c8318ba8910bb2"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
/
www.magazinevoce.com.br/geraldopost/banner/ Frame 3A45 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
7a2fec101f4183a64e36ed82a981a651654859f21a7765d48a99054319ab7b1f

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=leaderboard
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
cache-control
max-age=1800
last-modified
Sat, 24 Apr 2021 20:37:50 GMT
expires
Sat, 24 Apr 2021 21:07:50 GMT
vary
Cookie
set-cookie
FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=47, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=47, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/
via
1.1 google
alt-svc
clear
/
www.magazinevoce.com.br/geraldopost/banner/ Frame EE03 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
b73220f2672e071c3585c6910b0cf64c10117a4164daf56556211d20bed5c36d

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=medium-rectangle
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
vary
Cookie
cache-control
max-age=1800
expires
Sat, 24 Apr 2021 21:07:50 GMT
last-modified
Sat, 24 Apr 2021 20:37:50 GMT
set-cookie
MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=47, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=47, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
via
1.1 google
alt-svc
clear
/
www.magazinevoce.com.br/geraldopost/banner/ Frame FCE4 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
cf8167a7bbab70d1cdb823efdb6a23a181d3a28ab92fde18fb660ce7319ffccf

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=rectangle
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
last-modified
Sat, 24 Apr 2021 20:37:51 GMT
expires
Sat, 24 Apr 2021 21:07:51 GMT
vary
Cookie
cache-control
max-age=1800
set-cookie
pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=48, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=48, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/
via
1.1 google
alt-svc
clear
/
www.magazinevoce.com.br/geraldopost/banner/ Frame A975 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
7a2fec101f4183a64e36ed82a981a651654859f21a7765d48a99054319ab7b1f

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=leaderboard
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
vary
Cookie
cache-control
max-age=1800
last-modified
Sat, 24 Apr 2021 20:37:50 GMT
expires
Sat, 24 Apr 2021 21:07:50 GMT
set-cookie
MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=48, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=48, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
via
1.1 google
alt-svc
clear
/
www.magazinevoce.com.br/geraldopost/banner/ Frame 661E 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
b73220f2672e071c3585c6910b0cf64c10117a4164daf56556211d20bed5c36d

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=medium-rectangle
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
last-modified
Sat, 24 Apr 2021 20:37:50 GMT
expires
Sat, 24 Apr 2021 21:07:50 GMT
vary
Cookie
cache-control
max-age=1800
set-cookie
pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=49, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=49, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/
via
1.1 google
alt-svc
clear
/
www.magazinevoce.com.br/geraldopost/banner/ Frame 638C 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
cf8167a7bbab70d1cdb823efdb6a23a181d3a28ab92fde18fb660ce7319ffccf

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=rectangle
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
expires
Sat, 24 Apr 2021 21:07:51 GMT
cache-control
max-age=1800
last-modified
Sat, 24 Apr 2021 20:37:51 GMT
vary
Cookie
set-cookie
mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=49, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=49, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/
via
1.1 google
alt-svc
clear
/
www.magazinevoce.com.br/geraldopost/banner/ Frame 3705 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
7a2fec101f4183a64e36ed82a981a651654859f21a7765d48a99054319ab7b1f

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=leaderboard
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
vary
Cookie
cache-control
max-age=1800
last-modified
Sat, 24 Apr 2021 20:37:50 GMT
expires
Sat, 24 Apr 2021 21:07:50 GMT
set-cookie
MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=50, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=50, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
via
1.1 google
alt-svc
clear
/
www.magazinevoce.com.br/geraldopost/banner/ Frame 4750 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
b73220f2672e071c3585c6910b0cf64c10117a4164daf56556211d20bed5c36d

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=medium-rectangle
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
expires
Sat, 24 Apr 2021 21:07:50 GMT
vary
Cookie
last-modified
Sat, 24 Apr 2021 20:37:50 GMT
cache-control
max-age=1800
set-cookie
FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=50, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=50, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
via
1.1 google
alt-svc
clear
/
www.magazinevoce.com.br/geraldopost/banner/ Frame 0C4F 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/js/banner.js?store=geraldopost
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.14.2 /
Resource Hash
cf8167a7bbab70d1cdb823efdb6a23a181d3a28ab92fde18fb660ce7319ffccf

Request headers

:method
GET
:authority
www.magazinevoce.com.br
:scheme
https
:path
/geraldopost/banner/?store=geraldopost&type=rectangle
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

date
Sat, 24 Apr 2021 20:38:51 GMT
content-type
text/html; charset=utf-8
server
nginx/1.14.2
expires
Sat, 24 Apr 2021 21:07:51 GMT
cache-control
max-age=1800
last-modified
Sat, 24 Apr 2021 20:37:51 GMT
vary
Cookie
set-cookie
mvc_showcase_name=None; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=51, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/ FCCDCF=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ pmd_promoter=; Domain=.magazinevoce.com.br; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ MLPARCEIRO=3440; Domain=.magazinevoce.com.br; expires=time.struct_time(tm_year=2021, tm_mon=4, tm_mday=29, tm_hour=20, tm_min=38, tm_sec=51, tm_wday=3, tm_yday=119, tm_isdst=0); Max-Age=432000; Path=/
via
1.1 google
alt-svc
clear
3.659959f0.chunk.css
unruffled-brown-9d316c.netlify.app/static/css/ Frame 6B41 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unruffled-brown-9d316c.netlify.app/static/css/3.659959f0.chunk.css
Requested by
Host: plugin.bebeofertas.com.br
URL: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
37fb32ad-143b-4d5d-9bfb-0eea56745b8e
date
Sat, 24 Apr 2021 20:38:47 GMT
server
Netlify
age
0
content-length
0
main.9a52486c.chunk.css
unruffled-brown-9d316c.netlify.app/static/css/ Frame 6B41 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unruffled-brown-9d316c.netlify.app/static/css/main.9a52486c.chunk.css
Requested by
Host: plugin.bebeofertas.com.br
URL: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
ba1a6311-6ffc-437f-9233-78ced185d810
date
Sat, 24 Apr 2021 20:38:47 GMT
server
Netlify
age
0
content-length
0
3.df5fb226.chunk.js
unruffled-brown-9d316c.netlify.app/static/js/ Frame 6B41 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://unruffled-brown-9d316c.netlify.app/static/js/3.df5fb226.chunk.js
Requested by
Host: plugin.bebeofertas.com.br
URL: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
d4a77daa-97da-4852-b0f2-ffbba4e19a1d
date
Sat, 24 Apr 2021 20:38:47 GMT
server
Netlify
age
0
content-length
0
main.f7fdfbf1.chunk.js
unruffled-brown-9d316c.netlify.app/static/js/ Frame 6B41 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://unruffled-brown-9d316c.netlify.app/static/js/main.f7fdfbf1.chunk.js
Requested by
Host: plugin.bebeofertas.com.br
URL: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
0735df62-ede3-4d88-9900-1bfb76d60cb0
date
Sat, 24 Apr 2021 20:38:47 GMT
server
Netlify
age
0
content-length
0
gtm.js
www.googletagmanager.com/ Frame 6B41 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBDJ4KC
Requested by
Host: plugin.bebeofertas.com.br
URL: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fecc47c0aeecfb8726f5cfb9f67781d5189e60552ac8a680284188ed3aa206a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33090
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Apr 2021 20:38:47 GMT
analytics.js
www.google-analytics.com/ Frame 6B41 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBDJ4KC
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3494
date
Sat, 24 Apr 2021 19:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 24 Apr 2021 21:40:33 GMT
itau%2Bcultural.png
1.bp.blogspot.com/-GrMrah-EzHM/YD_m_1uzQ9I/AAAAAAAAWB4/JA0V7xr-Xpsuii9D85iUGmlIGWOr81o9ACPcBGAYYCw/w640-h372/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-GrMrah-EzHM/YD_m_1uzQ9I/AAAAAAAAWB4/JA0V7xr-Xpsuii9D85iUGmlIGWOr81o9ACPcBGAYYCw/w640-h372/itau%2Bcultural.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
87d0f9ba7c7a8fd772919d4865d8807e3f20c83f14b3005ce4de62ad51af2145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v581e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="itau cultural.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112553
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
rockin.jpg
1.bp.blogspot.com/-h5abcJgo8Gk/X8DdK1yZ2CI/AAAAAAAAVdc/fermaP2hgK81Er1Gh1qlpMKxLrfzs01NQCNcBGAsYHQ/w446-h640/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-h5abcJgo8Gk/X8DdK1yZ2CI/AAAAAAAAVdc/fermaP2hgK81Er1Gh1qlpMKxLrfzs01NQCNcBGAsYHQ/w446-h640/rockin.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
68ed074d044492bac0380a1ce7d1531715400680e661f093a2eefc175c7e8d37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v55d8"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="rockin.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100238
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.geraldopost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.geraldopost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7A8E 		104 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ad0a166771edfc46b98d3d196f3a77e4bbb12c086ca782874bd4897ff8fd518
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyZ47Hel_ACFXqGgwcdTjkHZg&gqi=14GEYJOXF8rP7_UP8YC--AE&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyZ47Hel_ACFXqGgwcdTjkHZg&gqi=14GEYJOXF8rP7_UP8YC--AE&layout=/sadbundle/%24csp%253Der3%24/5442514344972767536/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Apr 2021 20:38:47 GMT
server
cafe
content-length
33449
x-xss-protection
0
set-cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM; expires=Thu, 19-May-2022 20:38:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B9F7 		78 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bd1f8c0a3a28b7dba83bf3b20a53f1a85e911a8f583df4531d83386ec9e57ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Apr 2021 20:38:47 GMT
server
cafe
content-length
27328
x-xss-protection
0
set-cookie
IDE=AHWqTUnEvxz-3kbEE2F69P9bDS2jnw9ziOeXqTlRKZWALyRd7C9kwS5IE2Sdg9tnYGE; expires=Thu, 19-May-2022 20:38:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 1FC5 		104 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b786f0e07340439f0071e7f0df2a390b8601face6324a26493fd5dd99900765
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLv047Hel_ACFQUQiwod3Z8BCw&gqi=14GEYILJF6zC7_UP_rGIsAs&layout=/sadbundle/%24csp%253Der3%24/5441334610969689380/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLv047Hel_ACFQUQiwod3Z8BCw&gqi=14GEYILJF6zC7_UP_rGIsAs&layout=/sadbundle/%24csp%253Der3%24/5441334610969689380/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Apr 2021 20:38:47 GMT
server
cafe
content-length
33468
x-xss-protection
0
set-cookie
IDE=AHWqTUmHfJBmWu_2Vo0L8gY6uzSgROqjgd70l8HH5dESAWjrvd7DlzBI7BuJt7QoU2U; expires=Thu, 19-May-2022 20:38:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 17E0 		104 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e152f32a0b63aec094b2b25467acd500607c21ff713e05c5af7f782dd2692b5
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKf347Hel_ACFQjzdwod470Ndw&gqi=14GEYLLeF4WU9u8P-Oys8Aw&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKf347Hel_ACFQjzdwod470Ndw&gqi=14GEYLLeF4WU9u8P-Oys8Aw&layout=/sadbundle/%24csp%253Der3%24/11575576717432054682/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Apr 2021 20:38:47 GMT
server
cafe
content-length
33538
x-xss-protection
0
set-cookie
IDE=AHWqTUnKRTbsletSzW5hqp-ygXfJogiKsTYE1psIIiV_TH5O95Mi0EKKuztY0b2-MCA; expires=Thu, 19-May-2022 20:38:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 33D2 		69 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31f283bbe7e854b2101d202ee7104b49b2ba46c237fd8820c29933f892e805b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 24 Apr 2021 20:38:47 GMT
server
cafe
content-length
25893
x-xss-protection
0
set-cookie
IDE=AHWqTUnWTnhiSRqv51FEo_ZGTsco1qMPEKCCxuU0HLooHhCnvJ9DG7Zqq-w1y8-BMdQ; expires=Thu, 19-May-2022 20:38:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:47 GMT
cache-control
private
pocah.jpg
1.bp.blogspot.com/-wDpfyDkym2k/YII1mfNDUzI/AAAAAAAAWNk/oYHYThD_vw0bsyxZuCNaWpC7onvNx1XxwCNcBGAsYHQ/w640-h360/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-wDpfyDkym2k/YII1mfNDUzI/AAAAAAAAWNk/oYHYThD_vw0bsyxZuCNaWpC7onvNx1XxwCNcBGAsYHQ/w640-h360/pocah.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
107ea30bea0a3bd876be7860aefad2ceccb06149782903879936ea48b557761c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="pocah.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55523
x-xss-protection
0
server
fife
etag
"v58da"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 24 Apr 2021 22:48:21 GMT
bbb21.jpg
1.bp.blogspot.com/-AgYDKWAw6dU/YIIuxwYbDtI/AAAAAAAAWNQ/XSFu4iKwtY4OEYwBaBw98T1M6-tKNq-4QCNcBGAsYHQ/w640-h360/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-AgYDKWAw6dU/YIIuxwYbDtI/AAAAAAAAWNQ/XSFu4iKwtY4OEYwBaBw98T1M6-tKNq-4QCNcBGAsYHQ/w640-h360/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8a4193772ee65b66ab8e30cdda96fb9848d54c3c8ec99506f95fb6f130dda739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="bbb21.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52139
x-xss-protection
0
server
fife
etag
"v58d5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 24 Apr 2021 22:48:36 GMT
juliette.jpg
1.bp.blogspot.com/-p-zADuhPEVc/YH3SPrNfSsI/AAAAAAAAWM4/KDRuHBMlpesccDN_cKduPIa3QBlSOqk7gCNcBGAsYHQ/w640-h426/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-p-zADuhPEVc/YH3SPrNfSsI/AAAAAAAAWM4/KDRuHBMlpesccDN_cKduPIa3QBlSOqk7gCNcBGAsYHQ/w640-h426/juliette.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7facbd518e58323e180b90ad3801e78d7a3113415baa91428a60d531d1691ac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58cf"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="juliette.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44237
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
globo.jpg
1.bp.blogspot.com/-qbrkBTupXko/YEF6MCRaW9I/AAAAAAAAWCk/JOhQ0P3aG_MzirKZeZL5fcHiWtNPOWQgACPcBGAYYCw/w640-h426/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-qbrkBTupXko/YEF6MCRaW9I/AAAAAAAAWCk/JOhQ0P3aG_MzirKZeZL5fcHiWtNPOWQgACPcBGAYYCw/w640-h426/globo.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6b92ad6a4610a0080edee31403216a1f3f74b6c5d1dd85ce737cdc1a3a515725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5829"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="globo.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77780
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
bbb21.jpg
1.bp.blogspot.com/-LVTwKi4BG8U/YHMnOwF-9MI/AAAAAAAAWL0/MS6Ne606jPE8l6NAP2-CLXX1OXMgB_bJQCNcBGAsYHQ/w640-h360/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-LVTwKi4BG8U/YHMnOwF-9MI/AAAAAAAAWL0/MS6Ne606jPE8l6NAP2-CLXX1OXMgB_bJQCNcBGAsYHQ/w640-h360/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a37676b836c402e797187c6e3b569ef42a17951ee1b7e69c9ae816ba0979f58b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58be"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45156
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
rodolffo%2Bbbb.png
1.bp.blogspot.com/-kYrWojeRW2E/YG9R-2-bHcI/AAAAAAAAWLY/M-Q64rLnjCUMZcprz7sLAl2IyQEitNsRACPcBGAYYCw/w640-h320/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-kYrWojeRW2E/YG9R-2-bHcI/AAAAAAAAWLY/M-Q64rLnjCUMZcprz7sLAl2IyQEitNsRACPcBGAYYCw/w640-h320/rodolffo%2Bbbb.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4d408c02f9ffc1402240c42f378c8270c9bb8333b98b926b42cd528231bcfb4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58b6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="rodolffo bbb.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248814
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
bbb21.jpg
1.bp.blogspot.com/-ks_p7vHWH6I/YFJ-rrg8s5I/AAAAAAAAWFk/vN7LPVB4cjMGuSlueqz4FIPwImGwnnOVgCNcBGAsYHQ/w640-h424/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ks_p7vHWH6I/YFJ-rrg8s5I/AAAAAAAAWFk/vN7LPVB4cjMGuSlueqz4FIPwImGwnnOVgCNcBGAsYHQ/w640-h424/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ac8d5a6c1c0bf29cb335a7319026883e6664bb66b7f132c2503170ba43fb235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v585a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78905
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
Peoplemeter-aparelho-do-Ibope-ibopemede-audi%25C3%25AAncia-das-emissoras-de-TV-em-tempo-real.jpg
1.bp.blogspot.com/-0CO-PaU68ug/YEEdqcXaz_I/AAAAAAAAWCQ/cf1efyLZ90U8vX4_TwAHxUluH4zr7TwsgCNcBGAsYHQ/w640-h336/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0CO-PaU68ug/YEEdqcXaz_I/AAAAAAAAWCQ/cf1efyLZ90U8vX4_TwAHxUluH4zr7TwsgCNcBGAsYHQ/w640-h336/Peoplemeter-aparelho-do-Ibope-ibopemede-audi%25C3%25AAncia-das-emissoras-de-TV-em-tempo-real.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2430c3230f518478d7c4628a406f03472eb2d7a004caf4db3f8a02ecbb07f715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5825"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Peoplemeter-aparelho-do-Ibope-ibopemede-audi_ncia-das-emissoras-de-TV-em-tempo-real.jpg";filename*=UTF-8''Peoplemeter-aparelho-do-Ibope-ibopemede-audi%C3%AAncia-das-emissoras-de-TV-em-tempo-real.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36823
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
La%25C3%25A7os.jpg
1.bp.blogspot.com/-0l5x7j5Ii6Y/X1RhGuZ2vyI/AAAAAAAAVVg/X4g0lr-ksZwkx_RJYkOe-GOffZOy-HV0QCPcBGAYYCw/w640-h422/ 		231 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0l5x7j5Ii6Y/X1RhGuZ2vyI/AAAAAAAAVVg/X4g0lr-ksZwkx_RJYkOe-GOffZOy-HV0QCPcBGAYYCw/w640-h422/La%25C3%25A7os.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2818a0a05ead12d9d47a1643de62f2359b956f7812780c57e28f32ea737338ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5558"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="La_os.jpg";filename*=UTF-8''La%C3%A7os.jpg
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236110
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
bbb20.JPG
1.bp.blogspot.com/-VTYBjwe99Ac/XjeGy3c-mYI/AAAAAAAAA2s/zseQyytma_gzVMIaY95qbYqR36XbuijLQCPcBGAYYCw/w640-h340/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-VTYBjwe99Ac/XjeGy3c-mYI/AAAAAAAAA2s/zseQyytma_gzVMIaY95qbYqR36XbuijLQCPcBGAYYCw/w640-h340/bbb20.JPG
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d072199e456153fa722ffa01c48fa915959a1f39c951e3338af23b63a8787a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v36b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb20.JPG"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37109
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
imperio.jpg
1.bp.blogspot.com/-sPlSOtTJcUw/YHXJYrTH3TI/AAAAAAAAWME/CVYMGjHSfw49wUCJoq_7U3KVdcA0yhz4QCNcBGAsYHQ/w640-h422/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-sPlSOtTJcUw/YHXJYrTH3TI/AAAAAAAAWME/CVYMGjHSfw49wUCJoq_7U3KVdcA0yhz4QCNcBGAsYHQ/w640-h422/imperio.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
49adb14e9bca3a1a9b5fa08e8a069f54fb835bca2acf0293f75787ef4fd7eacc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58c2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="imperio.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50889
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
bbb21.jpg
1.bp.blogspot.com/-ezMRMVUksiQ/YFjPXYQb-YI/AAAAAAAAWHc/xKQT_1cxrtUveCgazy-A7kTt0jCKCVJ_wCNcBGAsYHQ/w640-h360/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ezMRMVUksiQ/YFjPXYQb-YI/AAAAAAAAWHc/xKQT_1cxrtUveCgazy-A7kTt0jCKCVJ_wCNcBGAsYHQ/w640-h360/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
98c0ee51ed1d7bfd89c0db082c5e5f06efded88b1dc52931e9487a60de2bd616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5878"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66393
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
1617372587-820730160-810x471.png
1.bp.blogspot.com/-L7ecJj-JrdU/YHj5O7ZZX0I/AAAAAAAAWMk/ygtlRDs_UI8AqIkkgw92d9F-B9QK0B8rACNcBGAsYHQ/w640-h372/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-L7ecJj-JrdU/YHj5O7ZZX0I/AAAAAAAAWMk/ygtlRDs_UI8AqIkkgw92d9F-B9QK0B8rACNcBGAsYHQ/w640-h372/1617372587-820730160-810x471.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
118c9bdd568e2467f074b7f35eb55ac6371f2dec641240a02166c9ea0fd63436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58cb"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="1617372587-820730160-810x471.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38120
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
bbb21.jpg
1.bp.blogspot.com/-xnfjGAQtqgw/YHW2A3lEQqI/AAAAAAAAWL8/b68v3Cyl0pwNWKjIGLpf6pCGS86R87yfACNcBGAsYHQ/w640-h400/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-xnfjGAQtqgw/YHW2A3lEQqI/AAAAAAAAWL8/b68v3Cyl0pwNWKjIGLpf6pCGS86R87yfACNcBGAsYHQ/w640-h400/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d5520fcef964c1f3e3f0de3344b6e859c5e7534e2a21f2df4b67ae04a06e4e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58c0"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41979
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
18-Roberto-Carlos-e-Gloria-Perez-.jpg
1.bp.blogspot.com/-3aXlwYjajBo/YHxWvrePF6I/AAAAAAAAWMw/STYIldgsCi4qrxPPHdrj8xi1YaymAiWuACNcBGAsYHQ/w618-h640/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-3aXlwYjajBo/YHxWvrePF6I/AAAAAAAAWMw/STYIldgsCi4qrxPPHdrj8xi1YaymAiWuACNcBGAsYHQ/w618-h640/18-Roberto-Carlos-e-Gloria-Perez-.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9ccb036ddd4dca287fede3ac987191eacf8b9a5e43cdbb25fbeb9122044c50d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58cd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="18-Roberto-Carlos-e-Gloria-Perez-.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86522
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
amordemae.jpg
1.bp.blogspot.com/-PmK8UGsIpv4/YGTw6ccOGYI/AAAAAAAAWKE/p6dUm7fFxnsn4OP7fvtKMfVmo71fmjI2ACNcBGAsYHQ/w640-h408/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-PmK8UGsIpv4/YGTw6ccOGYI/AAAAAAAAWKE/p6dUm7fFxnsn4OP7fvtKMfVmo71fmjI2ACNcBGAsYHQ/w640-h408/amordemae.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6d714bbc6faa9e18b42e1eb5dcbf8c53c174bda06fc8b8b6f5e7c5eac97a1fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v58a2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="amordemae.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29404
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
amordemae.jpg
1.bp.blogspot.com/-CpwYZpZ1B2Q/YF9lvlw6R2I/AAAAAAAAWIM/KF3cgc-B4U4BuSJwlFahcb2EMQo0uhW5QCNcBGAsYHQ/w640-h356/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-CpwYZpZ1B2Q/YF9lvlw6R2I/AAAAAAAAWIM/KF3cgc-B4U4BuSJwlFahcb2EMQo0uhW5QCNcBGAsYHQ/w640-h356/amordemae.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dfe984bc4f248521c19f680b768488f59c4b5b3c917a1aeca0d992aee6eaa9d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5884"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="amordemae.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35563
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
lurdes%2Bamor%2Bde.png
1.bp.blogspot.com/-ZDhJv2FU5VM/YDq56nQfYZI/AAAAAAAAV_U/c0Ud16tCHk0yvaestdElCRstXHbqdCdrwCPcBGAYYCw/w640-h428/ 		486 KB
486 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ZDhJv2FU5VM/YDq56nQfYZI/AAAAAAAAV_U/c0Ud16tCHk0yvaestdElCRstXHbqdCdrwCPcBGAYYCw/w640-h428/lurdes%2Bamor%2Bde.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bc7fc6f6a2a2336341baacd56ca93e22acae58a9d8d6f45115bae94c0e57a9d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v57f5"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="lurdes amor de.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
497981
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
bbb21.jpg
1.bp.blogspot.com/-Hu6jvZyPmB0/YFYMRgk6YyI/AAAAAAAAWGU/KHbT2BqzETYIvMrEVa8phKfEARLbxKsRwCNcBGAsYHQ/w640-h360/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Hu6jvZyPmB0/YFYMRgk6YyI/AAAAAAAAWGU/KHbT2BqzETYIvMrEVa8phKfEARLbxKsRwCNcBGAsYHQ/w640-h360/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1c9efb3de1311675903d99e3de250a6da501b8eb5be3a5308d361ddf4df6a6bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5866"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48961
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
por%2Bamor.jpg
1.bp.blogspot.com/-tMvGUW4VFZs/XWbzqvzlYbI/AAAAAAAAUj4/DtF69XLF-tY5KX5czsxlflAp1Uky9kkbACLcBGAs/s640/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-tMvGUW4VFZs/XWbzqvzlYbI/AAAAAAAAUj4/DtF69XLF-tY5KX5czsxlflAp1Uky9kkbACLcBGAs/s640/por%2Bamor.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
11b1efec34dbcdcd1c161e61b2ee4f6059dfd93c86a0dc046b242ec83469e10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v523f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="por amor.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53268
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
por-amor-vigilianerd-01.gif
vigilianerd.com.br/wp-content/uploads/2019/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vigilianerd.com.br/wp-content/uploads/2019/05/por-amor-vigilianerd-01.gif
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a3fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
207d4ab1875d3d3230eb5af6bba6c192b6e428458b97418c6bb65a447f3d0860

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
59719
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1563948
cf-request-id
09a7344a5100004eb695b41000000001
last-modified
Wed, 01 May 2019 18:35:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HXmEeSe%2BiQrlrJ%2Bf2eelVh33JASvOVZdktBvJ3thHyhlh1x2Yvgyd58YZOGCY%2BZwXXkBjSe90Gz7Xs%2Fu4uDZPMKCZanSes%2BvIN23E3CV4jYzWUm4xTD%2FwXSqItc6PVQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
64522323b9064eb6-FRA
expires
Sun, 22 Aug 2021 04:03:28 GMT
Revista%2BAMiha%2B1998.jpg
1.bp.blogspot.com/-63HZF1-qXJs/XWAch-tWL4I/AAAAAAAAUh4/Mt6NZtdhVrUUn1p91JsuROddWkuEKxTxwCLcBGAs/s640/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-63HZF1-qXJs/XWAch-tWL4I/AAAAAAAAUh4/Mt6NZtdhVrUUn1p91JsuROddWkuEKxTxwCLcBGAs/s640/Revista%2BAMiha%2B1998.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9237f538a2510c9ff7cd38abcfccb09cf7f8dea0d4b02ce287ef254b4e8acf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v5220"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Revista AMiha 1998.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150156
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
por%2Bamor%2B1998.PNG
1.bp.blogspot.com/-855yXtk_ce4/XWAcwyT5OdI/AAAAAAAAUh8/hni9ev2O48QtXQguSgxlempE9K0XQ52pQCLcBGAs/s400/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-855yXtk_ce4/XWAcwyT5OdI/AAAAAAAAUh8/hni9ev2O48QtXQguSgxlempE9K0XQ52pQCLcBGAs/s400/por%2Bamor%2B1998.PNG
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9beda0b21929f9ce9188cbe91bbe1e7346dea4e818fafcc65273ee6bf8266a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5221"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="por amor 1998.PNG"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106410
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
Imagem%2B2549.jpg
1.bp.blogspot.com/-owESkR2szqw/XV2BnwHmECI/AAAAAAAAUhY/BOv0EzZmIuQjvIra-RbIuNdkU9FIL_v0QCLcBGAs/s640/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-owESkR2szqw/XV2BnwHmECI/AAAAAAAAUhY/BOv0EzZmIuQjvIra-RbIuNdkU9FIL_v0QCLcBGAs/s640/Imagem%2B2549.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5dbf0a72986d3f974429bb2d6ada5533a6f089ab274f555592f45806e8fe6d4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5217"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Imagem 2549.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96765
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
amiga%2B1998.jpg
1.bp.blogspot.com/-33TWwW4ha58/XV2EGZkNU5I/AAAAAAAAUhk/JIHbPgLF2VAAyPV7ech2JAHTaGTY29VtwCLcBGAs/s640/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-33TWwW4ha58/XV2EGZkNU5I/AAAAAAAAUhk/JIHbPgLF2VAAyPV7ech2JAHTaGTY29VtwCLcBGAs/s640/amiga%2B1998.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
44af38b1bf876fa9b62a4235497239e999318e312a5c9be81861466446495aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v521a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="amiga 1998.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141755
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
por%2Bamor.jpg
1.bp.blogspot.com/-tMvGUW4VFZs/XWbzqvzlYbI/AAAAAAAAUj4/DtF69XLF-tY5KX5czsxlflAp1Uky9kkbACLcBGAs/w680/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-tMvGUW4VFZs/XWbzqvzlYbI/AAAAAAAAUj4/DtF69XLF-tY5KX5czsxlflAp1Uky9kkbACLcBGAs/w680/por%2Bamor.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
25317a90368b3e9a15102013a18b41f765a7cd3a5a9aede6e869ac0dfdfd92e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v523f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="por amor.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46959
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
Revista%2BAMiha%2B1998.jpg
1.bp.blogspot.com/-63HZF1-qXJs/XWAch-tWL4I/AAAAAAAAUh4/Mt6NZtdhVrUUn1p91JsuROddWkuEKxTxwCLcBGAs/w680/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-63HZF1-qXJs/XWAch-tWL4I/AAAAAAAAUh4/Mt6NZtdhVrUUn1p91JsuROddWkuEKxTxwCLcBGAs/w680/Revista%2BAMiha%2B1998.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9237f538a2510c9ff7cd38abcfccb09cf7f8dea0d4b02ce287ef254b4e8acf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v5220"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Revista AMiha 1998.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150156
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
Imagem%2B2549.jpg
1.bp.blogspot.com/-owESkR2szqw/XV2BnwHmECI/AAAAAAAAUhY/BOv0EzZmIuQjvIra-RbIuNdkU9FIL_v0QCLcBGAs/w680/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-owESkR2szqw/XV2BnwHmECI/AAAAAAAAUhY/BOv0EzZmIuQjvIra-RbIuNdkU9FIL_v0QCLcBGAs/w680/Imagem%2B2549.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
97241ac0e5a0affe15501c54680e2fbe5f9f6c1489f7bc85841bea53b206fa17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5217"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Imagem 2549.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156542
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
1.jpg
1.bp.blogspot.com/-FSGDk94tSPk/YCK-lSwtNJI/AAAAAAAAVwU/_isU-BJRzPIb67ojCcjRc5D6oae4nffBwCNcBGAsYHQ/w640-h378/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-FSGDk94tSPk/YCK-lSwtNJI/AAAAAAAAVwU/_isU-BJRzPIb67ojCcjRc5D6oae4nffBwCNcBGAsYHQ/w640-h378/1.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b7865d8a36e6b3856f1407e604010b7455ca81c59cb5284c632e20571ec01f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5706"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="1.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51007
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
covas-reeleito-fto-3243-fabio-tito-g1.jpg
s2.glbimg.com/PfVXtsy_vqX9jZg7lD7G3HCgYNE=/0x0:2000x1335/1008x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_59edd422c0c84a879bd37670ae4f538a/internal_photos/bs/2020/H/d/PwB6YCRGK1Mztul3cBZw/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/PfVXtsy_vqX9jZg7lD7G3HCgYNE=/0x0:2000x1335/1008x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_59edd422c0c84a879bd37670ae4f538a/internal_photos/bs/2020/H/d/PwB6YCRGK1Mztul3cBZw/covas-reeleito-fto-3243-fabio-tito-g1.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
7d378799bbf3eeab3af97b55b8383bb46d1b7e1491be35cfba69aae4d6bb12a2

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
via
2.0 CachOS
x-bip
85991917 al24 01 11
age
0
etag
"1897aa1d34f8ff9e4304414d6684512b1576423e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0A81FC04
access-control-allow-headers
Content-Type
content-length
54990
x-request-id
8ce44dd7-03ad-47ed-a032-3143b77b14fb
expires
Mon, 24 May 2021 20:38:48 GMT
unnamed%2B%25284%2529.jpg
1.bp.blogspot.com/-P-o9W3a5tDo/X1-WtaPKZ-I/AAAAAAAAVXU/oHB6sQjzwosCL7PRDc2P2GqSuUAV5jwUwCNcBGAsYHQ/w400-h266/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-P-o9W3a5tDo/X1-WtaPKZ-I/AAAAAAAAVXU/oHB6sQjzwosCL7PRDc2P2GqSuUAV5jwUwCNcBGAsYHQ/w400-h266/unnamed%2B%25284%2529.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
72c8a2ceb65b7eeefc96f0956e87683ef86f5b998c92dc1d75a99a2d18dbc8e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5576"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed (4).jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30336
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
20180822_00_matraca_feira_comunicacao7.jpg
1.bp.blogspot.com/-ShRjIHq9MCY/Xxd_5fnoTLI/AAAAAAAABII/pBIJFxfXUNQfFvc1peiLJseljEKwwKFsACLcBGAsYHQ/s640/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ShRjIHq9MCY/Xxd_5fnoTLI/AAAAAAAABII/pBIJFxfXUNQfFvc1peiLJseljEKwwKFsACLcBGAsYHQ/s640/20180822_00_matraca_feira_comunicacao7.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
40db10ccedf381bd69bb1274b261a49a4ee600d5438dc1b53a0af89d3f29dfb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v483"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="20180822_00_matraca_feira_comunicacao7.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50409
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
001.JPG
1.bp.blogspot.com/-Ul2EilU2Dec/XweqB2peS8I/AAAAAAAAVPQ/ALInbbHf5U4GP2H0EiSkl0Ok7WlyHfAiwCNcBGAsYHQ/s640/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Ul2EilU2Dec/XweqB2peS8I/AAAAAAAAVPQ/ALInbbHf5U4GP2H0EiSkl0Ok7WlyHfAiwCNcBGAsYHQ/s640/001.JPG
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6c7634f744ebbcb181b0598e92296f87e86eade4218c255152dcb7edd6604e88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v54f5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="001.JPG"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41716
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
Capas%2Bmarieclaire.jpg
1.bp.blogspot.com/-nU0RTS-rEug/XwcxMg3HJMI/AAAAAAAAVPE/VL92pJ6sczwQWjwBNZjad3tCAqxb2dPaACNcBGAsYHQ/s640/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-nU0RTS-rEug/XwcxMg3HJMI/AAAAAAAAVPE/VL92pJ6sczwQWjwBNZjad3tCAqxb2dPaACNcBGAsYHQ/s640/Capas%2Bmarieclaire.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
34d854af74485c19247aa01eba8ca7d07de29bb175937474ddfbebb7e19b5c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v54f2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Capas marieclaire.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62376
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
20180822_00_matraca_feira_comunicacao7.jpg
1.bp.blogspot.com/-ShRjIHq9MCY/Xxd_5fnoTLI/AAAAAAAABII/pBIJFxfXUNQfFvc1peiLJseljEKwwKFsACLcBGAsYHQ/w680/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ShRjIHq9MCY/Xxd_5fnoTLI/AAAAAAAABII/pBIJFxfXUNQfFvc1peiLJseljEKwwKFsACLcBGAsYHQ/w680/20180822_00_matraca_feira_comunicacao7.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2dfe6b048550947f335139f17010d4f08251a3cd9b63916af8cc255a91bb054d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v483"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="20180822_00_matraca_feira_comunicacao7.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43782
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
001.JPG
1.bp.blogspot.com/-Ul2EilU2Dec/XweqB2peS8I/AAAAAAAAVPQ/ALInbbHf5U4GP2H0EiSkl0Ok7WlyHfAiwCNcBGAsYHQ/w680/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Ul2EilU2Dec/XweqB2peS8I/AAAAAAAAVPQ/ALInbbHf5U4GP2H0EiSkl0Ok7WlyHfAiwCNcBGAsYHQ/w680/001.JPG
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ded4092b57ddb7dee8437b1e72d0da27635396adfce2e2aa3b0be026b18e61d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v54f5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="001.JPG"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31353
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
Capas%2Bmarieclaire.jpg
1.bp.blogspot.com/-nU0RTS-rEug/XwcxMg3HJMI/AAAAAAAAVPE/VL92pJ6sczwQWjwBNZjad3tCAqxb2dPaACNcBGAsYHQ/w680/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-nU0RTS-rEug/XwcxMg3HJMI/AAAAAAAAVPE/VL92pJ6sczwQWjwBNZjad3tCAqxb2dPaACNcBGAsYHQ/w680/Capas%2Bmarieclaire.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2aec2672f98bd8a339db6fcbac2f72c79aa17bb539102340c5a290449ef6f064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v54f2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Capas marieclaire.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60839
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
unnamed%2B%25289%2529.jpg
1.bp.blogspot.com/-Ah3W08EYoz8/X7cCree7JwI/AAAAAAAAVbw/-TdUJhpi9VQTK6wGCieJlA3p7AVxXI6nACNcBGAsYHQ/w640-h426/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Ah3W08EYoz8/X7cCree7JwI/AAAAAAAAVbw/-TdUJhpi9VQTK6wGCieJlA3p7AVxXI6nACNcBGAsYHQ/w640-h426/unnamed%2B%25289%2529.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4f1a5efe73fbd5abf40ccad0411948cbb0115d6467a0b718543a75491bac0caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v55bd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed (9).jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18736
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
Sangria%2B01.jpg
1.bp.blogspot.com/-c-pTiPia76k/Xvo-gDA-99I/AAAAAAAAVMU/nkCxujN6TUgzMKMGPWtvGmkW8ZPv5PuIwCNcBGAsYHQ/s640/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-c-pTiPia76k/Xvo-gDA-99I/AAAAAAAAVMU/nkCxujN6TUgzMKMGPWtvGmkW8ZPv5PuIwCNcBGAsYHQ/s640/Sangria%2B01.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
159fcc2f0598d46828ae44f7de60a62e068e7014c377e51933a41dc5bcb55528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v54c6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Sangria 01.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160608
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
logo.jpg
1.bp.blogspot.com/-gUIPELBag-Y/XuAnqqOrKlI/AAAAAAAAA_k/ovgvrM8PTJQxkxmZnSy6DgIh1KG4IqbyACLcBGAsYHQ/s400/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-gUIPELBag-Y/XuAnqqOrKlI/AAAAAAAAA_k/ovgvrM8PTJQxkxmZnSy6DgIh1KG4IqbyACLcBGAsYHQ/s400/logo.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7eff8da29dd9d00cd299a4b4a7b31a0c109bebf165da8efba374c0e7957fc9b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v3fc"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8601
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
hqdefault.jpg
img.youtube.com/vi/bNs_7r1PsfQ/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/bNs_7r1PsfQ/hqdefault.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8119f5ca081f049c9a10be40d403b68a66cd2738e7036c7a27ce9b452129409b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1606262093"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21617
x-xss-protection
0
expires
Sat, 24 Apr 2021 22:38:47 GMT
Sangria%2B01.jpg
1.bp.blogspot.com/-c-pTiPia76k/Xvo-gDA-99I/AAAAAAAAVMU/nkCxujN6TUgzMKMGPWtvGmkW8ZPv5PuIwCNcBGAsYHQ/w680/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-c-pTiPia76k/Xvo-gDA-99I/AAAAAAAAVMU/nkCxujN6TUgzMKMGPWtvGmkW8ZPv5PuIwCNcBGAsYHQ/w680/Sangria%2B01.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8b7d16c4ac6415e5060abc4514110d1db9902464811831405a715a8fae3a9567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v54c6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Sangria 01.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208867
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
logo.jpg
1.bp.blogspot.com/-gUIPELBag-Y/XuAnqqOrKlI/AAAAAAAAA_k/ovgvrM8PTJQxkxmZnSy6DgIh1KG4IqbyACLcBGAsYHQ/w680/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-gUIPELBag-Y/XuAnqqOrKlI/AAAAAAAAA_k/ovgvrM8PTJQxkxmZnSy6DgIh1KG4IqbyACLcBGAsYHQ/w680/logo.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
085f40558f8e1ef8af2c6791d8e39038ad1c559d1feb954599d0f8771fc25218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v3fc"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="logo.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7053
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
lacos-de-familia-edu-camila-helena.webp
1.bp.blogspot.com/-wbi68RMiHvQ/X-sicKRz-lI/AAAAAAAAVhc/01Nr8bMMERk0U857BuxOn228wYNydsE_wCNcBGAsYHQ/w640-h424/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-wbi68RMiHvQ/X-sicKRz-lI/AAAAAAAAVhc/01Nr8bMMERk0U857BuxOn228wYNydsE_wCNcBGAsYHQ/w640-h424/lacos-de-familia-edu-camila-helena.webp
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b4de522d6cb3b930bd959e8c7b60a8f1ac45ad524f802f455e553bf8d7ddb9be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5618"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="lacos-de-familia-edu-camila-helena.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51658
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
bebe.jpg
1.bp.blogspot.com/-iUE94v8vFV8/X-smyjJbE1I/AAAAAAAAVhk/E6cdNKFzg_8_wkc33aT4as-n6Pgf9nAVQCNcBGAsYHQ/w640-h364/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-iUE94v8vFV8/X-smyjJbE1I/AAAAAAAAVhk/E6cdNKFzg_8_wkc33aT4as-n6Pgf9nAVQCNcBGAsYHQ/w640-h364/bebe.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8e64ce8f2ad096e5b778ee80aed4eb07c2fb0a50a007ef1f6da3be94b39a7dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v561c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bebe.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56235
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
lacos_de_familia_capitu_tapa_clara_5d9bccd552a50417bce74b0f4b667cdeee78d615.jpeg
1.bp.blogspot.com/-mUlStuEJ7so/X-snB_UbhrI/AAAAAAAAVhs/fJy4NrUqHNsntL4vJB4STIObymxU6My1QCNcBGAsYHQ/w640-h354/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-mUlStuEJ7so/X-snB_UbhrI/AAAAAAAAVhs/fJy4NrUqHNsntL4vJB4STIObymxU6My1QCNcBGAsYHQ/w640-h354/lacos_de_familia_capitu_tapa_clara_5d9bccd552a50417bce74b0f4b667cdeee78d615.jpeg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d3c6c19cae34ba4b62e11cfb99b803d05a60f64972e9222c00dededc9ea97610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v561d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="lacos_de_familia_capitu_tapa_clara_5d9bccd552a50417bce74b0f4b667cdeee78d615.jpeg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36768
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
odete_morre3.jpg
1.bp.blogspot.com/-KgUJoYpNarY/X-4Z3WzKKCI/AAAAAAAAVi4/SEye3yC1opAXPyAGAGmEUgvAXuCHrHQnwCNcBGAsYHQ/w640-h480/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-KgUJoYpNarY/X-4Z3WzKKCI/AAAAAAAAVi4/SEye3yC1opAXPyAGAGmEUgvAXuCHrHQnwCNcBGAsYHQ/w640-h480/odete_morre3.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4c976a5618015477fb20c35910f59339a3435623098a846392030bc0930fa1ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v562f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="odete_morre3.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40226
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
oglobo%2B1%2B1%2B89.png
1.bp.blogspot.com/-4LCjzHNURaM/X-4D2X6_hOI/AAAAAAAAViY/Yhe2kMirpDAiHtTRcgPCScklVLWM1TTIQCNcBGAsYHQ/w404-h640/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-4LCjzHNURaM/X-4D2X6_hOI/AAAAAAAAViY/Yhe2kMirpDAiHtTRcgPCScklVLWM1TTIQCNcBGAsYHQ/w404-h640/oglobo%2B1%2B1%2B89.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
862326f6620eb7ec58dc3362f87865ed0bf8d8f549065002b4eb006601bbda3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5627"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="oglobo 1 1 89.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
181557
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
1546457345370.webp
1.bp.blogspot.com/-HlAbtkg9l4o/X-4FNbsikWI/AAAAAAAAViw/2goxjyu5h9QduP6SJgAbYW6hcaYZGQg5ACNcBGAsYHQ/w414-h640/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-HlAbtkg9l4o/X-4FNbsikWI/AAAAAAAAViw/2goxjyu5h9QduP6SJgAbYW6hcaYZGQg5ACNcBGAsYHQ/w414-h640/1546457345370.webp
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
91732bbfa2defe50c060ec39776f7be1a25aa2481bcc774897af9a97913476fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v562d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="1546457345370.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125040
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
7173008.jpg
1.bp.blogspot.com/-WPzNHrKDQM8/X-4ElmscYTI/AAAAAAAAVig/rTkwAPLpdOgySBHnb_d4cLTPpNa7nn6oACNcBGAsYHQ/w474-h640/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-WPzNHrKDQM8/X-4ElmscYTI/AAAAAAAAVig/rTkwAPLpdOgySBHnb_d4cLTPpNa7nn6oACNcBGAsYHQ/w474-h640/7173008.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
09fb106b3e1cd59ae8435f01bbf54e54b435c90db63d565a5f6508dc9f8e6a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5629"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="7173008.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81043
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
469653-400x600-1.jpeg
1.bp.blogspot.com/-p4dxmSKdScU/X-4E6flkVAI/AAAAAAAAVio/tmBQ4Tm32NYy06mKU8yd4V92rUa8Z_ElQCNcBGAsYHQ/w424-h640/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-p4dxmSKdScU/X-4E6flkVAI/AAAAAAAAVio/tmBQ4Tm32NYy06mKU8yd4V92rUa8Z_ElQCNcBGAsYHQ/w424-h640/469653-400x600-1.jpeg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
58b6698a230b7a1f352cf5f8d5c9ec33877931270c1c2f8eb4ce0728779bda0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v562b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="469653-400x600-1.jpeg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86332
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
lacos-de-familia-edu-camila-helena.webp
1.bp.blogspot.com/-wbi68RMiHvQ/X-sicKRz-lI/AAAAAAAAVhg/oPK21pQhtcQuQdblGZ1lat8wCLgn7bHygCPcBGAYYCw/w640-h424/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-wbi68RMiHvQ/X-sicKRz-lI/AAAAAAAAVhg/oPK21pQhtcQuQdblGZ1lat8wCLgn7bHygCPcBGAYYCw/w640-h424/lacos-de-familia-edu-camila-helena.webp
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b4de522d6cb3b930bd959e8c7b60a8f1ac45ad524f802f455e553bf8d7ddb9be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5618"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="lacos-de-familia-edu-camila-helena.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51658
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
duelo-de-viloes-guilherme-fontes-como-alexandre-em-a-viagem-1370478075404_300x420.jpg
1.bp.blogspot.com/-3TyYxsuKwd8/X-oMEwuE5zI/AAAAAAAABdU/kEN4NZHaxYUnNY8d8xvxi4Sv_05lnKZxwCLcBGAsYHQ/w456-h640/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-3TyYxsuKwd8/X-oMEwuE5zI/AAAAAAAABdU/kEN4NZHaxYUnNY8d8xvxi4Sv_05lnKZxwCLcBGAsYHQ/w456-h640/duelo-de-viloes-guilherme-fontes-como-alexandre-em-a-viagem-1370478075404_300x420.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e54c1d18899bf482e345658bfa0ae864ed0da7fb18d0403830c23876af2cf353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5d6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="duelo-de-viloes-guilherme-fontes-como-alexandre-em-a-viagem-1370478075404_300x420.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45948
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
Green%2BPhoto%2BRustic%2BMasculine%2BFashion%2BTwitter%2BPost%2B%25287%2529.png
1.bp.blogspot.com/-D8zaLi7fg9w/X-oLqfpnWbI/AAAAAAAABdQ/8bfYMndgAvYvxycuWvkKFEL9F8hrRc_ywCPcBGAYYCw/w640-h360/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-D8zaLi7fg9w/X-oLqfpnWbI/AAAAAAAABdQ/8bfYMndgAvYvxycuWvkKFEL9F8hrRc_ywCPcBGAYYCw/w640-h360/Green%2BPhoto%2BRustic%2BMasculine%2BFashion%2BTwitter%2BPost%2B%25287%2529.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
134cc6354d0b698662d138a0b54c259dd1804275a7fdc3e935f164514db3fbc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v5d4"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Green Photo Rustic Masculine Fashion Twitter Post (7).png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136147
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
walcyr%2Bcarrasco%2Be%2Bbenedito%2Bruy%2Bbarbosa.jpeg
1.bp.blogspot.com/-d2KB-UZc7dQ/X-IHPbEmpgI/AAAAAAAABb8/niYyF_QW19UlXH-8qsbF3jhjLvhS5MsUwCLcBGAsYHQ/w640-h444/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-d2KB-UZc7dQ/X-IHPbEmpgI/AAAAAAAABb8/niYyF_QW19UlXH-8qsbF3jhjLvhS5MsUwCLcBGAsYHQ/w640-h444/walcyr%2Bcarrasco%2Be%2Bbenedito%2Bruy%2Bbarbosa.jpeg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8ba5408857ce1d634124b13a42f551073dea16237d8b7f405871fc1905cfec53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5c0"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="walcyr carrasco e benedito ruy barbosa.jpeg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82247
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
lacos-de-familia-simone-capitu.jpg
1.bp.blogspot.com/-viZZVWvYSBw/X7VDD6Lx7EI/AAAAAAAABUk/7fHKMemz0yQuqjyJ4St1WkolHHy1zRmewCLcBGAsYHQ/w640-h426/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-viZZVWvYSBw/X7VDD6Lx7EI/AAAAAAAABUk/7fHKMemz0yQuqjyJ4St1WkolHHy1zRmewCLcBGAsYHQ/w640-h426/lacos-de-familia-simone-capitu.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4e9927f47445d94c2f1a4ff82c65073aeae6cf07ff600cf4baea73324c192671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v54a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="lacos-de-familia-simone-capitu.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25105
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
3.jpg
1.bp.blogspot.com/-0qzkzT71vhA/XW7sSS1cKoI/AAAAAAAAUlc/jZiMo_6G67MNE8fiXaTsgazd1F2vhIinwCLcBGAs/s640/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0qzkzT71vhA/XW7sSS1cKoI/AAAAAAAAUlc/jZiMo_6G67MNE8fiXaTsgazd1F2vhIinwCLcBGAs/s640/3.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5ffcd3892ff7886f7fc92f8b435ef7a346cc804352ea30ab7737352432a29788
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5259"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="3.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98130
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
5.jpg
1.bp.blogspot.com/-FM7kfjGymik/XW7sSZIgbaI/AAAAAAAAUlg/o8zXkEYjDbM994O_s6oBxqhd5Wp7NE12QCLcBGAs/s640/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-FM7kfjGymik/XW7sSZIgbaI/AAAAAAAAUlg/o8zXkEYjDbM994O_s6oBxqhd5Wp7NE12QCLcBGAs/s640/5.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d23fa7edc0185958276ca5d3fe63d62a79f9c4661fb10eff2a8eb990be2ae162
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5259"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="5.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102360
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
vera%2Be%2Ba%2Bpug.jpg
2.bp.blogspot.com/-M5qhLMsE-Zo/XW7xrFjBDKI/AAAAAAAAUlw/vMDC_uHHJHszNe5qtyXCdfTYl7uhDEjAgCK4BGAYYCw/s640/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-M5qhLMsE-Zo/XW7xrFjBDKI/AAAAAAAAUlw/vMDC_uHHJHszNe5qtyXCdfTYl7uhDEjAgCK4BGAYYCw/s640/vera%2Be%2Ba%2Bpug.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
61df6b7bb1675795b00b41d8c3fa8167ba363b455e27a5b0b3137f6d7ea9968c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v525d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="vera e a pug.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115737
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
3.jpg
1.bp.blogspot.com/-0qzkzT71vhA/XW7sSS1cKoI/AAAAAAAAUlc/jZiMo_6G67MNE8fiXaTsgazd1F2vhIinwCLcBGAs/w680/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0qzkzT71vhA/XW7sSS1cKoI/AAAAAAAAUlc/jZiMo_6G67MNE8fiXaTsgazd1F2vhIinwCLcBGAs/w680/3.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
103da76a226900b8e948ac0ee6f67114cf7c5d3bc2ce5c5bd2b32d2ed434924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5259"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="3.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106357
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
karina%2Bpereira.png
1.bp.blogspot.com/-Bk5qA1IvqcA/YGSkwGLeBTI/AAAAAAAAWJ0/2PdkTYgVMscG_dRypoyEyo0UKu_nroIGgCNcBGAsYHQ/w640-h320/ 		278 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Bk5qA1IvqcA/YGSkwGLeBTI/AAAAAAAAWJ0/2PdkTYgVMscG_dRypoyEyo0UKu_nroIGgCNcBGAsYHQ/w640-h320/karina%2Bpereira.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ad4a26210c8a3df59cc76a8e31301ac61ca0baada3b270942a343cbce4a2f2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v589e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="karina pereira.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284623
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
bbb21.jpg
1.bp.blogspot.com/-_d6t2AOyTVc/YGM4F95UMoI/AAAAAAAAWJU/3Xfm4ZjJDMgHXhzR38WWBxytwL36RlyWgCNcBGAsYHQ/w640-h360/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-_d6t2AOyTVc/YGM4F95UMoI/AAAAAAAAWJU/3Xfm4ZjJDMgHXhzR38WWBxytwL36RlyWgCNcBGAsYHQ/w640-h360/bbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ee284a19ae791a104f61073ed480ac6d50097a5808840e0a27b4a43582dee165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5896"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36251
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
redebbb.jpg
1.bp.blogspot.com/-0XBCMe-b_24/YGJmfQ36MjI/AAAAAAAAWI8/5B39snptHBMQ0xTCrcpkeXneJ48qTSHpgCNcBGAsYHQ/w640-h360/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-0XBCMe-b_24/YGJmfQ36MjI/AAAAAAAAWI8/5B39snptHBMQ0xTCrcpkeXneJ48qTSHpgCNcBGAsYHQ/w640-h360/redebbb.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2aa4eeebe439e55b1e5ccc55a3779132e564c4dc381a6394118d230a116d8a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
x-content-type-options
nosniff
server
fife
etag
"v5890"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="redebbb.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84242
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:47 GMT
ana%2Bbbb21.jpg
1.bp.blogspot.com/-1LKCXUmWGQA/YGJqhQsfJbI/AAAAAAAAWJM/IOhpsY-YCrINQo_BAnmrNUlkfl7qeOLEQCNcBGAsYHQ/w512-h640/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-1LKCXUmWGQA/YGJqhQsfJbI/AAAAAAAAWJM/IOhpsY-YCrINQo_BAnmrNUlkfl7qeOLEQCNcBGAsYHQ/w512-h640/ana%2Bbbb21.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d02667136739e260cb775558825fa667cf6523afa2c9f1bef577e6fb113d23f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v5894"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="ana bbb21.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120002
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
bbb18-ana-clara-ayrton.jpg
1.bp.blogspot.com/-hvRLJDuR1lE/YGJn7RNhwbI/AAAAAAAAWJE/lkkJ_CiTdNQp9frEsvKX_KXwFts7ICvfQCNcBGAsYHQ/w640-h360/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-hvRLJDuR1lE/YGJn7RNhwbI/AAAAAAAAWJE/lkkJ_CiTdNQp9frEsvKX_KXwFts7ICvfQCNcBGAsYHQ/w640-h360/bbb18-ana-clara-ayrton.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f40c95f98471d615ae5495502c6fcfc038aca7d8456e052c9084b857e9337132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
x-content-type-options
nosniff
server
fife
etag
"v5892"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="bbb18-ana-clara-ayrton.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68121
x-xss-protection
0
expires
Sun, 25 Apr 2021 20:38:48 GMT
3.df5fb226.chunk.js
unruffled-brown-9d316c.netlify.app/static/js/ Frame 6B41 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://unruffled-brown-9d316c.netlify.app/static/js/3.df5fb226.chunk.js
Requested by
Host: plugin.bebeofertas.com.br
URL: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
efe08dbd-eef5-463e-9809-d846ff8a450c
date
Sat, 24 Apr 2021 20:38:47 GMT
server
Netlify
age
0
content-length
0
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 3A45 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:47 GMT
48866f56c36f2f5453044fdef767cde4.jpg
a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/ Frame 3A45 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/48866f56c36f2f5453044fdef767cde4.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b881b1549cbedc986afc9ade49198c81e5833c577d19a8f94a95d09ea0f764e0

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
server
Azion IMS
x-original-image-size
92429
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
7380
expires
Sun, 25 Apr 2021 20:38:47 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 3A45 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:47 GMT
54df8e016524bd267ebb7e5286455e7a.jpg
a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/ Frame 3A45 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/54df8e016524bd267ebb7e5286455e7a.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
1f84b54c6aff620cca928821bd60b184162a2c81d4c94b73aa49772e6eca0ade

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
server
Azion IMS
x-original-image-size
52648
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
4262
expires
Sun, 25 Apr 2021 20:38:47 GMT
a5d224728dd0962b7d5234517f0507f1.jpg
a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/ Frame 3A45 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/a5d224728dd0962b7d5234517f0507f1.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
920ca2c6a8cdb2e958766631164526f5cf0fd539e484e1d51c06feac3b784291

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
server
Azion IMS
x-original-image-size
68775
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
3650
expires
Sun, 25 Apr 2021 20:38:47 GMT
bff8fe9aba31eb49924ba022f266e396.jpg
a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/ Frame 3A45 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/bff8fe9aba31eb49924ba022f266e396.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
fe9fdaf933bfef4a66a96a5d0335067cac85205a93fa9fb217d2850709d2f48c

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
server
Azion IMS
x-original-image-size
64234
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
1832
expires
Sun, 25 Apr 2021 20:38:47 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame 3A45 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:47 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F1D6 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Apr 2021 01:32:03 GMT
x-content-type-options
nosniff
server
cafe
age
68804
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sun, 25 Apr 2021 01:32:03 GMT
200x200
ad.lomadee.com/banners/superofertas/ Frame 25EA 		243 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.lomadee.com/banners/superofertas/200x200
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=36890606&dimension=25&width=200&height=200&method=1&advertisers=5644&tags=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9160671c88504da1d044607d712e4f8d479fe1d522bdb4ad59dae410bf2d2faa

Request headers

Referer
https://ad.lomadee.com/banner/view?sourceId=36890606&dimension=25&width=200&height=200&method=1&advertisers=5644&tags=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
a82sT2v9aI6lSq8sz7muafezeg2Sl42K_ERk_FwOeDypj0N-HuCIwA==
x-cache
Error from cloudfront
content-type
application/xml
analyze.js
statistcdn.com/ Frame 25EA 		0
0
analytics.js
www.google-analytics.com/ Frame 25EA 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ad.lomadee.com
URL: https://ad.lomadee.com/banner/view?sourceId=36890606&dimension=25&width=200&height=200&method=1&advertisers=5644&tags=25
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ad.lomadee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3494
date
Sat, 24 Apr 2021 19:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 24 Apr 2021 21:40:33 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame CE35 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:36:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame CE35 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:33:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CE35 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame CE35 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:35:36 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6BB0 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74faf3dba15909820c656f6c8a266891f47becd215f5d1d43b1855577e76584
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/11575576717432054682/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sun, 18 Apr 2021 05:12:51 GMT
expires
Mon, 18 Apr 2022 05:12:51 GMT
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
16673
age
573956
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame AF3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFdCu14GEYJynA4iIrASZzQ3LmZLxYeTgooOGDp_VmM_aGRABIMOL5ClglQKgAZ_n0vkCyAEJqQLomteo8Uu0PqgDAcgDSKoEwgFP0Bm27b9v-2VpgQOy3EVE1GTH_IIt0NsuNMfTVeCLnhKqYXa7GWJaJGWA6xMVxWoltdfrYVvZarmjDiJNtwF0OjdaQnSqXh0a_mV3yv9JICkUbtxMQxwAmz5m2UcS8iY0McZR22g97G6rqXDCtDb5GfKikBD4xcJNdHV0YISlujWCeqplXtDVrjYYOikek9eo23pIdAOl-YyEkMBAplFtHhcp3lkt3KuFxMF0ckTGs8RV6lJYl0qArWxvUdN84-3CA8AE1_HutbADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8mYrYYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEO3sB9IICQiA4YBwEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0zOTMyODUxMTEyODA3Nzk5&sigh=g15UdOaZnQE&template_id=419
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 24 Apr 2021 20:38:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame AF3F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:36:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AF3F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:33:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF3F 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AF3F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:35:36 GMT
17920459547613087516
tpc.googlesyndication.com/simgad/ Frame 33D2 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17920459547613087516
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c0d3166dffce0c168ce16d402623da5e84691a3032431d19b9e81d6a1867867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 00:44:36 GMT
x-content-type-options
nosniff
age
417251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23575
x-xss-protection
0
last-modified
Tue, 23 Feb 2021 14:33:48 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 00:44:36 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 33D2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:36:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 33D2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:33:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 33D2 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 33D2 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:35:36 GMT
l
www.google.com/ads/measurement/ Frame 33D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTq_BEYYlw_QRc6FrSsmvQTOvo7s1dP6It2R1azNt9hp5XZVFb7bwV7C2fW-AfdC9_mtBDy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 33D2 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 07:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10420
x-xss-protection
0
server
cafe
etag
5410920360913075790
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 07:21:54 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 33D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3j4q14GEYMW9GLyEjuwP-sGYgA2UxcWdYuuD2JqnDQoQASDDi-QpYJUCoAGO57nVAcgBA6kC6JrXqPFLtD6oAwHIA8kEqgS5AU_QvihFTu0S2Jug0smCAl7jVQjUM-sTcPv6WBlBeG5-bHY3QT9j-VDaUUtgCjpzx9Vb-VudpVxGqoY7IOnQ5UoBJbO5TJSvlSob8h_YB4Nx79KCCGIEOz5--RiNQyBbUKWkjvdwMH9nM_lHHfMSQVmNIRCSXI5JwD0_eSgWBW6eGmYJDFt0jYG-clfIBJUnSNAMnSQyTyHHbD6ACB7p4v-CSRI4-Y_4l9iBXS3RDkpNI21PA_j7zfDKwATRtLbktQOSBQQIBBgBkgUECAUYBKAGA4AH2pjGqgKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQn84G0ggJCIDhgHAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTM5MzI4NTExMTI4MDc3OTk&sigh=OvQHJzbRl24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 24 Apr 2021 20:38:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		86 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566af4e3b3a178c76efd695efb2daf41c281ae784f6e5dee103e6fa952469ec2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/78096498092133154/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 20 Apr 2021 02:02:50 GMT
expires
Wed, 20 Apr 2022 02:02:50 GMT
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
18521
age
412557
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
main.f7fdfbf1.chunk.js
unruffled-brown-9d316c.netlify.app/static/js/ Frame 6B41 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://unruffled-brown-9d316c.netlify.app/static/js/main.f7fdfbf1.chunk.js
Requested by
Host: plugin.bebeofertas.com.br
URL: https://plugin.bebeofertas.com.br/index.html?sourceId=36901826
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d26:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash

Request headers

Referer
https://plugin.bebeofertas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
25a72802-79ad-4636-b14f-abf0761e771a
date
Sat, 24 Apr 2021 20:38:48 GMT
server
Netlify
age
1
content-length
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame E376 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnEvxz-3kbEE2F69P9bDS2jnw9ziOeXqTlRKZWALyRd7C9kwS5IE2Sdg9tnYGE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Apr 2021 20:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
568
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CE35 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff14dc06239d90568e5b61c549b715be98492cd8daa953e3b3288c1f208d68e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame FDE6 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Apr 2021 20:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
568
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame F604 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Apr 2021 20:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
568
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame AF3F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92fe6706dae6f601967551b9c37150612efa92294f8e056ac92939f232ca5605

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 33D2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f52a97d101881d081cdba645d930e348d474e886830b6d2fd578b14df00e2c3c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/ Frame AF5A 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32f061a752b770dfd7de8090a4752c6d810ba68bff50ab6a645a5a259eddf4cd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/5441334610969689380/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3834
date
Mon, 19 Apr 2021 23:50:24 GMT
expires
Tue, 19 Apr 2022 23:50:24 GMT
last-modified
Wed, 18 Nov 2020 07:35:35 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
420504
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 9A7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C89PE14GEYPusGIWgrATdv4ZY04K5jWGw7Oqpywy36aK9wAEQASDDi-QpYJUCoAHjivalAsgBCakC6JrXqPFLtD6oAwHIA0iqBLwBT9AMFFI9eTbuInnxeORBDW_TrI_2WnJirC0t_AIXwXtq0B8O-cPIxpSZOJ0wCSyMBx9PC63zACxXD4zDVFdjJ7PtF8etWnvhax8F_x9rg4aP9BohiUhqdda2QzADukO_ehgNnVuv4_V09oIUWeC_Fs6BDVcfK_XwvwAA0zQdTQs8TOtrFal8VRHeWKciXXNbD8pKoqGebqZVfMOATEnPzofUiH4qCRJCx8IjXhPYO3LxjLjOtJ7KE5vZpQvABIn6kZeKA5IFBAgEGAGSBQQIBRgEoAYugAeF9YnaAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCc0QbSCAkIgOGAcBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItMzkzMjg1MTExMjgwNzc5OQ&sigh=IPi-C_r1FS0&template_id=419
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 24 Apr 2021 20:38:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 9A7B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:36:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 9A7B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:33:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A7B 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 9A7B 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:35:36 GMT
l
www.google.com/ads/measurement/ Frame 9A7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSb0OECGheLuk_CdYBhd2Jxt6DRB4yZGYn1pVn2_q1L7Ru8h_q0T0O2XLiYlo4hbGA5CDvc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame EE03 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:48 GMT
48866f56c36f2f5453044fdef767cde4.jpg
a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/ Frame EE03 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/48866f56c36f2f5453044fdef767cde4.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b881b1549cbedc986afc9ade49198c81e5833c577d19a8f94a95d09ea0f764e0

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
server
Azion IMS
x-original-image-size
92429
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
7380
expires
Sun, 25 Apr 2021 20:38:48 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame EE03 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:48 GMT
54df8e016524bd267ebb7e5286455e7a.jpg
a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/ Frame EE03 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/54df8e016524bd267ebb7e5286455e7a.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
1f84b54c6aff620cca928821bd60b184162a2c81d4c94b73aa49772e6eca0ade

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
server
Azion IMS
x-original-image-size
52648
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
4262
expires
Sun, 25 Apr 2021 20:38:48 GMT
a5d224728dd0962b7d5234517f0507f1.jpg
a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/ Frame EE03 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/a5d224728dd0962b7d5234517f0507f1.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
920ca2c6a8cdb2e958766631164526f5cf0fd539e484e1d51c06feac3b784291

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
server
Azion IMS
x-original-image-size
68775
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
3650
expires
Sun, 25 Apr 2021 20:38:48 GMT
bff8fe9aba31eb49924ba022f266e396.jpg
a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/ Frame EE03 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/bff8fe9aba31eb49924ba022f266e396.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
fe9fdaf933bfef4a66a96a5d0335067cac85205a93fa9fb217d2850709d2f48c

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
server
Azion IMS
x-original-image-size
64234
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
1832
expires
Sun, 25 Apr 2021 20:38:48 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame EE03 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:48 GMT
css
fonts.googleapis.com/ Frame B9F7 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 19:35:39 GMT
server
ESF
date
Sat, 24 Apr 2021 20:38:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Apr 2021 20:38:48 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame B68E 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74faf3dba15909820c656f6c8a266891f47becd215f5d1d43b1855577e76584
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/11575576717432054682/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Sun, 18 Apr 2021 05:12:51 GMT
expires
Mon, 18 Apr 2022 05:12:51 GMT
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
16673
age
573957
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 966F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CET4V14GEYOevGIjm3wPj-7a4B8uZkvFh5OCig4YOqbj4vrUaEAEgw4vkKWCVAqABn-fS-QLIAQmpAuia16jxS7Q-qAMByANIqgTCAU_QkLheu8LGEBdetvHtMboy7U0kEP2RyVP0BVvopLU8eLyGC88AUGa605N8DA50XjwtLoH-250tSWgMAQ1mUceD8wzD1W1aBcPn1s5EaEg1iYBwBaAyNiJnFaLqaZPJGtt_t6iCAHMtFyOr9zI-3w0amfZFx5rXZugDMtdj4bXvCH1tcN7nTP9vObgqFqd9T_GyM8vqZ7WPt2rjTkbVcAgOAFwwAy2AaSzqMm2ANgk9Yhw-ecqNsLPgPcOIYEDGMq50wATX8e61sAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHyZithgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ2bgD0ggJCIDhgHAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTM5MzI4NTExMTI4MDc3OTk&sigh=Qs_BcKpB1yw&template_id=419
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 24 Apr 2021 20:38:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 966F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:36:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 966F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:33:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 966F 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 966F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:35:36 GMT
l
www.google.com/ads/measurement/ Frame 966F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-ShFTVX4RqYPzNPphcpnZ9fIqXJh7-4Fm35SYjs73ezuHca1VOD-zWOoBAOX1TeRssQB8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame B9F7 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1026
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:21:42 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame B9F7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:36:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame B9F7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:33:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B9F7 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame B9F7 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:35:36 GMT
l
www.google.com/ads/measurement/ Frame B9F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7rO70W7iSjSP4EcqJLA6TKoLEYo89d-o954Rzu0QRLDQbkS0s9F1l7st_MTvlyPCpTHrR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b42b11247d0ebeb7b44892ca7e629453.js
www.gstatic.com/mysidia/ Frame B9F7 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 03:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 07:12:01 GMT
server
sffe
age
146927
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10497
x-xss-protection
0
expires
Thu, 22 Jul 2021 03:50:01 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4003270628239899242/ Frame B9F7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4003270628239899242/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5480be640bf1f4185810dcee5740d164aa6056ad176a0ae002f17073703acb0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 03:09:23 GMT
x-content-type-options
nosniff
age
322165
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16044
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 12:57:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 03:09:23 GMT
truncated
/ Frame B9F7 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6BB0 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 25 Apr 2021 17:09:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6BB0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Apr 2021 23:11:01 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7490 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 25 Apr 2021 17:09:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7490 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Apr 2021 23:11:01 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 19AE 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Apr 2021 20:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
569
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9A7B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffb79e363e2bc6e25d4360fbc943aeb0a5321d6a0236fb392bbe02a1c51a6a62

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 149B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Apr 2021 20:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
569
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 966F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60e87bef5ff3def8796520e78dd2fdbe449a3dce90c97c7588f113d8958ea29d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B9F7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
537b0b959771dccf7467f012d12cbdfae54e2cdda84eb8e3d473545945387584

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame CE35 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CaAXZ14GEYMWwA5KPrASCqZOQBZmlto5i36XH6_sM_MG1q64BEAEgw4vkKWCVAqAB5rC9vwPIAQmpAuia16jxS7Q-qAMByANIqgTAAU_Q0aLcWQmSCWkqjYKZca71vxw04eg1KcwhkFK_loTDg400V0UbqlmKgqNcFuZcKJBHBpoyvwgY3dXh1nJTcDVsyTEb9Giz-d76oNRdhUGGuRzQuaePEKMmbExDvxss9Z5P59wxc2CK1NgmXqUGjgAVRa3_tCE60bPNfBdcEa2mTp8fAlO8a8droxdsJdM9BPjXX60NfqQtvqfWPwMx4h28HZay17RpPInBvUeGOnZUIW_2v0H2j-jE7bwKVj6X6cAEqd6vxMEDkgUECAQYAZIFBAgFGASgBi6AB4LPwkCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQiuQE0ggJCIDhgHAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTM5MzI4NTExMTI4MDc3OTk&sigh=SNonMHyYg_8&template_id=419&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 24 Apr 2021 20:38:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame E61E 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/5442514344972767536/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2960
date
Fri, 23 Apr 2021 22:04:17 GMT
expires
Sat, 23 Apr 2022 22:04:17 GMT
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
81271
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 4B39 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDqew14GEYKzSF_qMjuwPzvKcsAaNpPKkYcaqg96rDbP5_avbFhABIMOL5ClglQKgAaPWsMQDyAEJqQLomteo8Uu0PqgDAcgDSKoEwAFP0D5aUm92UZcke_173Tyvll0P_BBq6D50OyGru_GC-xUOIkkAVgzLLgiCPQGuvC1FRJJjjwr15CB3h1pl5cM3XAbWk_zZtcImhFRFAl8t6Yyo2aAXPAOnI_g9gtJ3ad2NEOR0SOPBvususmlD8P0lfCl66nRZsc22zvx5-CkwR38e4sMFVbgwPHZ6Jk9DuFy96Xj3BFlhO5jqYmd_G-t0Poa28_SGst2U77V0BrvYUTefp4x52Uf8dkLsMH9ugvjABMfPtL6yApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfFqc87qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENj1BtIICQiA4YBwEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0zOTMyODUxMTEyODA3Nzk5&sigh=zDfNJ3ndauw&template_id=419
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 24 Apr 2021 20:38:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 4B39 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:36:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 4B39 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:33:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B39 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 4B39 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 08 May 2021 20:35:36 GMT
l
www.google.com/ads/measurement/ Frame 4B39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROiw7I8ZuXODDwNsHbAJ1sVpjrp1AdXuwcBbZjyWzKqH9utLrpJl87EcoylHGkeIudhECV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame AF5A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75883
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Apr 2021 23:34:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AF5A 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Apr 2021 23:11:01 GMT
f1cf82b3e1d2c43b615bcb7c050803c2.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/ Frame AF5A 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/f1cf82b3e1d2c43b615bcb7c050803c2.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f84d507040c51a23f01b1ca715a70cba443c6e0ad0321df9c69292b4bc0f50
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
162899
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20029
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 07:35:35 GMT
server
sffe
date
Thu, 22 Apr 2021 23:23:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 23:23:49 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B68E 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:09:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 25 Apr 2021 17:09:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B68E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Apr 2021 23:11:01 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B9F7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
190999
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:29 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B9F7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
576925
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 18 Apr 2022 04:23:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B9F7 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C92Gg14GEYKzqF4mR3wPx6J_ADMOe8KZiv9XNpOYN1e7O_9siEAEgw4vkKWCVAqAByOy05QPIAQmpAuia16jxS7Q-qAMByAPLBKoEvgFP0Gc5EQyLlqCczikm8Z7ivZ-6WX0bMW2ptxQGYEGDjDm60knsEarTVgpRUP-KsUmA24miEO1_0nkVHaWtLWOjtDm-4_0vfziTGQyLp0CQ8qpDIXp_DfhmqKWW-O8G0IDhYoZoNclWtxfJ67l02AzR73OnjdWZCyMgIcYoyjwau6A_lxrkT9Qy6G4jHd7hJTXVxkFgY5pFrDUFGQ1tC0kOi482-h7pQXIVhI1-8FdjA1vuZ2bS1hukehd5H4ZjwASzjo2EwwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHoJPLGqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCtyQjSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMzkzMjg1MTExMjgwNzc5OQ&sigh=tg-o7wS2PfQ&template_id=484&cbvp=2&vis=1
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 24 Apr 2021 20:38:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame E376
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 24-Apr-2021 21:38:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 0EBF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=353560496&pi=t.aa~a.3359110186~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280&nras=3&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Jg8zfjVP0o&p=https%3A//www.geraldopost.com&dtd=20
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
96591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 23 Apr 2022 17:48:57 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame CBCE 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 24 Apr 2021 20:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
569
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame FDE6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 24-Apr-2021 21:38:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame AF5A 		4 KB
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Raleway:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/f1cf82b3e1d2c43b615bcb7c050803c2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1d20ceb25025aa2ffa365bafcfd11c395a1b9ca21f54c8013db0f5f6850eaf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 20:38:48 GMT
server
ESF
date
Sat, 24 Apr 2021 20:38:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Apr 2021 20:38:48 GMT
559e593dd6676836019ca4def06b4e15.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/media/ Frame AF5A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/media/559e593dd6676836019ca4def06b4e15.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5441334610969689380/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9ff1264e1843b27efa9e6466f13e73009e0bd9bdc38fabd7041b16c71ed10b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
165114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10013
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 07:35:35 GMT
server
sffe
date
Thu, 22 Apr 2021 22:46:54 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 22:46:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F604
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 24-Apr-2021 21:38:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 56BC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=153&adk=1885550448&adf=3068256048&pi=t.aa~a.758916835~rp.4&w=770&lmt=1619163522&nsk=ed3aeb01&rafmt=11&pwprc=9623938543&psa=0&ad_type=text_image&format=770x153&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=1&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280%2C370x280&nras=6&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=2274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=bVP7qTqlbS&p=https%3A//www.geraldopost.com&dtd=29
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
96591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 23 Apr 2022 17:48:57 GMT
truncated
/ Frame 4B39 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
781cea1df9131b01bf722e30ce0df7bc4716dee40366614493317f3dd7e0a02c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame FCE4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:48 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame FCE4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:48 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame FCE4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:48 GMT
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 6BB0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
96591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 23 Apr 2022 17:48:57 GMT
cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6BB0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/cta_DE.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
365323
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8540
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Tue, 20 Apr 2021 15:10:05 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 15:10:05 GMT
fechas_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6BB0 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fechas_vertical_DE.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
573190
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13906
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Sun, 18 Apr 2021 05:25:38 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 05:25:38 GMT
experiencia_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6BB0 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/experiencia_vertical_DE.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
179702
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15206
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Thu, 22 Apr 2021 18:43:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 18:43:46 GMT
summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6BB0 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/summercamp_vertical_DE.png
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
340144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16162
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Tue, 20 Apr 2021 22:09:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 22:09:44 GMT
fondo300x250_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame 6BB0 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fondo300x250_1.jpg
Requested by
Host: www.geraldopost.com
URL: https://www.geraldopost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1661c6d01207f8e58d4babdc4f2352b965ef741777cddbb0319745fcf75ad933
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
365323
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96133
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Tue, 20 Apr 2021 15:10:05 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 15:10:05 GMT
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 7490 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
96591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 23 Apr 2022 17:48:57 GMT
Element_30.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_30.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f2188a40d661fbfc65861b22187ec21e37e65ae4520274dc4d84b971d5e9a95
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
190984
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2011
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Thu, 22 Apr 2021 15:35:44 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:44 GMT
Element_31.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_31.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b9ba20fc2492e59160f17f7e54141a1e7005f4f3df8dbada5826ba2b70abdf4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
190998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2000
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Thu, 22 Apr 2021 15:35:30 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:30 GMT
Element_22.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_22.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24743bed02587747939aa125d9b36b01eb3f6c8a679f3ac7abd44e33d3c0f320
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
574856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1077
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Sun, 18 Apr 2021 04:57:52 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 04:57:52 GMT
Element_21.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		246 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_21.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cccdfc9685c82f9da35b309e421801f5503721b4b8651f35145b81d829c2904
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
165794
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Thu, 22 Apr 2021 22:35:34 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 22:35:34 GMT
Element_14_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_14_2.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc5fb9f3f03b87b14d7ab37b3f0d3a156649abd7b740cfa32faab7da33dc00f8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
578345
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1735
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Sun, 18 Apr 2021 03:59:43 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 03:59:43 GMT
Element_8_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		489 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_8_1.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0188fab720f1334270627cccac2585f2b94617812e6dcf51ec5e69e68d73d080
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
345101
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Tue, 20 Apr 2021 20:47:07 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 20:47:07 GMT
Element_16_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		470 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_16_1.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
451eeb3a16182e4f5ab0f67ffd585f78d1f0251af49a1efb24cf7384af3c88e7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
190469
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
270
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Thu, 22 Apr 2021 15:44:19 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:44:19 GMT
Element_15_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_15_1.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab2ef986feb77abadf3bc5d66f6b465efe5e4fa46887de8439ab1210c838b03c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
190984
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2242
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Thu, 22 Apr 2021 15:35:44 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:44 GMT
Element_14_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame 7490 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_14_1.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3148cdea46438ed09146552a04ed07050ef1cabbd95e0b2033acbfc7deb0a8d2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
339314
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1398
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 15:42:55 GMT
server
sffe
date
Tue, 20 Apr 2021 22:23:34 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 22:23:34 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E61E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75883
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Apr 2021 23:34:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E61E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Apr 2021 23:11:01 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E61E 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Apr 2021 20:38:48 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame AF5A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Raleway:600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 23:35:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
age
421415
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
expires
Tue, 19 Apr 2022 23:35:13 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2
fonts.gstatic.com/s/raleway/v19/ Frame AF5A 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Raleway:600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4012fdcbe9804fb76be489414b5d7fa6fc0a492ac676d9105b41e1dc73208395
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 00:55:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 23:34:59 GMT
server
sffe
age
416598
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21364
x-xss-protection
0
expires
Wed, 20 Apr 2022 00:55:30 GMT
truncated
/ Frame AF5A 		300 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f36654c4fc0df1a3cd1786b08ba11bbd67302624b1206028406244eccd1adb3d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 19AE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1224991949&pi=t.aa~a.2576666486~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280&nras=4&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3519&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=yK07TFZrzr&p=https%3A//www.geraldopost.com&dtd=23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 24-Apr-2021 21:38:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 149B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=2918459407&adf=2042167536&pi=t.aa~a.1156542233~rp.1&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=781&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0%2C370x280%2C370x280%2C370x280&nras=5&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=4565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=3epwuGXxrt&p=https%3A//www.geraldopost.com&dtd=26
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 24-Apr-2021 21:38:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6BB0 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame B68E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
96591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 23 Apr 2022 17:48:57 GMT
cta_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame B68E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/cta_DE.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
365323
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8540
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Tue, 20 Apr 2021 15:10:05 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 15:10:05 GMT
fechas_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame B68E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fechas_vertical_DE.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
573190
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13906
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Sun, 18 Apr 2021 05:25:38 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 05:25:38 GMT
experiencia_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame B68E 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/experiencia_vertical_DE.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
179702
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15206
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Thu, 22 Apr 2021 18:43:46 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 18:43:46 GMT
summercamp_vertical_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame B68E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/summercamp_vertical_DE.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
340144
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16162
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Tue, 20 Apr 2021 22:09:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 22:09:44 GMT
fondo300x250_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/ Frame B68E 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/fondo300x250_1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11575576717432054682/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1661c6d01207f8e58d4babdc4f2352b965ef741777cddbb0319745fcf75ad933
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
365323
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96133
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 13:27:08 GMT
server
sffe
date
Tue, 20 Apr 2021 15:10:05 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 15:10:05 GMT
imagesuv0myt5eb1rnnbxsp1ds.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame E61E 		906 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/imagesuv0myt5eb1rnnbxsp1ds.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
167293
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
906
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
server
sffe
date
Thu, 22 Apr 2021 22:10:35 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 22:10:35 GMT
1ad6b5aa39cdeb703ff094f477328c96.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/ Frame E61E 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/1ad6b5aa39cdeb703ff094f477328c96.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5442514344972767536/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
167293
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38697
x-xss-protection
0
last-modified
Thu, 11 Feb 2021 09:56:43 GMT
server
sffe
date
Thu, 22 Apr 2021 22:10:35 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 22:10:35 GMT
truncated
/ Frame B68E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame CBCE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&adk=829588772&adf=1498677563&pi=t.aa~a.1456473517~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&to=qs&pwprc=9623938543&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296727354&bpp=1&bdt=780&idt=-M&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D785534163f1ff8ba-22b10b71eec700b0%3AT%3D1619296726%3ART%3D1619296726%3AS%3DALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA&prev_fmts=300x600%2C370x280%2C0x0&nras=2&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=1685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=IcaWxQdhTM&p=https%3A//www.geraldopost.com&dtd=16
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 24-Apr-2021 21:38:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Apr 2021 20:38:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 24 Apr 2021 20:38:48 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame AF5A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
96591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 23 Apr 2022 17:48:57 GMT
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame E61E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
96591
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 23 Apr 2022 17:48:57 GMT
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame A975 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:48 GMT
48866f56c36f2f5453044fdef767cde4.jpg
a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/ Frame A975 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/48866f56c36f2f5453044fdef767cde4.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b881b1549cbedc986afc9ade49198c81e5833c577d19a8f94a95d09ea0f764e0

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
server
Azion IMS
x-original-image-size
92429
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
7380
expires
Sun, 25 Apr 2021 20:38:48 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame A975 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:48 GMT
54df8e016524bd267ebb7e5286455e7a.jpg
a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/ Frame A975 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/54df8e016524bd267ebb7e5286455e7a.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
1f84b54c6aff620cca928821bd60b184162a2c81d4c94b73aa49772e6eca0ade

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
server
Azion IMS
x-original-image-size
52648
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
4262
expires
Sun, 25 Apr 2021 20:38:48 GMT
a5d224728dd0962b7d5234517f0507f1.jpg
a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/ Frame A975 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/a5d224728dd0962b7d5234517f0507f1.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
920ca2c6a8cdb2e958766631164526f5cf0fd539e484e1d51c06feac3b784291

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
server
Azion IMS
x-original-image-size
68775
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
3650
expires
Sun, 25 Apr 2021 20:38:48 GMT
bff8fe9aba31eb49924ba022f266e396.jpg
a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/ Frame A975 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/bff8fe9aba31eb49924ba022f266e396.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
fe9fdaf933bfef4a66a96a5d0335067cac85205a93fa9fb217d2850709d2f48c

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
server
Azion IMS
x-original-image-size
64234
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
1832
expires
Sun, 25 Apr 2021 20:38:48 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame A975 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:48 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:48 GMT
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 661E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:49 GMT
48866f56c36f2f5453044fdef767cde4.jpg
a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/ Frame 661E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/48866f56c36f2f5453044fdef767cde4.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b881b1549cbedc986afc9ade49198c81e5833c577d19a8f94a95d09ea0f764e0

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
server
Azion IMS
x-original-image-size
92429
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
7380
expires
Sun, 25 Apr 2021 20:38:49 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 661E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:49 GMT
54df8e016524bd267ebb7e5286455e7a.jpg
a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/ Frame 661E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/54df8e016524bd267ebb7e5286455e7a.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
1f84b54c6aff620cca928821bd60b184162a2c81d4c94b73aa49772e6eca0ade

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
server
Azion IMS
x-original-image-size
52648
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
4262
expires
Sun, 25 Apr 2021 20:38:49 GMT
a5d224728dd0962b7d5234517f0507f1.jpg
a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/ Frame 661E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/a5d224728dd0962b7d5234517f0507f1.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
920ca2c6a8cdb2e958766631164526f5cf0fd539e484e1d51c06feac3b784291

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
server
Azion IMS
x-original-image-size
68775
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
3650
expires
Sun, 25 Apr 2021 20:38:49 GMT
bff8fe9aba31eb49924ba022f266e396.jpg
a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/ Frame 661E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/bff8fe9aba31eb49924ba022f266e396.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
fe9fdaf933bfef4a66a96a5d0335067cac85205a93fa9fb217d2850709d2f48c

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
server
Azion IMS
x-original-image-size
64234
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
1832
expires
Sun, 25 Apr 2021 20:38:49 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame 661E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:49 GMT
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 638C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:49 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 638C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:49 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame 638C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:49 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:49 GMT
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 3705 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:50 GMT
48866f56c36f2f5453044fdef767cde4.jpg
a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/ Frame 3705 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/48866f56c36f2f5453044fdef767cde4.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b881b1549cbedc986afc9ade49198c81e5833c577d19a8f94a95d09ea0f764e0

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
server
Azion IMS
x-original-image-size
92429
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
7380
expires
Sun, 25 Apr 2021 20:38:50 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 3705 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:50 GMT
54df8e016524bd267ebb7e5286455e7a.jpg
a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/ Frame 3705 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/54df8e016524bd267ebb7e5286455e7a.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
1f84b54c6aff620cca928821bd60b184162a2c81d4c94b73aa49772e6eca0ade

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
server
Azion IMS
x-original-image-size
52648
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
4262
expires
Sun, 25 Apr 2021 20:38:50 GMT
a5d224728dd0962b7d5234517f0507f1.jpg
a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/ Frame 3705 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/a5d224728dd0962b7d5234517f0507f1.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
920ca2c6a8cdb2e958766631164526f5cf0fd539e484e1d51c06feac3b784291

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
server
Azion IMS
x-original-image-size
68775
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
3650
expires
Sun, 25 Apr 2021 20:38:50 GMT
bff8fe9aba31eb49924ba022f266e396.jpg
a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/ Frame 3705 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/bff8fe9aba31eb49924ba022f266e396.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
fe9fdaf933bfef4a66a96a5d0335067cac85205a93fa9fb217d2850709d2f48c

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
server
Azion IMS
x-original-image-size
64234
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
1832
expires
Sun, 25 Apr 2021 20:38:50 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame 3705 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=leaderboard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:50 GMT
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 4750 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:50 GMT
48866f56c36f2f5453044fdef767cde4.jpg
a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/ Frame 4750 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/kit-djamila-ribeiro-companhia-das-letras-grupo-cia-das-let/lt2shop2/0001376264/48866f56c36f2f5453044fdef767cde4.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b881b1549cbedc986afc9ade49198c81e5833c577d19a8f94a95d09ea0f764e0

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
server
Azion IMS
x-original-image-size
92429
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
7380
expires
Sun, 25 Apr 2021 20:38:50 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 4750 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:50 GMT
54df8e016524bd267ebb7e5286455e7a.jpg
a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/ Frame 4750 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/torto-arado-todavia-editora/namastebooks/1000224935/54df8e016524bd267ebb7e5286455e7a.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
1f84b54c6aff620cca928821bd60b184162a2c81d4c94b73aa49772e6eca0ade

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
server
Azion IMS
x-original-image-size
52648
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
4262
expires
Sun, 25 Apr 2021 20:38:50 GMT
a5d224728dd0962b7d5234517f0507f1.jpg
a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/ Frame 4750 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/quarto-de-despejo-diario-de-uma-favelada-atica/namastebooks/1000200920/a5d224728dd0962b7d5234517f0507f1.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
920ca2c6a8cdb2e958766631164526f5cf0fd539e484e1d51c06feac3b784291

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
server
Azion IMS
x-original-image-size
68775
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
3650
expires
Sun, 25 Apr 2021 20:38:50 GMT
bff8fe9aba31eb49924ba022f266e396.jpg
a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/ Frame 4750 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-static.mlcdn.com.br/210x210/desinfetante-omo-lavanda-1l/magazineluiza/225468200/bff8fe9aba31eb49924ba022f266e396.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
fe9fdaf933bfef4a66a96a5d0335067cac85205a93fa9fb217d2850709d2f48c

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
server
Azion IMS
x-original-image-size
64234
vary
Accept
content-type
image/webp
cache-control
max-age=86400
x-ims
Enabled
content-length
1832
expires
Sun, 25 Apr 2021 20:38:50 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame 4750 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=medium-rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:50 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:50 GMT
magazine-voce.png
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 0C4F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/magazine-voce.png
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:51 GMT
last-modified
Wed, 23 Sep 2020 13:46:16 GMT
server
AmazonS3
x-amz-request-id
00FB19A2D5110F5E
etag
"aefc4759c82e5f76dc95d0a416e2efae"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
6871
x-amz-id-2
WXJJJNGQpv64S8cNuv4b4HmTn5m55gHnyHlLdRAOoEpE/q0UoiXIIIjyiYqiTT4Fl5YtDx7wNbY=
expires
Sat, 24 Apr 2021 21:38:51 GMT
btn-buy.jpg
mvc.mlcdn.com.br/magazinevoce/img/banner/ Frame 0C4F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mvc.mlcdn.com.br/magazinevoce/img/banner/btn-buy.jpg
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:51 GMT
last-modified
Thu, 11 Mar 2021 19:48:39 GMT
server
AmazonS3
x-amz-request-id
728JHY8PRYY8E8NP
etag
"dceb3ef4bf79711c4df4568a085c08ab"
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
2901
x-amz-id-2
MsFS7+r5WI7Ntq9RLemFolMvBS6oDz2mtUo8DBJKh4SJWrxJpyCnqAaiqvjedeWJMiXqdk/Zhtc=
expires
Sat, 24 Apr 2021 21:38:51 GMT
horizontal_box_slider.js
mvc.mlcdn.com.br/magazinevoce/js/libs/ Frame 0C4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvc.mlcdn.com.br/magazinevoce/js/libs/horizontal_box_slider.js
Requested by
Host: www.magazinevoce.com.br
URL: https://www.magazinevoce.com.br/geraldopost/banner/?store=geraldopost&type=rectangle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
AmazonS3 /
Resource Hash
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96

Request headers

Referer
https://www.magazinevoce.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:51 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 19:51:37 GMT
server
AmazonS3
x-amz-request-id
K5XWF38ZV0ZW0CGT
etag
"e01d5e8497aaba56b6c8ad5d8424d9fe"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
802
x-amz-id-2
DO4lzGM3NJygr0lF6nlQbPYuDpggJ31YYAMG2jUslJ/Mb6BDXXWWwnRszBODnWf8I7ctGthQ/vA=
expires
Sat, 24 Apr 2021 21:38:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff9a873c9be8a0a2aca0f3d63ef7bd908f4a055eab1b2ef6f7e26f8aa946b0a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Apr 2021 20:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6989
x-xss-protection
0
page.php
www.facebook.com/v3.0/plugins/ Frame 4BB1 		108 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=eb6d6ab6e9f6452446c779aeb45830b0&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3e60f49d2f1bc79f8c35bf4c3d3d7d458674c792eea073dfc67c52072018029
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
po873mUtVIuWlRC49acxVY7GOno0Gbx8iRLrR9lCzhRfDqImmudP9A9300ZSUq9ce+qiNdQzmQDwUoTi3Ry7AA==
date
Sat, 24 Apr 2021 20:38:51 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3932851112807799&plah=www.geraldopost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:38:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F110 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.geraldopost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.geraldopost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sat, 24 Apr 2021 19:55:45 GMT
expires
Sun, 24 Apr 2022 19:55:45 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2586
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame F110 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
96594
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Sat, 23 Apr 2022 17:48:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=3502318759076147&bg=!R0SlRADNAAZUuIlwVLg7ACkAdvg8WoHpOCkzK1xbLc74FhDRSWLLgl5QNQ6UulzOR_wMRb1-Zy8HXQIAAABPUgAAAAtoAQcKAVHMlEN4_S27HdEu3vO41BapQA74y3bOzon5xN0JsUQcTaNoAWc3otGUUOjnceSH5HhPuwAXv0R5zV_YEQRNHcyfDbklOFfRaXLgh4ESYOLn_EybPNJspDHy4yuAruB9oP6s2T_50FbbRcZGboQ5ONLuM1lGBW-KmmdNU7wxmOdCv3XuOPbfGa2vtaZ6DSA3Plp0d7xV0acxm0jezo78ANl9jy5fOR-C6HGGbnvnOBs2-msnb3ICcr341JeZxMjyCorfWr5KKk_ZPFsfGnFOp8bg6ks9klI1WiRJvtmC9aBOy5nRdzZcl6rCMD74v8VXa9L6452OlmDq31VCEhJI5Dr1Srst3EWhYzeFGFeLAyfrnI8AkYuAuWy4zDTYqelNPkTpnC5zFzcbjxyvc3BfMLfoerSNxzJVh1PSiqC-pAOdOBRN9YHElI5DJa_9L-614r3KmQIksYZY-K_P8Ypr9kQQX3qQeuf30VrL0DC3xLi-5bZ_CnKq3QXWxEDJvqKPsrZc0pFUgxpknHRnSrc4d1ckzZ9CXq2JXwhRr782_c3WM60ANiMmj2ZHxZiYRUyL1v__uZROKJ8waetiIxjiP1sgtdY27HU5_AYG4R1-wKUPQWTCVgBnJp9sB4erOepsMqAj2hPpsn1D9oFGj45Td0Slnlwxht-t_20OY23XpRYeJ3HYBS9EvyDaJmwED0-9dv8pYwaTIEmTMcr9DNOjIl3MLENzY1GwLrKMZIyMHg7Ps8GdCJ7kwAxTh1cP4Sc3yB_UmM64yyTNoD4UJ1DtlyJ_ejF2nmX08cbi4piuM-KnVmj9n_L32Ik589WWTN49OuL9LRi5GVvd6HSJLJy_WznuW-_nx3hhmBy6CEJMIxZSL27pJPJsuTcub2w37TS0qG4jC0WWFRf9q2PUc7EPTGSL6SX7iEisYkQTvIvLtBBaD7yW57ENjWQfHQh2YV1CsRiaKqzcU9z7wFazAaS8ePmZygFy_ac7jLyEjeBdtYN3oaoGS2t7J8zyGBeg_lMRCCVQT3c3IicLaH2h1DBnBNbFYEyFGIdzjCfBoxUFiXMBd64Ns8hxm2asyxx8jtP1eb2rOYrBoMkMhOkUXH3n1W_G8ILMfyeEMNxWbdjCOC7BoM41DpyzM4rhWguZPjlx5SfyyAO8sR07L8qYWmW3pV5fXt34CnPbm3U
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:38:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
marMItmZNfV.css
www.facebook.com/rsrc.php/v3/yM/l/0,cross/ Frame 4BB1 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
34c2a6b2fd25bb0b5bda545af77d1a0af494cbe11c65ee2d0c8acdd497a49b96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:50:02 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tvwOd0DTa0xfwwAyyYeaBA==
cross-origin-resource-policy
cross-origin
content-length
5929
x-fb-rlafr
0
x-fb-debug
IgX7NVdCKPggQFVbX5h3ssR42Q7fL8MKSZbnieC/n65RpMcR6SQ5Pdi7AYLWMLQG0LSJAXo6l3su9SW/0IrN6w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 17:50:02 GMT
tiLfsG4W1Qy.css
www.facebook.com/rsrc.php/v3/yP/l/0,cross/ Frame 4BB1 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yP/l/0,cross/tiLfsG4W1Qy.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23f63ed5d5537417eb7f8db8fbd9f9ac0e01142ae8dbbd84f8c8587516ce8e6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 20:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
bgN93RvGqgBwmT1bHuPWcA==
cross-origin-resource-policy
cross-origin
content-length
7410
x-fb-rlafr
0
x-fb-debug
QLZ0iyxJPhapKMI2Wb7z53/FGY6NNV8vdbU8RyUBRla2b4HqdmlOZQmjNLvlLeiB+nGQp0/BxgxagKmAomOUJw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 20:38:40 GMT
DzXn38OIeir.js
www.facebook.com/rsrc.php/v3/yz/r/ Frame 4BB1 		274 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
34016fa9ebe06db4682efc256297c58530fcb09befbf971c10281c1fd9ad7bfb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 22:43:57 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
T7rcnVCSJJAXTkMOtuACIA==
cross-origin-resource-policy
cross-origin
content-length
74257
x-fb-rlafr
0
x-fb-debug
aLu66CYrhQ71NPC1nu0AF2BX7a+VFUrgovX+jvVfzsJffacvw2wdzA0GySmNqgSbb75WpjjtN+oUWiZYxUoBAQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 22:43:57 GMT
qVdwgSDK2m-.js
www.facebook.com/rsrc.php/v3/yk/r/ Frame 4BB1 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yk/r/qVdwgSDK2m-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb2037d99bee87e9c32f5024431ffba439e45f61b2d6947f8dc6486db6433390
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UrXopz/aO20XwUxcAqKHrQ==
cross-origin-resource-policy
cross-origin
content-length
19622
x-fb-rlafr
0
x-fb-debug
VgyvHNjoPXkCemLyLDoWYCH8mH2oLqZu9NAoXV0KWohMpVf5Uur3dTAxSlQGD9iH7sqb2akqCgHr3uYncE/kug==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 00:31:07 GMT
7WZVKYBrWyp.js
www.facebook.com/rsrc.php/v3iEpO4/yK/l/en_US/ Frame 4BB1 		128 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yK/l/en_US/7WZVKYBrWyp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
29672fe69d3c9e51e98c32aeea86057c7fa633849b84b6e8ec21500e0a85f1df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 00:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mnlAXtS99+dv2rwatlh1zw==
cross-origin-resource-policy
cross-origin
content-length
36440
x-fb-rlafr
0
x-fb-debug
2gRuRiaDA8Xo0FSy5N85NMCepz3zjfbxQjMCsshuBfjRUANT8zJzWjFNEAHNWI4U+LKpAlLPRas4QGOWa56fSg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 00:31:11 GMT
KMa6-js1idc.js
www.facebook.com/rsrc.php/v3iLl54/yN/l/en_US/ Frame 4BB1 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iLl54/yN/l/en_US/KMa6-js1idc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e93c890255c2f00e56e0f1d83af4c08fd4456f8e2ae064f04c1d944ebb5ae26b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 18:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BugT2GA+FK1ULXN+N8Xqsw==
cross-origin-resource-policy
cross-origin
content-length
9028
x-fb-rlafr
0
x-fb-debug
3/lOK30nOX8CEtbqlmUA64M6aXafD+/UiBup/ly6NIJNhQcO6nBwhclODBtNaKOf0098eCsyYzQUntM6XOPv1w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 18:12:31 GMT
kCCAwKExQbm.js
www.facebook.com/rsrc.php/v3/yc/r/ Frame 4BB1 		159 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yc/r/kCCAwKExQbm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe89f3031a1554fc47a5bb69609d1d780c98b3be1977f054fd8f97aecc1f84f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 00:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6BhP0D0IIIrBpdpiH7dSzA==
cross-origin-resource-policy
cross-origin
content-length
47625
x-fb-rlafr
0
x-fb-debug
VlPiPKaZp3tNxzkJL3eatOo6BouDlUopGAmS4s+7TL78mq6Kb9WOgXP8ARNGRITzkxQD2LpUS4vSD3t6nmriWw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 00:31:07 GMT
oYH4_Q4OBVP.js
www.facebook.com/rsrc.php/v3/y3/r/ Frame 4BB1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y3/r/oYH4_Q4OBVP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdbb995458f6b6f28ba8ad20b662687f9b83edb8f74034f7243161086e7e54cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SNHyGmMRoqgA28EMocpyhA==
cross-origin-resource-policy
cross-origin
content-length
1723
x-fb-rlafr
0
x-fb-debug
jibEJvYeVjOtwJCmAaKoD8DcCaeC3JHlDIalBwNpRPvxcA+eN8RtRsONCQIvCsY33o2sywrMVQH5ujoQnw3RUg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 17:05:03 GMT
X0zaXtEr1Mw.js
www.facebook.com/rsrc.php/v3/yT/r/ Frame 4BB1 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yT/r/X0zaXtEr1Mw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b25035aa09ac461e3e822e9206e4ae48ce81b7a2dc0062e0ca66288a1c630156
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 18:43:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5frdhaI2QBHURlNBgnqAfw==
cross-origin-resource-policy
cross-origin
content-length
2493
x-fb-rlafr
0
x-fb-debug
2983RMSkBUOtIvGOBVYquHJcu7nLcnXjXv6DWYCxi96zCzHtfDxaU5OvswWg0BG+Cjjmu8S8dgF5TNVOuNaZIA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 18:43:33 GMT
2hT1Y7hz2Do.js
www.facebook.com/rsrc.php/v3iaOs4/ye/l/en_US/ Frame 4BB1 		420 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iaOs4/ye/l/en_US/2hT1Y7hz2Do.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ada6a46c05d36ec3154aeac6ab2cac34563031441f1af2aabe59e107a64ef28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 22:50:28 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qgO/gC+oX4w/PFTzsQuPFA==
cross-origin-resource-policy
cross-origin
content-length
102694
x-fb-rlafr
0
x-fb-debug
FOBDbM84062RRaYjYnN7Y/tgfQL5xeZjSNRVmLcqw6iR7eJvgnw26biCziC8pvmRHeoyy2KwPX338BfwvrwgUw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 22:50:28 GMT
NAbxrfiREAq.js
www.facebook.com/rsrc.php/v3/y7/r/ Frame 4BB1 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y7/r/NAbxrfiREAq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2812c4e6fb5db18c9a70640654c4bdb973427c4df56b96ec78bc1da5c6c443cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 20:38:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
m97NipW9KPp6AhOWxb7GgQ==
cross-origin-resource-policy
cross-origin
content-length
26095
x-fb-rlafr
0
x-fb-debug
os6yRSDCp+4D0g1e3+q+07aCasb6LBLG4LNTZwspcpXeuXLGjIum/5T4mJ9YnulTVqgDf34hBOq80MyfNX0Q9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 20:38:41 GMT
y6QqQaNeJsz.js
www.facebook.com/rsrc.php/v3/yS/r/ Frame 4BB1 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yS/r/y6QqQaNeJsz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
88d32cb380c8accd245e33fae7d1ede15212de9267688c84b0ff7a9c53e956d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 19:57:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
heMcpMIrHrlHXNQA/HF8qQ==
cross-origin-resource-policy
cross-origin
content-length
5979
x-fb-rlafr
0
x-fb-debug
gcTYwBrD4QyNQa5dLlpK6/sUyuk86XOBkwMb1uQ6iEZ38uAZZg3X7TlGEULlwaZdRhBglIQpz24nKRI6eNorMA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 19:57:18 GMT
1usRqtZVbfO.js
www.facebook.com/rsrc.php/v3/yo/r/ Frame 4BB1 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yo/r/1usRqtZVbfO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5820244a2bb1a21fb966e2a417d1c12f43ad67d33c1275338d1b3d67caad567
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 19:57:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rBc3q7LW/6BWJorlo9zSzQ==
cross-origin-resource-policy
cross-origin
content-length
11415
x-fb-rlafr
0
x-fb-debug
yURALbvF0DFWaM19wnbqQiswMRKA8aPp+ofgk+V24vOefmL7ZB7NGNhgXFbj83oBmZnrIJUzBhMj1A2LlHY5SA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 19:57:18 GMT
j_CaG3SU-us.js
www.facebook.com/rsrc.php/v3/yu/r/ Frame 4BB1 		348 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yu/r/j_CaG3SU-us.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf469b9c3aadf0b14f4e525231cdac1b523c83cbbef5a2cea40e552df339ee0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4RlmLTKLxbY9cEWMSaq9SA==
cross-origin-resource-policy
cross-origin
content-length
79994
x-fb-rlafr
0
x-fb-debug
yxPAJ3DJm4XkzqiiT8takeeSu8AOJ6l2Gy7QjWc5f1oWzcviCWQeQZ3cmMHQ5wPUO993+u6sKlxMthYAybBdWg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 17:05:04 GMT
136706011_3525820920799549_1226825496500975045_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/s350x350/ Frame 4BB1 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/s350x350/136706011_3525820920799549_1226825496500975045_n.png?_nc_cat=111&ccb=1-3&_nc_sid=dd9801&_nc_ohc=0pogXJsNaZ4AX8jdUzf&_nc_ht=scontent-frx5-1.xx&tp=30&oh=c7e9c1b64391f064c49fba2fed9dfc91&oe=60AC0026
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
efd9ff16786f54e6fdbd27ef19f3f876003c3f90f563c995fb68e4fcdedcc6db

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1462915248
date
Sat, 24 Apr 2021 20:38:51 GMT
x-fb-config-version-elb-prod
1083
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
12689
x-fb-trip-id
917726464
last-modified
Wed, 06 Jan 2021 22:15:36 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
4YwbAN4d1XKDBlQmDPYtHnvxsizFKxz_M4TwcM_cbriUTtagZ6w5AyMBsZuTv_dVhe7J7Fst3OcOHbXlM_cNAw
x-needle-checksum
3223185274
timing-allow-origin
*
136825793_3525810454133929_2615716609799275699_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 4BB1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/136825793_3525810454133929_2615716609799275699_n.png?_nc_cat=110&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=k0OIrXfAUswAX98_X0p&_nc_ht=scontent-frx5-1.xx&tp=30&oh=5612bc5ee12f5a99c4461807d6cd3fc9&oe=60AB27C1
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbbfb1b545e135ba8f3be48653ca0ada2ce53d3a3a2989f4989d8e6809640990

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2615511284
date
Sat, 24 Apr 2021 20:38:51 GMT
x-fb-config-version-elb-prod
1083
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2132
x-fb-trip-id
917726464
last-modified
Wed, 06 Jan 2021 22:11:15 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
5vdFVjiCqxllePch1bW_aynnVLRMee-lesOsSFbLdKbDFXzvb0hnqovFrfgk2kXCe8j-8zyWU6oLK4NOWz336g
x-needle-checksum
2359864150
timing-allow-origin
*
ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 4BB1 		573 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
z83yJUbjd5U4WGurlj40Bpnlo6DgbDM4wli8cH3TanhXjFjP2BzGTmmMsPXGl2zQ9cmClRMpWnMPoXLARbspeg==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
Y/eW3MWFNJnkcpEqoXzG3Q==
date
Wed, 14 Apr 2021 18:33:42 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
573
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Thu, 14 Apr 2022 18:33:42 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 4BB1 		144 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fwww.geraldopost.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmBz84e5U5ObwKh962-m1FwAxu13wmEW7UW3q327Eiw8OdwJx61IK0SUhwj82owbC0LVE4W0OE2WxO0FE662y1nzU1vrzo5-1HwOwsU9kbxS0oG3S0H8-7E2swdq1iwmE2ewnE2Lw5dwp8Gdw&__csr=&__req=1&__beoa=0&__pc=PHASED%3Aplugin_default_pkg&__bhv=2&__no_rdbl=0&dpr=1&__ccg=EXCELLENT&__rev=1003681500&__s=%3A%3At6nztw&__hsi=6954826502861003683-0&__comet_req=0&locale=en_US&__sp=1
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yK/l/en_US/7WZVKYBrWyp.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e45bcd0c188b511d36f58e34eabb3973aed5b11cad0226380f110bb04aca44f1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
xCmPwpMx2ECgnqbKQoc8rEPsXvoukXEOe/v4nmj9ya2ezpTgXLBrTMQEvNMARwFguc6J4zNHGOFwRlo7vDfUlA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 24 Apr 2021 20:38:52 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 4BB1 		138 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yK/l/en_US/7WZVKYBrWyp.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a903cb8fcd952a6afcba1bf3c09248413fa596bde6b7a3402e4f38ff3dcdc120
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
426ucBKyW3GsFA8DSSUG7i8zMed+IEhoat/Bl7+8Dl19psMhfPpfWh7tHwVGK5yCTK+YwtkYtd52iW/YW8qPnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 24 Apr 2021 20:38:51 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
vary
Origin, Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 4BB1 		1 KB
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=826257287422606&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yK/l/en_US/7WZVKYBrWyp.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6f4f7ca8782e12476453f4a8dd47a42655ed164c35d9400b2ecf4848c363afa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
9k2IOtfXLBsfhCNiNfcBg5743e5K5jvHNwD1ZG/QT7kwmaHKWwEmaka8L4FN00Y5NSzuYDrbsBM9qTy/ka+3TA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 24 Apr 2021 20:38:51 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
vary
Origin, Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
3gKIw20zpPx.js
www.facebook.com/rsrc.php/v3/yc/r/ Frame 4BB1 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+WweuYtea66RPAEX0Vl2fg==
cross-origin-resource-policy
cross-origin
content-length
5954
x-fb-rlafr
0
x-fb-debug
frImsj+cqRrurbRpsD+cpmJKN9c3KXwqSOEAhMNLpdq3wwyT8Q1tQ760+3/KCOGr4MXcIIe8QAMpXm+CR5XFgg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 14 Apr 2022 18:10:42 GMT
JopZtdti8dq.js
www.facebook.com/rsrc.php/v3/y_/r/ Frame 4BB1 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 18:15:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy
cross-origin
content-length
2270
x-fb-rlafr
0
x-fb-debug
XgN3PD/Zhxk84gdpDIxQrwsSvyHR+ZSRKTvxEfDplsP1SBJNdIuDi88aniOu/Rwp0u8A3yQRe6Xhtc1BA2+W2g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 18:15:35 GMT
2kxuOhboiVu.js
www.facebook.com/rsrc.php/v3/yC/r/ Frame 4BB1 		273 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yC/r/2kxuOhboiVu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2af5bfcede521a97bd3de87ff10bbe38742c2f06ac2cde01ca27ce1e84d8b8ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 19:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iEvqbQudLamyDQr7gJMA8g==
cross-origin-resource-policy
cross-origin
content-length
58338
x-fb-rlafr
0
x-fb-debug
xmXzT14ocmCNlfwlPVSESL2EJLJC0VDVt9YoLjR9lt1Y41CtqJt+DjJ0N4OYivkQeXmgif3FGFjID7EYuMI3Ug==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 19:57:19 GMT
cAEvN19HjM2.js
www.facebook.com/rsrc.php/v3/yB/r/ Frame 4BB1 		885 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yB/r/cAEvN19HjM2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e913d0c8195023fea768aa63161cfe870b077cd360806e3905002e74acc7423e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 17:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lRXvpxxdUT7QUnYyGQ+l6g==
cross-origin-resource-policy
cross-origin
content-length
378
x-fb-rlafr
0
x-fb-debug
6FT6SdsX5KOA1yTlChJhkG45ui4ZCWSwcTfhW5z2hRCBSld4J83+DZQ1m0okj0dhB+3wSr7QUmKf8cznaDKdhQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 17:36:12 GMT
nuSZvOPs-lg.png
www.facebook.com/rsrc.php/v3/yv/r/ Frame 4BB1 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yv/r/nuSZvOPs-lg.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yP/l/0,cross/tiLfsG4W1Qy.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e51e7c1f2f3bd86cc3e9dcd1ad5403db927f32533f0a8b29bc15f11b40c6376
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yP/l/0,cross/tiLfsG4W1Qy.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
Yi0qpwapvu5HgdMsp/F3tEk4bsuUgID5oZlA1pR1uiyo1adkYh8r3elVoKDFPEPzSzm7Cyx13tbgepVeq7aEWw==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
+tH9SoPO1ugg3HR9LK4liQ==
date
Wed, 21 Apr 2021 21:09:30 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
11870
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Thu, 21 Apr 2022 21:09:30 GMT
onuUJj0tCqE.png
www.facebook.com/rsrc.php/v3/y2/r/ Frame 4BB1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y2/r/onuUJj0tCqE.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
0leS92ApMpmipr73vwJS8kc5axX5XwNHImg9sSxYVpVISZ0ZA4eowcWkvAgLlnl/mPYJkrfDSMO+5REO5XvIiA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
OK0dmVpVmdoMRpKMP9eDcg==
date
Tue, 20 Apr 2021 02:21:24 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
3944
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 02:21:24 GMT
I7WYH0hxS5m.css
www.facebook.com/rsrc.php/v3/yj/l/0,cross/ Frame 4BB1 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yj/l/0,cross/I7WYH0hxS5m.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f879effa704701b7306f4fb25d43778a442984e2d2901fabd540983439c7921
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 17:57:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
viMRhF3QPNMLW0WcqHyZQw==
cross-origin-resource-policy
cross-origin
content-length
5213
x-fb-rlafr
0
x-fb-debug
fLtBeGVp1KPM+ZCLWP4B30jmyK90/alAjDKG/yX16JMrwySMCE7Hu18iMIScAcPthb+FXgKIine3tJdkGxhCJA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 17:57:01 GMT
nD7VJ0ZbVE2.js
www.facebook.com/rsrc.php/v3/y4/r/ Frame 4BB1 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y4/r/nD7VJ0ZbVE2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4fea7bf7fcbcea2a00471a920621ece56c1879a1518b81a3f5e2c4166cce3cbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 19:57:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
shZBPpDMoZQbEzj2EPogWA==
cross-origin-resource-policy
cross-origin
content-length
16525
x-fb-rlafr
0
x-fb-debug
t/vWUhIxKOlUy0+dPrd3X9CcvVF1e1czs4JRaUC6gAO3TQZHA9l2vygW/OjhM8aFqjwVTJ8c1J1+UAFGsA4MyA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 19:57:18 GMT
jCjPXE50YBY.js
www.facebook.com/rsrc.php/v3iEBX4/yv/l/en_US/ Frame 4BB1 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEBX4/yv/l/en_US/jCjPXE50YBY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a730a4e9d3d0612c3a6918e096c39c5697614b2792b98f503439fc09afd764a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 17:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
F42oAJV6dRouw2yCYHEOhA==
cross-origin-resource-policy
cross-origin
content-length
5453
x-fb-rlafr
0
x-fb-debug
q9VHJqyy9B4bb2BT5l4pDbst1CQj/wN4/ZlI1bxmRkp+sY9XjalKQP8QO5e7H3VFX0CYkuQ6L4uZAK0lfyr7bQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 17:55:35 GMT
truncated
/ Frame 4BB1 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
MM2tCOl-Ndb.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 4BB1 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/MM2tCOl-Ndb.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8d780cf17d57da2e7ff421667a6221a32831b83ffa904c0b480ba5f9c285974
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
IlI3TkunStfNPgYtYjV2iw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
656
x-fb-rlafr
0
x-fb-debug
tB2c5F+sUScJj9WAmCJF0fpHHnYIIgfrysZsYs7qnrh4aopMP5fmiGb8k/ook0vlnRoBdBO7jr4YR0YU7KtY4g==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 24 Apr 2022 05:42:02 GMT
FXgEheiV9ua.css
www.facebook.com/rsrc.php/v3/y9/l/0,cross/ Frame 4BB1 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y9/l/0,cross/FXgEheiV9ua.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6519cf0a39dec7407b047dead1034aee697bfe3d91b7da8aca09dd0bc80ff81a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Y5/LwKITDV2+AG9XCxxwGw==
cross-origin-resource-policy
cross-origin
content-length
4258
x-fb-rlafr
0
x-fb-debug
UzC8Gf/RHTyF6X9sV4dn4UV/Ddt/QaQyx/ebSqPaoPR/PoV5wQyt4s1hId8yAKoxWGyxomBRw20brH+ELuJGdg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 20:24:09 GMT
zGSy39SJCT-.css
www.facebook.com/rsrc.php/v3/yz/l/0,cross/ Frame 4BB1 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yz/l/0,cross/zGSy39SJCT-.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d8a42de12322320952dbd7cfc403d9b20c154dcc5deae8566af4ed2558925e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
UKfq0yQQ4ji7KDBneo+oWg==
cross-origin-resource-policy
cross-origin
content-length
8761
x-fb-rlafr
0
x-fb-debug
bLyBhxN7kdxNACd7U8giROOEeYy5zU5jTsPJgMJRXA/VRu0RBs/0j0UpJtBr8+PdRUWnLpyQEmX/fbPPRFKw5w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 20:24:09 GMT
ZzHzogejrCL.css
www.facebook.com/rsrc.php/v3/yW/l/0,cross/ Frame 4BB1 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yW/l/0,cross/ZzHzogejrCL.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b71beaa7e7e4ef0d5060f998e90f38a0906658f3b501c6c3fbb32052f9c062c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hpJZAZBxmYGP+sCbiK3tFg==
cross-origin-resource-policy
cross-origin
content-length
1712
x-fb-rlafr
0
x-fb-debug
zZypnVuQEZCtE208vCrg4QLrrOo1MMC3WYuytik2DiCfje+BgjmhpD4XVoP1n1n4MXYeJQQccopYjB87/U8Hfg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 20:24:09 GMT
_lIBTdTdEcV.js
www.facebook.com/rsrc.php/v3/yb/r/ Frame 4BB1 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yb/r/_lIBTdTdEcV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
403ab4ebc90a318d66666c605c4b1b9ace3835368a5031db8a3848e9f05f56f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 05:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Sq32aKaUMLuOmzhedW06cQ==
cross-origin-resource-policy
cross-origin
content-length
6062
x-fb-rlafr
0
x-fb-debug
TxVeE7XIUNYsxo54juHqeS9xOwrZPisP2iWLmCtg2ja2rY6uSez986ubwQUDnPLN0zO//6dqkQ5yn5sKHH29zw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 05:28:03 GMT
-9XFKeqshg0.js
www.facebook.com/rsrc.php/v3/y8/r/ Frame 4BB1 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y8/r/-9XFKeqshg0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c83093e379227a5d9087fec00a91a9efd5d0c6c892f86b58861f4641e92852e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 19:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
J3I4osH1QGO3CrgrhDCC5A==
cross-origin-resource-policy
cross-origin
content-length
13951
x-fb-rlafr
0
x-fb-debug
uAkuYa2vFmxs9Q5Z9crzP0xQq4G6Sm7q5CBBVLBGevydv0c4FCvQGmUamjrXJsYQvEZFxqqQp5C3COxSYslB5Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 19:57:19 GMT
2mYpI3Kl0a9.js
www.facebook.com/rsrc.php/v3/yh/r/ Frame 4BB1 		305 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yh/r/2mYpI3Kl0a9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf0a5561eeb5a838d2e26b83cc2caa40a257d1289a59fd861c53fcaef67ae76b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 04:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LP+Z5jW9FqluaEo6IVP8DA==
cross-origin-resource-policy
cross-origin
content-length
65692
x-fb-rlafr
0
x-fb-debug
hn+P3RDj0S66R/ELGvFxHBy11gsVddkmYRNJceRPhspnGaXdUfNhCrJPzfOQgklFaVq02Y/M+AMKg2Pd57dwyA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 04:41:50 GMT
4IgkQzeNHAE.js
www.facebook.com/rsrc.php/v3/y6/r/ Frame 4BB1 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y6/r/4IgkQzeNHAE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7cddfbb693148deb6dd5efafa1cd8a8a23e4707716809bea658a290c9c593d4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hxotvFr4joPszD/mg+UH6A==
cross-origin-resource-policy
cross-origin
content-length
12877
x-fb-rlafr
0
x-fb-debug
Pi84w/n7rMuhJYgzi/sjl0CecKXUbr9Ea2sg89NacKltuyD+RMgcQJmZY42dy6FVk4DQE7gUdO2tCHPmU0GbLA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 17:05:04 GMT
NB_rk-DQci3.js
www.facebook.com/rsrc.php/v3inZS4/yG/l/en_US/ Frame 4BB1 		202 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3inZS4/yG/l/en_US/NB_rk-DQci3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee40a70158a981f275345ffe7e6c83474b0782a00170f26cb3d5b399530e3838
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 04:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZVmJNs/w9tPxLHJEbWi9ug==
cross-origin-resource-policy
cross-origin
content-length
44830
x-fb-rlafr
0
x-fb-debug
ywfwN911czhx7MzccXADn38tAUXz0iDwJ0SHY7+8ujCvRnw6p3zYhweyqtQVlGBGMMnvLwpDtLgh0odTLEk9Gg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 04:27:58 GMT
kU0IpqHX6Pa.js
www.facebook.com/rsrc.php/v3/yi/r/ Frame 4BB1 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yi/r/kU0IpqHX6Pa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2bd288342e3998a6735d30393ee151cf7a50ba8de91c242199d5d07bfb0398fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4c4989ed7cc34%26domain%3Dwww.geraldopost.com%26origin%3Dhttps%253A%252F%252Fwww.geraldopost.com%252Ff1e23c59e27c2f8%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FGeraldoPost%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 22:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Fy99Mu/buY71H8lH2Tv/nQ==
cross-origin-resource-policy
cross-origin
content-length
3300
x-fb-rlafr
0
x-fb-debug
a+rEqG2e6PHWM0FFXRKDwbGiVNygFtOkXjOGe+O+FmKk6q9AdMo2uDJXAAe2+YXoRgOmS/mrOpIyPoBLiWr49g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 22:51:00 GMT
PjBS8cypMuc.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 4BB1 		283 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/DzXn38OIeir.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7de69c968dcbd1a888e778cca2420fc76e44ebbc6e7b05960c41d990480cc82b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0sWono0ydjn1DZF183YMhQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
59589
x-fb-rlafr
0
x-fb-debug
RFkHoAgb1znDpNMXGW0cmy8APn88v5IPOVGaiS0U9ZrBl1APHaLb+Q5AIFfRc1oLgk0FQWp+/FZYDMLuxpBPig==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 24 Apr 2022 07:47:11 GMT
136825793_3525810454133929_2615716609799275699_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 4BB1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/136825793_3525810454133929_2615716609799275699_n.png?_nc_cat=110&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=k0OIrXfAUswAX98_X0p&_nc_ht=scontent-frx5-1.xx&tp=30&oh=5612bc5ee12f5a99c4461807d6cd3fc9&oe=60AB27C1
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yK/l/en_US/7WZVKYBrWyp.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dbbfb1b545e135ba8f3be48653ca0ada2ce53d3a3a2989f4989d8e6809640990

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2615511284
date
Sat, 24 Apr 2021 20:38:52 GMT
last-modified
Wed, 06 Jan 2021 22:11:15 GMT
content-length
2132
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2359864150
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
Shbp_cGSt9y.png
www.facebook.com/rsrc.php/v3/yX/r/ Frame 4BB1 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yX/r/Shbp_cGSt9y.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/l/0,cross/zGSy39SJCT-.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc7e6c2f8653573bb6d6f6b7868736ed21bbb9d51d4f789f5590c682080eef62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yz/l/0,cross/zGSy39SJCT-.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
08fyHdjwlFDERPZxo/YzWV4dlVAGVbyroVzm0ZN6aJX/uh5IOubmehJOnzVFpmcvmdLamuxxWglEk4wfa1zKgA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
We0M1aBCMs58vJvf/bHIeA==
date
Mon, 12 Apr 2021 08:18:28 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
6061
x-fb-rlafr
0
expires
Tue, 12 Apr 2022 08:18:28 GMT
cQH7wcbHb6b.png
www.facebook.com/rsrc.php/v3/y8/r/ Frame 4BB1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y8/r/cQH7wcbHb6b.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yj/l/0,cross/I7WYH0hxS5m.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yj/l/0,cross/I7WYH0hxS5m.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
L36Vtv+RnpFF1ykR2OV1PAtDYiLDNWT8pNQv9prpAZmU5B1QxfFJP1NlwHD0mEyI/nrAKABWUgRGRuL2bg7big==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
VrHQyF8wNkH5pOhUYwyBPQ==
date
Tue, 20 Apr 2021 03:50:13 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
3170
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 03:50:13 GMT
n-uOOobFC9i.png
www.facebook.com/rsrc.php/v3/y3/r/ Frame 4BB1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y3/r/n-uOOobFC9i.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yM/l/0,cross/marMItmZNfV.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
0hT3+kQxL1hZWWtZ3pgw84KnE+T/AGkeQOR4QEg94gEGj3Xpq2JJxm3wTX8lB7l/Pwpr5hmiFgpkGZj4gRPN4g==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
FxoGPHP5kucUksTSZgXu4w==
date
Sun, 18 Apr 2021 19:11:29 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
3249
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Mon, 18 Apr 2022 19:11:29 GMT
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		116 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=953&byteend=1068
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a1fe9cbc551da9cd49de596f78dc1fad7d8cc10895b65f956d36d586df79931

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
1588961438
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
1083
x-fb-edge-debug
G0oaW6F9hTmIccxPkE9iIt-sO9zkxGwNaW-r1upr2x9rLsVQuGXLz04DAo4rAmoLmHT-2h2v5N77ulNss5kU9w
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
116
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		128 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=912&byteend=1039
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d271d09f57417a2353ddb19a278d47ecfd5d081bbe760f3e24186054ba1ae970

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-config-version-elb-prod
1083
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
128
x-fb-trip-id
382461245
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
x_odm77iLoCVnLlavSTsyjZcLSIuwIp9_yj3z7TueFxRn2pyf6zCzwMjtQU9wAqsH6TeiLHRZONPIvgvZUQ_KQ
x-needle-checksum
3802617246
accept-ranges
bytes
timing-allow-origin
*
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		953 B
1014 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=0&byteend=952
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c5c8339013c9ba69d14b332cf1452fda39256de8e87f4a676e44935864c0ca1

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
1588961438
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
953
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		912 B
974 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=0&byteend=911
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6aff8b8d5141c631984181a51b50a21aa01ec8eb57415e3356b00e335b188572

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
382461245
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
912
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		953 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=0&byteend=952
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yu/r/j_CaG3SU-us.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c5c8339013c9ba69d14b332cf1452fda39256de8e87f4a676e44935864c0ca1

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
1588961438
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
953
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		116 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=953&byteend=1068
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yu/r/j_CaG3SU-us.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a1fe9cbc551da9cd49de596f78dc1fad7d8cc10895b65f956d36d586df79931

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
1588961438
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
116
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=1069&byteend=54637
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yu/r/j_CaG3SU-us.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2816b5bc70f8873e0bcd8a223a3c39e1458336cd7e42d2deafcaea0409730ec7

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
1588961438
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-config-version-elb-prod
1083
x-fb-edge-debug
gQc82mOj_t6JVlfWc-f5_SnwTN7h-fCSAxl2B7WRl5EWwdsbozb7qfYT9eP_EdyZB8b7pXX5VLZ5Se3dNpn8dQ
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
53569
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		912 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=0&byteend=911
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yu/r/j_CaG3SU-us.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6aff8b8d5141c631984181a51b50a21aa01ec8eb57415e3356b00e335b188572

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
382461245
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
912
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		128 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=912&byteend=1039
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yu/r/j_CaG3SU-us.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d271d09f57417a2353ddb19a278d47ecfd5d081bbe760f3e24186054ba1ae970

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
382461245
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
128
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		16 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=1040&byteend=17572
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yu/r/j_CaG3SU-us.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0a16ff41783ca0a8d8523dc9161a3392b067a7cb15677c424b5ac17b11fde52

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-trip-id
382461245
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
16533
151801483_192851289342421_2109997759692222368_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t15.13418-10/s350x350/ Frame 4BB1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t15.13418-10/s350x350/151801483_192851289342421_2109997759692222368_n.jpg?_nc_cat=108&ccb=1-3&_nc_sid=08861d&_nc_ohc=UazeLoviLAYAX-C6nIB&_nc_ht=scontent-frt3-1.xx&tp=7&oh=37d73688d2a8d140980f24955e149473&oe=60A96974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1f6e4cf49f54d10d687c452c1fd2f0bfdd3e91ffbaf6dc98ac6b275f3c817044

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
342402833
date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-config-version-elb-prod
1083
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1900
x-fb-trip-id
686109401
last-modified
Sat, 24 Apr 2021 15:44:27 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
b9xwvD21gYcAvaAqCp3D2RARt6hASCDNPfFSItVdj5bV3zvGjT1XJWfSUQ5R_DX_Nd5Z2Gcx8hnywtuG7eZbeQ
x-needle-checksum
2937981183
timing-allow-origin
*
safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame 4BB1 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQFZDZ8wweZAgXcl&w=476&h=249&url=https%3A%2F%2F1.bp.blogspot.com%2F-wDpfyDkym2k%2FYII1mfNDUzI%2FAAAAAAAAWNk%2FoYHYThD_vw0bsyxZuCNaWpC7onvNx1XxwCNcBGAsYHQ%2Fw1200-h630-p-k-no-nu%2Fpocah.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQEiFutzT0PPCJcn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef88a0ffdf5f1d9d7f13ba50ea32ca211ff44be96d42f851d5f11042d27dcfb3
Security Headers
Name Value
Content-Security-Policy default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
x-fb-config-version-elb-prod
1083
x-content-type-options
nosniff
etag
"2427b9da51585c27d1e56694e2381baf"
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23307
x-xss-protection
0
x-fb-debug
tKGFpngVHgBQF7RE65BUJ5eCdQcszTNyzA1yRZJf5RECD6d1JpDTCGGaChkGM9vRdD4z7t8Fyrx9mSYhWcB7vg==
x-fb-trip-id
686109401
expires
Sun, 25 Apr 2021 20:38:52 GMT
last-modified
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-config-version-slb-prod_regional
1083
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 24 Apr 2021 20:38:52 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
vary
Origin
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-fb-edge-debug
ulGUNA4rG2dTGeCplPhzTaXMCtOn1fLVra6-FUKWoExTEmAuItRKbaPiOjP4l7B3UQIE8ZOAUgu41X2dTZl89A
x-fb-rlafr
0
content-security-policy
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Debug, X-Loader-Length
safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame 4BB1 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQG5SJk4uArQcF3T&w=476&h=249&url=https%3A%2F%2F1.bp.blogspot.com%2F-C6cTzX6ehds%2FYIIy-B4B9FI%2FAAAAAAAAWNY%2F-gYotwkuS2Qy-Q8Fjhdw324GVDxvWkaxwCNcBGAsYHQ%2Fw1200-h630-p-k-no-nu%2Fpocah.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQFmV6rH1pIASxgm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23448f25942f75dcf8c8d4ced7ffd2098614bd57319810f444d66e78185d533b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
x-fb-config-version-elb-prod
1083
x-content-type-options
nosniff
x-fb-rlafr
0
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
20531
x-xss-protection
0
x-fb-debug
UqJ/lRzV8+OaMBtYzKbaZXLDSTRs6LFoQCKhTISzBpsdronC9aqWX9c8K6GjLtmbjtU7upWJDETnswk3iV5Qlw==
x-fb-trip-id
686109401
expires
Sat, 24 Apr 2021 03:43:47 GMT
last-modified
Fri, 23 Apr 2021 03:43:47 GMT
x-fb-config-version-slb-prod_regional
1082
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 24 Apr 2021 20:38:52 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
vary
Origin
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-fb-edge-debug
di3kg8F0RTepn4kxmsYZezZYZ9j1HTMoM0EjtUlZhWHVEhFvNqG9D5AO5D2SippNGFZZv_kfOgHpexgShgT2sg
etag
"1026d5074e54c81c2fa23b96c7508a61"
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame 4BB1 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQFAi-k_63End3t6&w=476&h=249&url=https%3A%2F%2F1.bp.blogspot.com%2F-AgYDKWAw6dU%2FYIIuxwYbDtI%2FAAAAAAAAWNQ%2FXSFu4iKwtY4OEYwBaBw98T1M6-tKNq-4QCNcBGAsYHQ%2Fw1200-h630-p-k-no-nu%2Fbbb21.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQHnyySB_uanGUaW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e3547c5856b6d0568ef97245d980d9556baf871f207cb591fa17970797f791b
Security Headers
Name Value
Content-Security-Policy default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
x-fb-config-version-elb-prod
1083
x-content-type-options
nosniff
x-fb-rlafr
0
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
30413
x-xss-protection
0
x-fb-debug
B/VslL/yiErv5vTIedrzkaRPc0m5x2JOH8slBPd8A9ry8FgpO0juZuSuasc/Yt3DDAHEYSCpWM5d/hgjaKV2zA==
x-fb-trip-id
686109401
expires
Sun, 25 Apr 2021 20:38:52 GMT
last-modified
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-config-version-slb-prod_regional
1083
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 24 Apr 2021 20:38:52 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
vary
Origin
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-fb-edge-debug
4lkCEFXkAn9CC42d4zePB2wjaeYjOG-ROst8iuHmLVwZK3qj1Pqe5cieCZ59rVPY6S8iggrx7oMQqWp3r1xXww
etag
"b98e5ff1c8d3a7e487b2a400d5e0f44e"
content-security-policy
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
timing-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
176033627_3810616232320015_8924287619311000692_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/p235x350/ Frame 4BB1 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t1.6435-0/p235x350/176033627_3810616232320015_8924287619311000692_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=110474&_nc_ohc=1hvYXQiFxz8AX_bD2Tb&_nc_ht=scontent-frt3-1.xx&tp=6&oh=0e5cb7028279d7ad73006c42cd25cd5e&oe=60A85ADB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd249e6217bd119b6776a96077dc9ad4739f1fb4297c7a0c43be20e62c172cca

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1383151155
date
Sat, 24 Apr 2021 20:38:52 GMT
x-fb-config-version-elb-prod
1083
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
27815
x-fb-trip-id
686109401
last-modified
Wed, 21 Apr 2021 03:12:23 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
5QctvOyVtZvmFhrmeHHpVlcXMa4hc8JbY2cD713nilrxjeOAOwGd6HguQb3BzkJ-o66z3EAbuUiDg_-F3NcS2w
x-needle-checksum
1690222651
timing-allow-origin
*
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		32 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=17573&byteend=50310
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
62e3a96006dfca87e90584a0437cc2e5eb838c56485ae464a5e51efadff0787b

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-length
32738
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-3932851112807799&su=www.geraldopost.com&doc=complete&pg_h=11100&pg_w=1600&pg_hs=11100&c=2&aa_c=5&av_h=303.286&av_w=417.143&av_a=111644.286&s=272&all_s=30&b=3684&all_b=3684&d=0.082&all_d=0.191&ard=0.017&all_ard=0.044&dt=d
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geraldopost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:38:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		32 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=50311&byteend=82987
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
663fcdac6378c67c2f6ad86cd86768a1fcc72f5d21e526b0aee0af39da48829b

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-length
32677
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		32 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=82988&byteend=115638
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0acf53a86ddef33badcb8fd6fd36076cf7e5cb2e0d58ad4a59c5993a18e63d94

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-length
32651
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		9 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=115639&byteend=124761
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdfbc8dd4689e0f5548c6a7cab705326d97022ad422b89b6817f03ca6ec69907

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-length
9123
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
176875824_154547143265034_316949351154431097_n.mp4
video-frt3-1.xx.fbcdn.net/v/t42.1790-2/ Frame 4BB1 		9 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frt3-1.xx.fbcdn.net/v/t42.1790-2/176875824_154547143265034_316949351154431097_n.mp4?_nc_cat=104&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=EHw4ix2-a0IAX8Mh_yI&_nc_ht=video-frt3-1.xx&oh=0e6c419e192cd482518f0275dbfef648&oe=6084A753&bytestart=115639&byteend=124761
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:20f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdfbc8dd4689e0f5548c6a7cab705326d97022ad422b89b6817f03ca6ec69907

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1073880576
date
Sat, 24 Apr 2021 20:38:52 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
content-length
9123
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3802617246
x-fb-config-version-olb-prod
1083
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		94 KB
94 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=54638&byteend=150859
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31b341a4def9305ee6ae4fa0af0f90efac806074803089e72fc82d28b9528300

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:52 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-length
96222
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		122 KB
122 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=150860&byteend=276202
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d9683b9b0a220585ebd0f093409f80328dfe4d023385043e57770a552384c7cf

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:53 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-length
125343
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		250 KB
250 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=276203&byteend=532038
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
358fd53ef0272c2bc28c41491ce39ba84ab029dfd9b4261fdc8a0ae328b9227a

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:53 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-length
255836
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		97 KB
97 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=532039&byteend=631399
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a9489235f2c2f66345f3581a826d7da9797a8222173f4abd3e74ec117a2683bd

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:54 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-length
99361
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_404173247983795_3967942890391265505_n.mp4
video-frx5-1.xx.fbcdn.net/v/t76.34397-2/ Frame 4BB1 		97 KB
97 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-frx5-1.xx.fbcdn.net/v/t76.34397-2/10000000_404173247983795_3967942890391265505_n.mp4?_nc_cat=105&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIiwicG9saWN5SWQiOjkyMTd9&_nc_ohc=tajKmmIJAOAAX-bPsxE&_nc_ht=video-frx5-1.xx&hnt1=prn&hnt2=vll&oh=06e7b5bb26a0864b274aa5215911464b&oe=60865ED1&bytestart=532039&byteend=631399
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/PjBS8cypMuc.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:f:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a9489235f2c2f66345f3581a826d7da9797a8222173f4abd3e74ec117a2683bd

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:38:54 GMT
last-modified
Sat, 24 Apr 2021 15:44:25 GMT
accept-ranges
bytes
content-length
99361
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
gen_204
pagead2.googlesyndication.com/pagead/ Frame AF5A 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=677.0000&a1=https&f1=layout_html&s1=0&d1=10.0000&i=480893080255&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F5441334610969689380%2Findex.html&gqi=14GEYILJF6zC7_UP_rGIsAs&qqi=CLv047Hel_ACFQUQiwod3Z8BCw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:38:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.lomadee.com
URL
https://ad.lomadee.com/banner/view?sourceId=36890606&dimension=25&width=200&height=200&method=1&advertisers=5644&tags=25
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=600&slotname=8993431669&adk=4220371640&adf=1482559626&pi=t.ma~as.8993431669&w=300&lmt=1619163522&psa=0&format=300x600&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726819&bpp=15&bdt=246&idt=69&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2705827410742&frm=20&pv=2&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=JnxQKUcnx7&p=https%3A//www.geraldopost.com&dtd=86
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3932851112807799&output=html&h=280&slotname=5801651126&adk=2065657694&adf=3513612432&pi=t.ma~as.5801651126&w=370&fwrn=4&fwrnh=100&lmt=1619163522&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.geraldopost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619296726835&bpp=3&bdt=261&idt=89&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=2705827410742&frm=20&pv=1&ga_vid=1717309228.1619296727&ga_sid=1619296727&ga_hid=1390142020&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C44739991&oid=3&pvsid=3502318759076147&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=xUVnk6ScUu&p=https%3A//www.geraldopost.com&dtd=92
Domain
unruffled-brown-9d316c.netlify.app
URL
https://unruffled-brown-9d316c.netlify.app/static/css/3.659959f0.chunk.css
Domain
unruffled-brown-9d316c.netlify.app
URL
https://unruffled-brown-9d316c.netlify.app/static/css/main.9a52486c.chunk.css
Domain
unruffled-brown-9d316c.netlify.app
URL
https://unruffled-brown-9d316c.netlify.app/static/js/3.df5fb226.chunk.js
Domain
unruffled-brown-9d316c.netlify.app
URL
https://unruffled-brown-9d316c.netlify.app/static/js/main.f7fdfbf1.chunk.js
Domain
statistcdn.com
URL
https://statistcdn.com/analyze.js?typeId=f

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| monthFormat string| noThumbnail number| postPerPage boolean| fixedSidebar boolean| fixedMenu string| commentsSystem string| disqusShortname object| colors string| GoogleAnalyticsObject function| ga object| adsbygoogle object| messages object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| iframe function| $ function| jQuery object| _0xc2e3 object| _0x1b64 function| _0x32df function| _0x5c01f6 function| _0x247609 number| postResults number| numOfPages object| pageOf undefined| noPage string| currentPage number| currentPageNo undefined| postLabel string| locationUrl string| home_page function| startPagination function| dataFeed function| pageCurrentBlogger function| getPage function| getLabelPage function| findPostDate object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_persistent_state_async boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| pageNumber number| pageStart number| lastPageNo number| pageEnd function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| jQuery1124032956473873126946 object| FB function| MVCAds object| m object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.geraldopost.com/ Name: _gid
Value: GA1.2.379390104.1619296727
.doubleclick.net/ Name: IDE
Value: AHWqTUnOLuwtyJnfrnabUKf99wICNilrYzHO-cnrE5voRCRrg8FSXRB8WtcjTOqPOPM
.geraldopost.com/ Name: __gads
Value: ID=785534163f1ff8ba-22b10b71eec700b0:T=1619296726:RT=1619296726:S=ALNI_MYfLjXx0hxHEDga8A2_oU8TLtAwsA
.geraldopost.com/ Name: _gat_blogger
Value: 1
.geraldopost.com/ Name: _ga
Value: GA1.2.1717309228.1619296727

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
a-static.mlcdn.com.br
ad.lomadee.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
connect.facebook.net
external-frt3-2.xx.fbcdn.net
fonts.googleapis.com
fonts.gstatic.com
geraldopost.com
googleads.g.doubleclick.net
img.youtube.com
lh4.googleusercontent.com
lh5.googleusercontent.com
mvc.mlcdn.com.br
pagead2.googlesyndication.com
partner.googleadservices.com
plugin.bebeofertas.com.br
s0.2mdn.net
s2.glbimg.com
scontent-frt3-1.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
stackpath.bootstrapcdn.com
static.xx.fbcdn.net
statistcdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unruffled-brown-9d316c.netlify.app
video-frt3-1.xx.fbcdn.net
video-frx5-1.xx.fbcdn.net
vigilianerd.com.br
www.blogger.com
www.facebook.com
www.geraldopost.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.magazinevoce.com.br
ad.lomadee.com
googleads.g.doubleclick.net
statistcdn.com
unruffled-brown-9d316c.netlify.app
13.225.87.116
142.250.186.66
151.101.65.195
186.192.91.9
194.126.175.195
216.239.32.21
2606:4700:3037::ac43:a3fb
2606:4700::6812:acf
2a00:1450:4001:801::2002
2a00:1450:4001:803::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2006
2a00:1450:4001:811::2009
2a00:1450:4001:811::2013
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:400c:c04::9b
2a03:2880:f01c:20f:face:b00c:0:1823
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:f:face:b00c:0:1823
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:b0c0:3:d0::d26:4001
0088946671f71076a5c93b6c524318c7e36a6f3dc5b2d3136158dceebcfb40ff
0188fab720f1334270627cccac2585f2b94617812e6dcf51ec5e69e68d73d080
030686d51286cbbca3a0f5fe63d82c51a041bfd46112daaf7efead3183039db9
03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3
03bcc81265f29a52443c76c229e1dd749a95ae82d89298c1466fea0986568165
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
076ae6e0319c4ed63f5c688bf91ffe6de1ed2a74499e01f3eedb40cb52b56954
085f40558f8e1ef8af2c6791d8e39038ad1c559d1feb954599d0f8771fc25218
09fb106b3e1cd59ae8435f01bbf54e54b435c90db63d565a5f6508dc9f8e6a95
0a575a90f6ac207ca6d17eac0b580a19a4a1be76d4cd6d4b3a5804a847da93c2
0a9ff3f6b8d132ef3022c28d875ab2217b7b35259a6bfd10b8e56b4b87046019
0acf53a86ddef33badcb8fd6fd36076cf7e5cb2e0d58ad4a59c5993a18e63d94
0ad0a166771edfc46b98d3d196f3a77e4bbb12c086ca782874bd4897ff8fd518
0ad4a26210c8a3df59cc76a8e31301ac61ca0baada3b270942a343cbce4a2f2f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
103da76a226900b8e948ac0ee6f67114cf7c5d3bc2ce5c5bd2b32d2ed434924f
107ea30bea0a3bd876be7860aefad2ceccb06149782903879936ea48b557761c
118c9bdd568e2467f074b7f35eb55ac6371f2dec641240a02166c9ea0fd63436
11b1efec34dbcdcd1c161e61b2ee4f6059dfd93c86a0dc046b242ec83469e10c
134cc6354d0b698662d138a0b54c259dd1804275a7fdc3e935f164514db3fbc4
138f144cf717cc843576af4d95f1a6343a3ac2a64aa3ed87781e68fba894ed12
14488b4fa81133271455c649af8da5c7d6d6e55242b992ca0d8a3f948274ef0f
1498069f58ed149bc3e7564a3cbced6606e03d3682437a316de64ba467268173
14e467613326899b156d3a4dcdbdc15aac12fc549a6b1f0addcb936414d61dca
159fcc2f0598d46828ae44f7de60a62e068e7014c377e51933a41dc5bcb55528
1661c6d01207f8e58d4babdc4f2352b965ef741777cddbb0319745fcf75ad933
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c9efb3de1311675903d99e3de250a6da501b8eb5be3a5308d361ddf4df6a6bc
1d91a336f739464d9a91cb2424edf9dd880d11044377fee933c1e4a14397d9d6
1f2188a40d661fbfc65861b22187ec21e37e65ae4520274dc4d84b971d5e9a95
1f6e4cf49f54d10d687c452c1fd2f0bfdd3e91ffbaf6dc98ac6b275f3c817044
1f84b54c6aff620cca928821bd60b184162a2c81d4c94b73aa49772e6eca0ade
207d4ab1875d3d3230eb5af6bba6c192b6e428458b97418c6bb65a447f3d0860
23448f25942f75dcf8c8d4ced7ffd2098614bd57319810f444d66e78185d533b
23f63ed5d5537417eb7f8db8fbd9f9ac0e01142ae8dbbd84f8c8587516ce8e6d
2430c3230f518478d7c4628a406f03472eb2d7a004caf4db3f8a02ecbb07f715
24743bed02587747939aa125d9b36b01eb3f6c8a679f3ac7abd44e33d3c0f320
25317a90368b3e9a15102013a18b41f765a7cd3a5a9aede6e869ac0dfdfd92e4
2586105e18e0bb273cc833654769ef54891d67da769888a1b4a3f5a6e9230e3d
27e29f9f1d9b13ab1ff1d065d13dc45d6127e109b80e26e32d7fa98f626205cd
2812c4e6fb5db18c9a70640654c4bdb973427c4df56b96ec78bc1da5c6c443cf
2816b5bc70f8873e0bcd8a223a3c39e1458336cd7e42d2deafcaea0409730ec7
2818a0a05ead12d9d47a1643de62f2359b956f7812780c57e28f32ea737338ff
29672fe69d3c9e51e98c32aeea86057c7fa633849b84b6e8ec21500e0a85f1df
2a1fe9cbc551da9cd49de596f78dc1fad7d8cc10895b65f956d36d586df79931
2aa4eeebe439e55b1e5ccc55a3779132e564c4dc381a6394118d230a116d8a37
2ada6a46c05d36ec3154aeac6ab2cac34563031441f1af2aabe59e107a64ef28
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aec2672f98bd8a339db6fcbac2f72c79aa17bb539102340c5a290449ef6f064
2af5bfcede521a97bd3de87ff10bbe38742c2f06ac2cde01ca27ce1e84d8b8ea
2b8912f4749f05b598f763d8e841321ed014684ac394b7c734be34b1f194ff2d
2bd288342e3998a6735d30393ee151cf7a50ba8de91c242199d5d07bfb0398fb
2c5c8339013c9ba69d14b332cf1452fda39256de8e87f4a676e44935864c0ca1
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cccdfc9685c82f9da35b309e421801f5503721b4b8651f35145b81d829c2904
2dfe6b048550947f335139f17010d4f08251a3cd9b63916af8cc255a91bb054d
3148cdea46438ed09146552a04ed07050ef1cabbd95e0b2033acbfc7deb0a8d2
31b341a4def9305ee6ae4fa0af0f90efac806074803089e72fc82d28b9528300
31f283bbe7e854b2101d202ee7104b49b2ba46c237fd8820c29933f892e805b7
32f061a752b770dfd7de8090a4752c6d810ba68bff50ab6a645a5a259eddf4cd
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
34016fa9ebe06db4682efc256297c58530fcb09befbf971c10281c1fd9ad7bfb
3453d38eeadcaad1cc41bcbd5512b78cdb57d9a8c234e28ba00b86cb5e1f01ec
34c2a6b2fd25bb0b5bda545af77d1a0af494cbe11c65ee2d0c8acdd497a49b96
34d854af74485c19247aa01eba8ca7d07de29bb175937474ddfbebb7e19b5c2b
357cbdf03d42d24db7f6797be5659d9c14c335fc84219fbec369e61e5859d5a0
358fd53ef0272c2bc28c41491ce39ba84ab029dfd9b4261fdc8a0ae328b9227a
35a9dc16e6edacebc35ab5b2acbb39253577613c096c5155e5a315cb27ac53ec
3c92cb4ebadb6f0919e02ddaf45364a7196ebadc035aec7a499d59af58f0cf40
3e152f32a0b63aec094b2b25467acd500607c21ff713e05c5af7f782dd2692b5
3e3547c5856b6d0568ef97245d980d9556baf871f207cb591fa17970797f791b
3fb04f95b7c5e60244dc9c677c6e2e4cdd0e05835eb3a9484717b8d6a3c75aac
4012fdcbe9804fb76be489414b5d7fa6fc0a492ac676d9105b41e1dc73208395
401990451835f858ea9431a15cbac54df27ea4a17012b09957d865d07d0fc35b
403ab4ebc90a318d66666c605c4b1b9ace3835368a5031db8a3848e9f05f56f0
40db10ccedf381bd69bb1274b261a49a4ee600d5438dc1b53a0af89d3f29dfb6
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
44af38b1bf876fa9b62a4235497239e999318e312a5c9be81861466446495aad
451eeb3a16182e4f5ab0f67ffd585f78d1f0251af49a1efb24cf7384af3c88e7
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
4970a65dfa8227ff3387bd0840d4360c3aa10dfc02a3aeef9ee86f8d491b0a02
49adb14e9bca3a1a9b5fa08e8a069f54fb835bca2acf0293f75787ef4fd7eacc
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4bab105125a3c98d9709f83f70dad78c24cce2523d5bbd58dedcdbf8960331e2
4befaff609a14c590d0f906170350e19ba348ec254c9590d6bf6e22fa8ec23bc
4c976a5618015477fb20c35910f59339a3435623098a846392030bc0930fa1ee
4d16ccd0a26863ba3ddc1f831fdc2f29f2d8d49e96b166de3aec69df08e74768
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
4d408c02f9ffc1402240c42f378c8270c9bb8333b98b926b42cd528231bcfb4e
4e9927f47445d94c2f1a4ff82c65073aeae6cf07ff600cf4baea73324c192671
4f1a5efe73fbd5abf40ccad0411948cbb0115d6467a0b718543a75491bac0caa
4fea7bf7fcbcea2a00471a920621ece56c1879a1518b81a3f5e2c4166cce3cbe
5290c2234ca98096eaa441b46feedd8d54cac1e0581f65bf2a432354ef839d57
53610bc0121596f1ac958ea0c2b15261a98e63893fa24c171dea09f816c0395a
537b0b959771dccf7467f012d12cbdfae54e2cdda84eb8e3d473545945387584
5480be640bf1f4185810dcee5740d164aa6056ad176a0ae002f17073703acb0f
566af4e3b3a178c76efd695efb2daf41c281ae784f6e5dee103e6fa952469ec2
58b6698a230b7a1f352cf5f8d5c9ec33877931270c1c2f8eb4ce0728779bda0f
5a065309cb85fe04a4d4ffc231b05ef058421b9a8f02f5a4032d20c26790da17
5ac8d5a6c1c0bf29cb335a7319026883e6664bb66b7f132c2503170ba43fb235
5d8a42de12322320952dbd7cfc403d9b20c154dcc5deae8566af4ed2558925e9
5dbf0a72986d3f974429bb2d6ada5533a6f089ab274f555592f45806e8fe6d4f
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f53dcdc3266e25bbf97ae08454bbece27738b72ef14ea510afd3cf491817f4e
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
5fecc47c0aeecfb8726f5cfb9f67781d5189e60552ac8a680284188ed3aa206a
5ffcd3892ff7886f7fc92f8b435ef7a346cc804352ea30ab7737352432a29788
60e87bef5ff3def8796520e78dd2fdbe449a3dce90c97c7588f113d8958ea29d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61df6b7bb1675795b00b41d8c3fa8167ba363b455e27a5b0b3137f6d7ea9968c
62e3a96006dfca87e90584a0437cc2e5eb838c56485ae464a5e51efadff0787b
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
64f84d507040c51a23f01b1ca715a70cba443c6e0ad0321df9c69292b4bc0f50
6519cf0a39dec7407b047dead1034aee697bfe3d91b7da8aca09dd0bc80ff81a
663fcdac6378c67c2f6ad86cd86768a1fcc72f5d21e526b0aee0af39da48829b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68ed074d044492bac0380a1ce7d1531715400680e661f093a2eefc175c7e8d37
6aff8b8d5141c631984181a51b50a21aa01ec8eb57415e3356b00e335b188572
6b71beaa7e7e4ef0d5060f998e90f38a0906658f3b501c6c3fbb32052f9c062c
6b92ad6a4610a0080edee31403216a1f3f74b6c5d1dd85ce737cdc1a3a515725
6c3c916f7d3924d47210e5af850a0cdb2c8a309159763bd2ffa0a9286657c301
6c7634f744ebbcb181b0598e92296f87e86eade4218c255152dcb7edd6604e88
6cf2180abf1884f88d08aa3b412b74a3eaaf19f7e6ff84339dc009101b465e11
6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5
6d714bbc6faa9e18b42e1eb5dcbf8c53c174bda06fc8b8b6f5e7c5eac97a1fc2
6dd3fa0ac0babf2ccc9285caa721a145c225a7d5207e9a662f32bf6e8b99e56e
72c8a2ceb65b7eeefc96f0956e87683ef86f5b998c92dc1d75a99a2d18dbc8e4
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
75b4738a919ed452ae8effde6499144170bb3a663087194a461af36d14003d43
77f012414e7fb72d0ec033484cac533085ed07255ba9b2f4c34ad3f7722f57ad
781cea1df9131b01bf722e30ce0df7bc4716dee40366614493317f3dd7e0a02c
7854adbb2f82aa2160f0c388f893aecdf3616d077fde2d1bf2e19e912684d035
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a2fec101f4183a64e36ed82a981a651654859f21a7765d48a99054319ab7b1f
7b786f0e07340439f0071e7f0df2a390b8601face6324a26493fd5dd99900765
7bd1f8c0a3a28b7dba83bf3b20a53f1a85e911a8f583df4531d83386ec9e57ea
7cddfbb693148deb6dd5efafa1cd8a8a23e4707716809bea658a290c9c593d4b
7d378799bbf3eeab3af97b55b8383bb46d1b7e1491be35cfba69aae4d6bb12a2
7de69c968dcbd1a888e778cca2420fc76e44ebbc6e7b05960c41d990480cc82b
7eff8da29dd9d00cd299a4b4a7b31a0c109bebf165da8efba374c0e7957fc9b0
7facbd518e58323e180b90ad3801e78d7a3113415baa91428a60d531d1691ac7
80ba75209c76d8383613acd48486dbff5be48479ea1a947fbce9b9e5bf44e81f
8119f5ca081f049c9a10be40d403b68a66cd2738e7036c7a27ce9b452129409b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
862326f6620eb7ec58dc3362f87865ed0bf8d8f549065002b4eb006601bbda3e
87d0f9ba7c7a8fd772919d4865d8807e3f20c83f14b3005ce4de62ad51af2145
88d32cb380c8accd245e33fae7d1ede15212de9267688c84b0ff7a9c53e956d4
88d921a5a81c84a5705b33e687863db2416c572b01362ddbfa3ad7010f86b688
89ea8a064ce022ae90fd0390423aef77ae69c8cd0f2582e09d19e67792cc7e1c
8a4193772ee65b66ab8e30cdda96fb9848d54c3c8ec99506f95fb6f130dda739
8b7d16c4ac6415e5060abc4514110d1db9902464811831405a715a8fae3a9567
8b83189b3bd8e63a0b42e876c52b6d4f6c0dc12b9e87674e6f181be4f4768f46
8b9ba20fc2492e59160f17f7e54141a1e7005f4f3df8dbada5826ba2b70abdf4
8ba5408857ce1d634124b13a42f551073dea16237d8b7f405871fc1905cfec53
8c0d3166dffce0c168ce16d402623da5e84691a3032431d19b9e81d6a1867867
8d0e6af2928a1055c8da030563ded4d74deae971503f6fe2975aca83b5e47891
8e64ce8f2ad096e5b778ee80aed4eb07c2fb0a50a007ef1f6da3be94b39a7dd9
90e5243c11607e4a858e3edbfcb8f3401bd0cb682c48c1c10b023b9d5e38e7eb
9160671c88504da1d044607d712e4f8d479fe1d522bdb4ad59dae410bf2d2faa
91732bbfa2defe50c060ec39776f7be1a25aa2481bcc774897af9a97913476fc
920ca2c6a8cdb2e958766631164526f5cf0fd539e484e1d51c06feac3b784291
9237f538a2510c9ff7cd38abcfccb09cf7f8dea0d4b02ce287ef254b4e8acf32
92fe6706dae6f601967551b9c37150612efa92294f8e056ac92939f232ca5605
953ad5605189ea38166999307dd0641b5a3c42d4bd1dfd183848143c3fc2252b
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
964dbc1b127912ab2d9f2cb89d83e3bc3f9be61d29923b34cf42501e8d77856f
965939a3a3046dff5c5e10fc42b7f62461f5e86a11910fb757a43985a17997cd
97241ac0e5a0affe15501c54680e2fbe5f9f6c1489f7bc85841bea53b206fa17
98beccf228576939289a853df7bafe78a4c6b4154241a2e031bd2c972c795b97
98c0ee51ed1d7bfd89c0db082c5e5f06efded88b1dc52931e9487a60de2bd616
995f69e19b0273ca0777fba962f0592720129301d8b74d4c72b5967aadb59293
9beda0b21929f9ce9188cbe91bbe1e7346dea4e818fafcc65273ee6bf8266a8e
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9ccb036ddd4dca287fede3ac987191eacf8b9a5e43cdbb25fbeb9122044c50d8
9dad76b260e50505e477cfd2b38967303864095860aba347454929457cfe11fb
9e51e7c1f2f3bd86cc3e9dcd1ad5403db927f32533f0a8b29bc15f11b40c6376
9f2d51874c78d93e5549c4057b1fd650ee43f8b987267ac585ff1ee5f7eeab8d
9f879effa704701b7306f4fb25d43778a442984e2d2901fabd540983439c7921
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a37676b836c402e797187c6e3b569ef42a17951ee1b7e69c9ae816ba0979f58b
a4521991b3389b19cda9d851d625fb63cb89e2713fa05f11b864fc881df12edf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a730a4e9d3d0612c3a6918e096c39c5697614b2792b98f503439fc09afd764a1
a7359c7038dac6dbd6b34882e49b2f2ce3248bd61738f8e85ce1d87fc9cda962
a903cb8fcd952a6afcba1bf3c09248413fa596bde6b7a3402e4f38ff3dcdc120
a9489235f2c2f66345f3581a826d7da9797a8222173f4abd3e74ec117a2683bd
aa27e4a29de9734c3aa204fe05f5fb8829cc9ac226ac41ef701d3e5828e1795e
ab2a0bde05429b6c1a2a98a2988272c5342d92188ad04f94402a655f730ae1bb
ab2ef986feb77abadf3bc5d66f6b465efe5e4fa46887de8439ab1210c838b03c
aca59ef5fce66bdacda6fdd7872db2c18b5c42e3d92e6ad5c3828651b4b50c42
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b14fb3516e30b4eb7f5fbfb70eb2cd1488f0ddd4b72e3799b237c4287f8b8f1b
b25035aa09ac461e3e822e9206e4ae48ce81b7a2dc0062e0ca66288a1c630156
b3844900c09935d5d00e41ab8544b901818d463a885c4143dea93841f7454eda
b4de522d6cb3b930bd959e8c7b60a8f1ac45ad524f802f455e553bf8d7ddb9be
b73220f2672e071c3585c6910b0cf64c10117a4164daf56556211d20bed5c36d
b7865d8a36e6b3856f1407e604010b7455ca81c59cb5284c632e20571ec01f93
b7c94c47e36895159d5fd886c9d8d657a51b1c848855edd22632d1622c4fc9e8
b881b1549cbedc986afc9ade49198c81e5833c577d19a8f94a95d09ea0f764e0
b8a57814a99d32fe393c703635318607ac2f24899f739806dd30be89b0129087
bb659df59af0c5b06af697bdefa02f6a33cf022de4e2c80318b3f83ad00d2b46
bc7e6c2f8653573bb6d6f6b7868736ed21bbb9d51d4f789f5590c682080eef62
bc7fc6f6a2a2336341baacd56ca93e22acae58a9d8d6f45115bae94c0e57a9d8
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf0f9355e1b23c2a4e36c0cf23734e66a80ee1efbd5fbe01d19ba6b43bbc96e0
bfdbd875943b5ff8446f037e6525ee3664319a2b9682c2134b808c464b9bbf01
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c35071d9088bb7f78b3945676fbb9b83c8e9704f0ed7530031b1e2b9935205fe
c3e60f49d2f1bc79f8c35bf4c3d3d7d458674c792eea073dfc67c52072018029
c5ff8d7ffd90641a4ce0a1ea4eb7ff7b77d5e3d3e5d61fefa12c42be7d0051be
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6c90a9b3443352d72701940c7d481187437570b43156c994ce6a7f90c67eb9e
c83093e379227a5d9087fec00a91a9efd5d0c6c892f86b58861f4641e92852e3
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8ba40ab414eb90c0426f1c04b7bb65fdecc97fa8d8893158f98705609be5925
cb2037d99bee87e9c32f5024431ffba439e45f61b2d6947f8dc6486db6433390
cc5fb9f3f03b87b14d7ab37b3f0d3a156649abd7b740cfa32faab7da33dc00f8
cd3c21db58383e67406558a08962488ed59dc0de0301fc3ee15665b0a7bd71e7
cdadfb9a7faeb78306a70c7701e16ec84d549b03be89691f97c4088ca914b66d
cf0a5561eeb5a838d2e26b83cc2caa40a257d1289a59fd861c53fcaef67ae76b
cf469b9c3aadf0b14f4e525231cdac1b523c83cbbef5a2cea40e552df339ee0d
cf8167a7bbab70d1cdb823efdb6a23a181d3a28ab92fde18fb660ce7319ffccf
d02667136739e260cb775558825fa667cf6523afa2c9f1bef577e6fb113d23f8
d072199e456153fa722ffa01c48fa915959a1f39c951e3338af23b63a8787a51
d0a16ff41783ca0a8d8523dc9161a3392b067a7cb15677c424b5ac17b11fde52
d1d20ceb25025aa2ffa365bafcfd11c395a1b9ca21f54c8013db0f5f6850eaf3
d23fa7edc0185958276ca5d3fe63d62a79f9c4661fb10eff2a8eb990be2ae162
d271d09f57417a2353ddb19a278d47ecfd5d081bbe760f3e24186054ba1ae970
d3c6c19cae34ba4b62e11cfb99b803d05a60f64972e9222c00dededc9ea97610
d5520fcef964c1f3e3f0de3344b6e859c5e7534e2a21f2df4b67ae04a06e4e2a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6f4f7ca8782e12476453f4a8dd47a42655ed164c35d9400b2ecf4848c363afa
d74faf3dba15909820c656f6c8a266891f47becd215f5d1d43b1855577e76584
d8d780cf17d57da2e7ff421667a6221a32831b83ffa904c0b480ba5f9c285974
d9683b9b0a220585ebd0f093409f80328dfe4d023385043e57770a552384c7cf
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
dbbfb1b545e135ba8f3be48653ca0ada2ce53d3a3a2989f4989d8e6809640990
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
ded4092b57ddb7dee8437b1e72d0da27635396adfce2e2aa3b0be026b18e61d5
dfe984bc4f248521c19f680b768488f59c4b5b3c917a1aeca0d992aee6eaa9d1
e1cc9ab03d8e0c74b82cb8c13f1f4061a64219ebe1d74d8e348c6f1c72d89000
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45bcd0c188b511d36f58e34eabb3973aed5b11cad0226380f110bb04aca44f1
e54c1d18899bf482e345658bfa0ae864ed0da7fb18d0403830c23876af2cf353
e60a3d9e5e60abd14d62324a850de1bd9e7e99d3f2153daf6dd1637cb35b2e67
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8e8a042059c845720d9461543e034928364f4a0d1ed6ce3cc745e05df6bfb96
e8fad7f4bdd291c665575c5a8ef5361c0a8c6d0bee58b7cfc895a6c78617489d
e913d0c8195023fea768aa63161cfe870b077cd360806e3905002e74acc7423e
e93c890255c2f00e56e0f1d83af4c08fd4456f8e2ae064f04c1d944ebb5ae26b
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
ec9ff1264e1843b27efa9e6466f13e73009e0bd9bdc38fabd7041b16c71ed10b
ee284a19ae791a104f61073ed480ac6d50097a5808840e0a27b4a43582dee165
ee40a70158a981f275345ffe7e6c83474b0782a00170f26cb3d5b399530e3838
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308
ef88a0ffdf5f1d9d7f13ba50ea32ca211ff44be96d42f851d5f11042d27dcfb3
efd9ff16786f54e6fdbd27ef19f3f876003c3f90f563c995fb68e4fcdedcc6db
f07d37cc8b64c615c2730647a48f894bbcf7bd2ee92886a5e736ec2d8598549a
f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333
f36654c4fc0df1a3cd1786b08ba11bbd67302624b1206028406244eccd1adb3d
f3d1dd15f3508747d76dd3c9be6568b24c67d3551e460bd0e6ec7135697b3196
f40c95f98471d615ae5495502c6fcfc038aca7d8456e052c9084b857e9337132
f52a97d101881d081cdba645d930e348d474e886830b6d2fd578b14df00e2c3c
f5406cf9905501e032658eee1184e8ac1082de5bccb21cfb7f609eae6deb8471
f5820244a2bb1a21fb966e2a417d1c12f43ad67d33c1275338d1b3d67caad567
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fd249e6217bd119b6776a96077dc9ad4739f1fb4297c7a0c43be20e62c172cca
fdbb995458f6b6f28ba8ad20b662687f9b83edb8f74034f7243161086e7e54cb
fdfbc8dd4689e0f5548c6a7cab705326d97022ad422b89b6817f03ca6ec69907
fe89f3031a1554fc47a5bb69609d1d780c98b3be1977f054fd8f97aecc1f84f1
fe9fdaf933bfef4a66a96a5d0335067cac85205a93fa9fb217d2850709d2f48c
ff14dc06239d90568e5b61c549b715be98492cd8daa953e3b3288c1f208d68e0
ff9a873c9be8a0a2aca0f3d63ef7bd908f4a055eab1b2ef6f7e26f8aa946b0a7
ffb79e363e2bc6e25d4360fbc943aeb0a5321d6a0236fb392bbe02a1c51a6a62