www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:20eb:4000:6:45ad:3580:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gazetadopovo.com.br.us3.cas.ms/
Effective URL:
https://www.gazetadopovo.com.br/
Submission Tags: krdprod
Submission: On May 17 via api (May 17th 2021, 9:49:15 am UTC) from JP

Summary HTTP 504 Redirects Links 79 Behaviour Indicators

Summary

This website contacted 84 IPs in 8 countries across 43 domains to perform 504 HTTP transactions. The main IP is 2600:9000:20eb:4000:6:45ad:3580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.

This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	40.81.121.140 40.81.121.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2600:9000:20e... 2600:9000:20eb:4000:6:45ad:3580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:442e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
80	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
40	2600:9000:215... 2600:9000:2156:0:1f:3000:7b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:ee00:1b:3b3:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.217.72.80 52.217.72.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:219... 2600:9000:2190:1200:12:af17:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	52.216.90.14 52.216.90.14	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	13.224.95.43 13.224.95.43	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 12	99.86.2.29 99.86.2.29	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:295::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.23.227 13.32.23.227	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	116.202.80.167 116.202.80.167	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.95.38 13.224.95.38	16509 (AMAZON-02) (AMAZON-02)
2	13.224.95.54 13.224.95.54	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2600:9000:20e... 2600:9000:20eb:d800:16:bc5f:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.69.82 65.9.69.82	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	13.225.74.8 13.225.74.8	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:aa00:4:5c96:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:a00:13:9bf5:7100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:dc00:1d:7626:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
55	2600:9000:219... 2600:9000:2190:0:8:7f48:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:20e... 2600:9000:20eb:e600:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.229.193.237 18.229.193.237	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:9200:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
19	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	2804:49c:3403... 2804:49c:3403:2676:ffff:ffff:ffff:6	7162 (Universo ...) (Universo Online S.A.)
1	2804:49c:3102... 2804:49c:3102:401:ffff:ffff:ffff:50	15201 (Universo ...) (Universo Online S.A.)
1	2804:49c:3104... 2804:49c:3104:401:ffff:ffff:ffff:34	15201 (Universo ...) (Universo Online S.A.)
6	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.254.6.162 34.254.6.162	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2	209.197.3.19 209.197.3.19	20446 (HIGHWINDS3) (HIGHWINDS3)
2	200.187.199.64 200.187.199.64	7162 (Universo ...) (Universo Online S.A.)
22	2.18.232.99 2.18.232.99	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
3	52.18.40.16 52.18.40.16	16509 (AMAZON-02) (AMAZON-02)
2	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	34.235.247.123 34.235.247.123	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.251.5.157 142.251.5.157	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:68::6	15169 (GOOGLE) (GOOGLE)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
504	84

1 40.81.121.140 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.gazetadopovo.com.br.us3.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:20eb:4000:6:45ad:3580:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:442e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2600:9000:2156:0:1f:3000:7b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ee00:1b:3b3:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

multimidia.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.72.80 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

gdp-prd-data.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2190:1200:12:af17:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.90.14 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-43.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.2.29 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-29.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:295::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-227.fra56.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.80.167 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.167.80.202.116.clients.your-server.de

scomcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-38.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.95.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-54.zrh50.r.cloudfront.net

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d800:16:bc5f:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

infograficos.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.82 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.225.74.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-8.fra2.r.cloudfront.net

events-api.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:aa00:4:5c96:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

comments.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:a00:13:9bf5:7100:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.semprefamilia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:dc00:1d:7626:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.umdoisesportes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2600:9000:2190:0:8:7f48:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

json.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.229.193.237 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-193-237.sa-east-1.compute.amazonaws.com

apps.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:9200:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2804:49c:3403:2676:ffff:ffff:ffff:6 (Brazil)

ASN7162 (Universo Online S.A., BR)

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3102:401:ffff:ffff:ffff:50 (Brazil)

ASN15201 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3104:401:ffff:ffff:ffff:34 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.6.162 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-6-162.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.11 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.19 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.187.199.64 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 200-187-199-64.static.uol.com.br

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2.18.232.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-99.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.40.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-40-16.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.247.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-247-123.compute-1.amazonaws.com

fm.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.157 (United States)

ASN15169 (GOOGLE, US)

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:68::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5edns7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
135	gazetadopovo.com.br www.gazetadopovo.com.br media.gazetadopovo.com.br multimidia.gazetadopovo.com.br assets.gazetadopovo.com.br infograficos.gazetadopovo.com.br events-api.gazetadopovo.com.br comments.gazetadopovo.com.br json.gazetadopovo.com.br apps.gazetadopovo.com.br Failed	3 MB
80	google-analytics.com www.google-analytics.com	78 KB
51	doubleclick.net 7 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net	273 KB
44	googlesyndication.com pagead2.googlesyndication.com eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	214 KB
25	flashtalking.com servedby.flashtalking.com cdn.flashtalking.com fm.flashtalking.com img.flashtalking.com	936 KB
24	google.com news.google.com www.google.com play.google.com adservice.google.com	68 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	272 KB
16	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-4g5edns7.c.2mdn.net	4 MB
12	scorecardresearch.com 4 redirects sb.scorecardresearch.com	14 KB
11	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com api-v3.tinypass.com	287 KB
10	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	98 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
7	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	93 KB
6	tailtarget.com tt-10162-1.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	2 KB
6	semprefamilia.com.br www.semprefamilia.com.br	79 KB
6	google.de www.google.de	468 B
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
5	dynad.net t.dynad.net s.dynad.net	53 KB
4	googletagservices.com www.googletagservices.com	135 KB
4	uol.com.br tm.uol.com.br tracker.bt.uol.com.br	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	amazonaws.com gdp-prd-data.s3.us-east-1.amazonaws.com s3.amazonaws.com 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	351 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	304 KB
3	facebook.com www.facebook.com	590 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	umdoisesportes.com.br www.umdoisesportes.com.br	1 KB
2	facebook.net connect.facebook.net	97 KB
2	cxense.com scdn.cxense.com scomcluster.cxense.com	28 KB
2	privacytools.com.br cdn.privacytools.com.br	22 KB
1	google.nl adservice.google.nl	799 B
1	twitter.com analytics.twitter.com	658 B
1	t.co t.co	454 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudfront.net d335luupugsy2.cloudfront.net	413 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	navdmp.com tag.navdmp.com	3 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
1	jquery.com code.jquery.com	30 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	cas.ms www.gazetadopovo.com.br.us3.cas.ms	841 B
0	Failed function sub() { [native code] }. Failed
504	43

	Domain	Requested by
80	www.google-analytics.com	www.gazetadopovo.com.br www.google-analytics.com me.jsuol.com.br
55	json.gazetadopovo.com.br	www.gazetadopovo.com.br
40	media.gazetadopovo.com.br	www.gazetadopovo.com.br buy.tinypass.com
21	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com googleads.g.doubleclick.net srcdoc www.googletagservices.com
19	www.gazetadopovo.com.br	www.gazetadopovo.com.br
17	cdn.flashtalking.com	servedby.flashtalking.com cdn.flashtalking.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com
14	s0.2mdn.net	www.gazetadopovo.com.br.us3.cas.ms imasdk.googleapis.com s0.2mdn.net
13	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net www.gazetadopovo.com.br.us3.cas.ms www.googletagservices.com
13	googleads.g.doubleclick.net	www.googleadservices.com eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com www.gazetadopovo.com.br.us3.cas.ms
12	sb.scorecardresearch.com	4 redirects www.gazetadopovo.com.br.us3.cas.ms www.gazetadopovo.com.br
10	events-api.gazetadopovo.com.br	gdp-prd-data.s3.us-east-1.amazonaws.com www.gazetadopovo.com.br
9	tm.jsuol.com.br	www.gazetadopovo.com.br tm.jsuol.com.br www.gazetadopovo.com.br.us3.cas.ms tm.uol.com.br
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	www.google.com	www.gazetadopovo.com.br eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com news.google.com
7	csi.gstatic.com	imasdk.googleapis.com
7	play.google.com	www.gstatic.com
7	news.google.com	www.gazetadopovo.com.br news.google.com www.gstatic.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	www.semprefamilia.com.br	www.gazetadopovo.com.br
6	www.gstatic.com	news.google.com www.gstatic.com
6	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
6	www.google.de	www.gazetadopovo.com.br
6	assets.gazetadopovo.com.br	www.gazetadopovo.com.br
5	ade.googlesyndication.com
5	img.flashtalking.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	stats.g.doubleclick.net	www.google-analytics.com
4	www.googletagservices.com	securepubads.g.doubleclick.net eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
3	googleads4.g.doubleclick.net	www.gazetadopovo.com.br.us3.cas.ms
3	static.adsafeprotected.com	pixel.adsafeprotected.com eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
3	eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	t.dynad.net	www.gazetadopovo.com.br.us3.cas.ms
3	tm.uol.com.br	tm.jsuol.com.br www.gazetadopovo.com.br.us3.cas.ms
3	www.facebook.com	www.gazetadopovo.com.br connect.facebook.net
3	experience.tinypass.com	www.gazetadopovo.com.br cdn.tinypass.com
3	mcasproxy.azureedge.net	www.gazetadopovo.com.br.us3.cas.ms mcasproxy.azureedge.net
2	imasdk.googleapis.com	s.dynad.net imasdk.googleapis.com
2	dt.adsafeprotected.com	eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
2	ad.doubleclick.net	1 redirects eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
2	s.dynad.net	t.dynad.net
2	servedby.flashtalking.com	eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	1 redirects eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	b.t.tailtarget.com	tm.jsuol.com.br
2	www.umdoisesportes.com.br	www.gazetadopovo.com.br
2	comments.gazetadopovo.com.br	www.gazetadopovo.com.br
2	3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	gdp-prd-data.s3.us-east-1.amazonaws.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	www.gazetadopovo.com.br.us3.cas.ms connect.facebook.net
2	cdn.privacytools.com.br	www.gazetadopovo.com.br
2	fonts.googleapis.com	www.gazetadopovo.com.br buy.tinypass.com
1	r1---sn-4g5edns7.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fm.flashtalking.com	cdn.flashtalking.com
1	t.tailtarget.com
1	adservice.google.nl	securepubads.g.doubleclick.net
1	tracker.bt.uol.com.br	www.gazetadopovo.com.br.us3.cas.ms
1	me.jsuol.com.br	tm.jsuol.com.br
1	apps.gazetadopovo.com.br	www.gazetadopovo.com.br code.jquery.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	vars.hotjar.com	static.hotjar.com
1	infograficos.gazetadopovo.com.br	code.jquery.com
1	analytics.twitter.com	static.ads-twitter.com
1	script.hotjar.com	static.hotjar.com
1	t.co	www.gazetadopovo.com.br
1	px4.ads.linkedin.com	www.gazetadopovo.com.br
1	www.linkedin.com	1 redirects
1	cdn.tinypass.com	experience.tinypass.com
1	scomcluster.cxense.com	www.gazetadopovo.com.br
1	static.ads-twitter.com	www.gazetadopovo.com.br.us3.cas.ms
1	d335luupugsy2.cloudfront.net	www.gazetadopovo.com.br.us3.cas.ms
1	snap.licdn.com	www.gazetadopovo.com.br.us3.cas.ms
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	s3.amazonaws.com	code.jquery.com
1	tag.navdmp.com	www.gazetadopovo.com.br
1	www.googletagmanager.com	www.gazetadopovo.com.br
1	gdp-prd-data.s3.us-east-1.amazonaws.com	www.gazetadopovo.com.br
1	multimidia.gazetadopovo.com.br	www.gazetadopovo.com.br
1	scdn.cxense.com	www.gazetadopovo.com.br
1	code.jquery.com	www.gazetadopovo.com.br
1	cdn.onesignal.com	www.gazetadopovo.com.br
1	www.gazetadopovo.com.br.us3.cas.ms
0	json.gazetadopovo.com.brhttps Failed	www.gazetadopovo.com.br
504	89

This site contains links to these domains. Also see Links.

Domain
assinaturas.gazetadopovo.com.br
conta.gazetadopovo.com.br
clube.gazetadopovo.com.br
especiais.gazetadopovo.com.br
www.semprefamilia.com.br
www.umdoisesportes.com.br
pt-br.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
gazetadopovojornais.com.br
www.grpcom.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 02	`2021-05-12` - `2022-05-07`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.gazetadopovo.com.br Amazon	`2020-12-23` - `2022-01-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-04-09` - `2022-05-08`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
semprefamilia.com.br Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
*.jsuol.com.br Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
*.umdoisesportes.com.br Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh
*.uol.com.br Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-22`	a year	crt.sh
cdn.flashtalking.com DigiCert SHA2 Secure Server CA	`2020-04-24` - `2021-07-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-17` - `2021-06-17`	a year	crt.sh
*.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-03-07`	a year	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-04` - `2021-07-13`	2 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.gazetadopovo.com.br/
Frame ID: B605C50D4B2BA9A87F55580A01D498E7
Requests: 324 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Frame ID: EA12B7F12774DC9508029FB59265021E
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450345
Frame ID: 648AD0B40B9E14E102F05CC0C336D18C
Requests: 14 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: B1478B4A2F4A7F0C7503DD6DAB45F8E9
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Frame ID: 6B46481F5204DA56FFBFCF202634E00C
Requests: 10 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 58B6E25292575EBB9A1153D3F7971E5E
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: EFD1F21ECBF1645F676D48AE6FF0E306
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: E62B8A0D0AC008E298FBCE42243B41DD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 52B508B8B5BD98BD60A5025573AC43D5
Requests: 2 HTTP requests in this frame

Frame: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6E01092CB59C5275CB43BF06FDFA4CFB
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDm090CGJ3r74QBMAE&v=APEucNVzgIu1fVLS19SpYv8frN_xil87UoH-2g9vpi8NXIAqmmSt5MRcbg5M2uY2TEwTuvyLXQpkH1rQh9cgVPU_b1skDzslNZjuSSygtv0Nwv6bjUVd6a1YofnrK6_4E0eKGbNmtctEEqt90M15B8BWOtCpU5kv-xr5xIBmnik9aIesb7M7wLZYgbU5bhxhANmiYcBpOZ2yQF3oDVASWzEtg78MrYZN6Q
Frame ID: 5C5F72E81EE68732BC18848C65A43B02
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D51B230EC7016B7C0E9395FEB367E214
Requests: 3 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: B00412A3BCA562937E0D612B6E89BBF9
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: EA246B03EDD918B2C5EB272057E4586C
Requests: 12 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/124929/3111634/index.html
Frame ID: 593FA922B1D99DF45A050C148316F9C2
Requests: 23 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: D5DB9E121AD4D97F299588C836156AB1
Requests: 1 HTTP requests in this frame

Frame: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0ADE04BFCB16DCC1FA609BA8399BB299
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMaVpwIQif64AhiZm4ioATAB&v=APEucNV8yWim4JWJ-SowwJL0CC0xq8XIonR8TjQrZ6Sm07csiOONOXSI-HNVXz6VCKghHeJbLm5nK9wbeCxyt8HfTj7mwLmmDTON_YLttY7J2SvppGblzi1HVz9pXSKcBqP1_2V4NeX7sby9c0LXipwlmDl-osgvT6oqgZe5ugJPU7JqEg9An8ztaRIINeoTRfLm7DWjXVC9x6uHUV74x2zQ8fJYjzc2Fg
Frame ID: A87AABAAB7C055247DBC73FD9901C4EB
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Frame ID: 7695B566E90FDBAD503D48D84ECD5EF9
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 936414590DF930FD59A92E5098B2828B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/9662254/1620226019207/index.html
Frame ID: 98B949D0BE93E197A04008B0FE8E85B8
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 17B7BB684BD4054C31F6C4BB350E47E2
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMVNZEWX1d9JmszG-Le20hnSU96SXCrtvfukxSvouFxCgixQZHuBaudRpoaZUYCIYCPZf1t6YLCrG_IWTBuy15xAv-zI1VQreNyFGSGLawAeDkHylPEoOnwJLg5AiEe9IyY1Frk6KgTvUeNAsQ4QSBsgdxqHOLvs1PKC4pt2U56nZksi0pvjMlw5deZnA5rMgTHIGSh6Ss_pHkTYAInOsUnpa0EFVN1NMhx7CpQ2jvOIOWBMEkuLgCjxye_lWwXaMWE_y3iAKVG38ZlLTtq0j4ywpufrKQOU843r-SvWfmxGRNbbojxX4wp08rmgN6T88VVWXDLLE&sai=AMfl-YT55ZcK2jIVIzrT5x9ZYMN4VOgDpgVNmvgfPUoFGnQ8JTw8xrUfa1ICaus3aR1QvTN1Wp2Z0ROeYxd4xxA_GP5mwQZI-40dknAmvlWpTPxAgsqD1fZYd209FF2_rVI&sig=Cg0ArKJSzAMxC044LvgzEAE&adurl=
Frame ID: A196B7846B7D0428AD0680CA6D4CDF19
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3FADD5F13382DA20FD100222DFD209CC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.gazetadopovo.com.br.us3.cas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

504
Requests

99 %
HTTPS

62 %
IPv6

43
Domains

89
Subdomains

84
IPs

8
Countries

10103 kB
Transfer

19319 kB
Size

18
Cookies

79 Outgoing links

These are links going to different origins than the main page.

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta-mobile
Title: Assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta
Title: assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/login?referrer=https://www.gazetadopovo.com.br/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar/
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/
Title: Clube Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/painel-das-privatizacoes/?ref=explore
Title: Privatizações

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/reforma-tributaria/?ref=explore
Title: Reforma tributária

Search URL Search Domain Scan URL

URL: http://especiais.gazetadopovo.com.br/por-dentro-do-vale/?ref=explore
Title: Startups

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/?ref=explore
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/?ref=explore
Title: Saúde

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/?ref=explore
Title: Virtudes e Valores

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/educacao-dos-filhos/?ref=explore
Title: Educação dos filhos

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/previsao-do-tempo/?ref=explore
Title: Previsão do Tempo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/filmes/?ref=explore
Title: Cinema

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/?ref=explore
Title: UmDois Esportes

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/?ref=explore
Title: Athletico

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/?ref=explore
Title: Coritiba

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/?ref=explore
Title: Paraná Clube

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/cartoleiros/?ref=explore
Title: Cartoleiros

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/?ref=explore
Title: Mauro Cezar Pereira

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/?ref=explore
Title: Augusto Mafuz

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/?ref=explore
Title: Carneiro Neto

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/?ref=explore
Title: André Barcinski

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-pugliesi/?ref=explore
Title: André Pugliesi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/jones-rossi/?ref=explore
Title: Jones Rossi

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-campeonato-brasileiro-2020/?ref=explore
Title: Brasileirão Série A

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-campeonato-brasileiro-2020-serie-b/?ref=explore
Title: Brasileirão Série B

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-libertadores-2020/?ref=explore
Title: Libertadores

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/premium/?ref=explore
Title: Conheça o Premium

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/presidios-privados-no-brasil/?ref=explore
Title: Presídios Privados

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/?ref=explore
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/pesquisas-de-aprovacao/?ref=explore
Title: Pesquisas de aprovação

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/?ref=explore
Title: 100 Anos da Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/loterias/?ref=explore
Title: Loterias

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/?ref=explore
Title: Todos os especiais

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/dentro-da-lei/?ref=explore
Title: Dentro da Lei

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes-editoriais-gazeta-povo-resumo/?ref=explore
Title: Em Resumo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes/?ref=explore
Title: Em Vídeo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/noticias/?ref=explore
Title: Notícias do Clube

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/parceiros/?ref=explore
Title: Descontos do Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/cartao-virtual/?ref=explore
Title: Aplicativo Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro?ref=explore
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/minha-assinatura?ref=explore
Title: Minha Assinatura

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/?ref=explore
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://twitter.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gazeta-do-povo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao?key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJIT01FIn0.eBdJ9L4FA-1dhQuhebhUznQfSM278NGQRO7K0Pr2iiY
Title:

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao#lavajato
Title: LINHA DO TEMPOOs números, os desvios éticos e de conduta que querem apagar da sua memória

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao?key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJIT01FIn0.eBdJ9L4FA-1dhQuhebhUznQfSM278NGQRO7K0Pr2iiY#podcasts
Title: PODCASTA história da operação Lava Jato, seus principais trunfos e a campanha de desconstrução em áudio

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao#kit
Title: KIT ANTICORRUPÇÃOReceba nossa newsletter e ganhe figurinhas de WhatsApp para compartilhamento

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-vozes-na-gazeta
Title: Leia mais. Assine agora!

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/bruno-covas-gol-de-alisson-poder-futebol/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/numeros/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/parana/?utm_source=gazeta-do-povo&utm_medium=componente-home2&utm_campaign=coronavirus
Title: Veja a média móvel atualizada

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/follador-admite-eliminacao-vergonhosa-do-coritiba-aceita-criticas-e-fala-em-corrigir-rota/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/follador-admite-eliminacao-vergonhosa-do-coritiba-aceita-criticas-e-fala-em-corrigir-rota/#comentarios
Title: 5

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/parana-x-athletico-paranaense-2921-onde-assistir-escalacoes-noticias/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/parana-x-athletico-paranaense-2921-onde-assistir-escalacoes-noticias/#comentarios

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/campeonatos/paranaense/tres-jogos-quartas-paranaense-interior/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/campeonatos/paranaense/tres-jogos-quartas-paranaense-interior/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/elas-trocaram-festa-de-formatura-por-trabalho-voluntario-e-hoje-auxiliam-70-mil-pessoas-compaixao-internacional/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/elas-trocaram-festa-de-formatura-por-trabalho-voluntario-e-hoje-auxiliam-70-mil-pessoas-compaixao-internacional/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/uma-infancia-cercada-de-carinho-e-a-chave-para-um-casamento-duradouro/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/filhos-de-pais-alergicos-terao-alergia-veja-mitos-e-verdades-sobre-o-tema/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/filhos-de-pais-alergicos-terao-alergia-veja-mitos-e-verdades-sobre-o-tema/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade/
Title: Não é só o açúcar! Conheça mais alimentos que aumentam a ansiedade

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/por-que-assinar/
Title: Conheça a Gazeta

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-rodape-gazeta
Title: Assine

Search URL Search Domain Scan URL

URL: http://gazetadopovojornais.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: http://www.grpcom.com.br/junte-se-a-nos/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: http://www.umdoisesportes.com.br/
Title: UmDois Esportes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gazetadopovo.com.br.us3.cas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621244939147&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1621244939147%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621244939147&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621244939147&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQK1VTmNO0CiTwAAAXl5uo5zNwQzK9RhWBUAUksGL3fOCZAck9anSye9zq8XYsDo6C8XV7A7

Request Chain 67

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621244939186&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621244939186&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F

Request Chain 273

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 278

https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621244942943&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621244942943&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1&C=1

Request Chain 293

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKI8DzF7fJ35N1b5ifaQMQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIjJbjsSS7WERCah-j-qk_0&google_cver=1

Request Chain 295

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ4MTg2Nzk5NjIzMTgzNjkwOA%3D%3D

Request Chain 311

https://ad.doubleclick.net/ddm/trackimp/N437205.279382DBMCADREONUK115683/B24383104.277459578;dc_trk_aid=471499907;dc_trk_cid=134837416;ord=1621244943;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?586366569 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N437205.279382DBMCADREONUK115683/B24383104.277459578;dc_pre=CK670Ye40PACFdLIuwgdQIUBqQ;dc_trk_aid=471499907;dc_trk_cid=134837416;ord=1621244943;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?586366569

Request Chain 321

https://pixel.adsafeprotected.com/rfw/st/460517/47724224/skeleton.js?adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Feccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Feccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:dfe398df-7926-3ed2-ac96-5a44bc467e7e,c:cRQSQH,sl:na,em:true,fr:false,mn:app31ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sxF0yPU+11%7C12%7C131%7C14%7C15%7C16%7C17*.460517-47724224%7C171%7C172%7C173%7C18%7C19%7C1a,idMap:17*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:194,oid:1cdd4d0a-b6f5-11eb-9eb2-06cc0da90f4d,v:19.8.198,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 410

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1

Request Chain 411

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKI8D-LXhcZtB2HJOZSX-wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1

Request Chain 412

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIjJbjsSS7WERCah-j-qk_0&google_cver=1

Request Chain 413

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ4MTg2Nzk5NjIzMTgzNjkwOA%3D%3D

Request Chain 461

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 470

https://gcdn.2mdn.net/videoplayback/id/05825b4e28c92ec1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765470038/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B6F8223F8EB45F3155E119D0E5E1CC3D499D9DA1.3B379B911A8C3685B715A65D3132C561FE9D2955/key/ck2/file/file.mp4?cpn=pcXlmceGZwK5fBdk HTTP 302
https://r1---sn-4g5edns7.c.2mdn.net/videoplayback/id/05825b4e28c92ec1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765470038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7EA25CE151C9DF4265F5B4DF07DE3B60396C4F41.34A2329B85ABA5406F604684B2AFC58B441F8CE4/key/cms1/cms_redirect/yes/mh/6N/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edns7/ms/onc/mt/1621244668/mv/m/mvi/1/pl/47?cpn=pcXlmceGZwK5fBdk&file=file.mp4

504 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.gazetadopovo.com.br.us3.cas.ms/ 1 KB
841 B 166ms
27ms Document
text/html 40.81.121.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.81.121.140 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

6e6ea38b72668f7977a64ff403eb7d185f51228d15749b397ef3ddce7b3b81da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.gazetadopovo.com.br.us3.cas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Mon, 17 May 2021 09:48:58 GMT
x-mcas-request-id: 76bce5d7f5aaeb2473e04673ce5d9689
expires: Mon, 01-Jan-1990 00:00:00 GMT
strict-transport-security: max-age=31536000
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/js/ 5 KB
5 KB 32ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-store-helper.min.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://www.gazetadopovo.com.br.us3.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 17 May 2021 09:48:58 GMT
last-modified: Tue, 04 May 2021 17:11:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D90F1F9E34F4BE
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2ac76fd-101e-0001-4833-455529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=6547
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/html/ Frame EA12 281 B
725 B 7ms
7ms Document
text/html 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br.us3.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.us3.cas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Tue, 04 May 2021 17:07:19 GMT
etag: 0x8D90F1F135BA00D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a4241b6-e01e-001f-7a33-458fc4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=951
date: Mon, 17 May 2021 09:48:58 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/js/ Frame EA12 64 KB
65 KB 7ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fa7c60fca96e114cf9162a26c0eef728783f2dbff06d2b86773535af90de3f8b

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 17 May 2021 09:48:58 GMT
last-modified: Tue, 04 May 2021 17:11:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: dSafsVqER9739PXXMGX73g==
etag: 0x8D90F1F9DEDA57A
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2ac7937-101e-0001-4333-455529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=7120
x-ms-version: 2009-09-19
content-length: 66024

GET
H2 200 Primary Request / Show response
www.gazetadopovo.com.br/ 1 MB
290 KB 48ms
11ms Document
text/html 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40e914138be0a6674e2d011d7afc3446161062269e0887aa12b3f365215a74d9

Request headers

:method: GET
:authority: www.gazetadopovo.com.br
:scheme: https
:path: /?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.gazetadopovo.com.br.us3.cas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.us3.cas.ms/

Response headers

content-type: text/html
date: Mon, 17 May 2021 09:39:14 GMT
last-modified: Mon, 17 May 2021 02:04:28 GMT
cache-control: max-age=600
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
etag: W/"03274f283673a5b7e0a60936679a0509"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: bYF78yGh1pup1FSPlIKgNgpXichBKbsmhGN3ivYTi1gHhHJiWM4ZLg==
age: 585

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 23ms
20ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:58 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2745
etag: W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 650beee17f1e4e32-FRA
cf-request-id: 0a1b53a0e800004e326eb40000000001
expires: Thu, 20 May 2021 09:48:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
959 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 09:46:20 GMT
server: ESF
date: Mon, 17 May 2021 09:48:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 09:48:58 GMT

GET
H2 200 e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/ 8 KB
2 KB 63ms
30ms Stylesheet
text/css 2606:4700:20::ac43:442e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:442e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6569
cf-polished: status=cannot_optimize
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1b53a108000053695d127000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FUqwLmdzqim47U4wK7MvwjaT9Kh%2Fkujy2vPLB23wdH%2B7g5EikGYGQ1srOrby2GzdVTOzoaoyabkrGLC8zrjGsw%2BUoGoKX433Um1B0SMC3MJtcCw2M5EysI4c7GU4l3vF2pT%2Bkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 650beee1a8f65369-FRA

GET
H2 200 app-19c4d622d6a1aee75230.css
www.gazetadopovo.com.br/assets/ 681 KB
45 KB 12ms
10ms Stylesheet
text/css 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a4cc0e434a49a85bef77cf1d345a20b952002eb8704dcddd90301e13d4bd67b

Request headers

:path: /assets/app-19c4d622d6a1aee75230.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 21:30:16 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 21:09:26 GMT
server: AmazonS3
age: 303523
etag: W/"fcd71f4f27fbff1beb0c0fd5b55622ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: qjZo8yVm6VCV9rpP-GOKr1rEv9L1c9mi18Sb3c7zMUDDaTZEUghXQw==

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 29ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:58 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1621244938.dop122.fr8.t,1621244938.cds237.fr8.hn,1621244938.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 ico-noticias.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 402 B
759 B 31ms
19ms Image
image/svg+xml 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-noticias.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c

Request headers

:path: /assets/images/menu/icons/ico-noticias.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:25 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 8487094
etag: "0047e5eff1c16451783c127e71d7c4dc"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 402
x-amz-cf-id: 38_coDFaYELLGPZY8PMtXP1BZUtYXIRRQc6Wn4L4fG9XZxy5ENV-1g==

GET
H2 200 ico-opiniao.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 742 B
1 KB 38ms
27ms Image
image/svg+xml 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-opiniao.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace

Request headers

:path: /assets/images/menu/icons/ico-opiniao.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:10 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 8563488
etag: "81ceaad7f3bf5e4912e4a7e9fea1d1a8"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 742
x-amz-cf-id: ljg1lUOM1MuBvO-2D2Ui8HJXKWqs9cEeZkrMSJf-0kmA6Q88r7WB2A==

GET
H2 200 ico-descubra.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 553 B
911 B 33ms
22ms Image
image/svg+xml 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-descubra.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96

Request headers

:path: /assets/images/menu/icons/ico-descubra.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:25 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:16 GMT
server: AmazonS3
age: 8487094
etag: "f54a53358f4eb688ab2e8b30a5f16f6c"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 553
x-amz-cf-id: ty80jMBvyxeFkTCCry3d6xRTNHiKnTL9OjH9Y0UoEtLzYxAQIkUtaA==

GET
H2 200 ico-minha-gazeta.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 381 B
738 B 33ms
23ms Image
image/svg+xml 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-minha-gazeta.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568

Request headers

:path: /assets/images/menu/icons/ico-minha-gazeta.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 02:49:07 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 8837991
etag: "e7caef4cd9fc8923d63157348bf8b219"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 381
x-amz-cf-id: pqQt-TlenVnm9mLuchnx-NuJtmPAgSfVF1jCoKMJxHE6C7XcN91hZA==

GET
H2 200 gazeta-fallback.svg
www.gazetadopovo.com.br/assets/images/svg/ 123 B
478 B 32ms
22ms Image
image/svg+xml 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/svg/gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7

Request headers

:path: /assets/images/svg/gazeta-fallback.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 00:33:06 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Tue, 30 Mar 2021 21:25:51 GMT
server: AmazonS3
age: 3057352
etag: "852c057958949c7560916cdd5f0121ab"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: YWjT-GuLO6e1AE90qAseeiwFWZgSDA-9cjVXsqrWsY--mMMyZ8Tnjg==

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 114 KB
27 KB 44ms
9ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 389033bda6df04020f9010686fdac3a0232caddadddf2ea2367954c0aeb5be35

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:48:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 May 2021 09:22:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27418
Expires: Mon, 17 May 2021 10:48:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1142
date: Mon, 17 May 2021 09:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 17 May 2021 11:29:56 GMT

GET
H2 200 lucio-vaz1.jpg
media.gazetadopovo.com.br/2019/05/23172359/ 12 KB
12 KB 54ms
8ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/05/23172359/lucio-vaz1.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aed0e3ba07b92f2d5536357cc30382ffcfd2bf3e1dbdb4a8e6b6a98c9008d81f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 06:29:44 GMT
content-encoding: gzip
last-modified: Thu, 23 May 2019 20:24:01 GMT
server: AmazonS3
age: 8047155
etag: "864d6cefa5dccbaebff9bb6494aad893"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12169
x-amz-cf-id: RnbTc_vVoXpDRYk5T6R2IAE-ORdVM9F00RBDf0ijJ8Irj9C1hWaNCw==
expires: Fri, 22 May 2020 20:23:59 GMT

GET
H2 200 alexandre-garcia.jpg
media.gazetadopovo.com.br/2019/05/23144603/ 10 KB
10 KB 50ms
6ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/05/23144603/alexandre-garcia.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b48cd5eb38e1f0cdb006c24936622127a941296716987a568c2c400b7c4305fe

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:36:27 GMT
content-encoding: gzip
last-modified: Thu, 23 May 2019 17:46:07 GMT
server: AmazonS3
age: 9360752
etag: "3e823898276211d06ab9709bdcc61589"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10107
x-amz-cf-id: O2oaIdhJNQTalts0nz6Zqd1qK_db_P3HcxhydCeL6HOK_Oc4BQVEOg==
expires: Fri, 22 May 2020 17:46:03 GMT

GET
H2 200 DiogoSchelp.jpg
media.gazetadopovo.com.br/2020/03/02115626/ 8 KB
8 KB 55ms
11ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/03/02115626/DiogoSchelp.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ec649d2dcca2127705338bf4025717185003216687b7d5a9cd6db9024d919b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 03:16:31 GMT
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 14:56:28 GMT
server: AmazonS3
age: 973948
etag: "09954104a5d8be22a406730d46591a93"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7822
x-amz-cf-id: A2gCMUFLLuk0wOKDhOoXBb_4qSlC-NoTVHHe45BgKPrPeI6yySCRMw==
expires: Tue, 02 Mar 2021 14:56:26 GMT

GET
H2 200 Roger-Pereira.jpg
media.gazetadopovo.com.br/2020/10/15185728/ 8 KB
9 KB 51ms
6ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/10/15185728/Roger-Pereira.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35dcfaf3dd7c34640d28bd57038a4acf771e8e11a3d52a758a126d5e875c3e74

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 01:16:29 GMT
content-encoding: gzip
last-modified: Thu, 15 Oct 2020 21:57:30 GMT
server: AmazonS3
age: 9621150
etag: "a13a3daf0723007dee897f9f22bcb8f1"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8333
x-amz-cf-id: LrVkS_XRn0cMIRRivUjYyIizxphdP3grnMZde6Xnsk1o18bDj9FoiA==
expires: Fri, 15 Oct 2021 21:57:28 GMT

GET
H2 200 infog-remote.js Show response
multimidia.gazetadopovo.com.br/recursos/js/ 10 KB
10 KB 47ms
7ms Script
application/javascript 2600:9000:20eb:ee00:1b:3b3:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://multimidia.gazetadopovo.com.br/recursos/js/infog-remote.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ee00:1b:3b3:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) PHP/5.5.21 /
Resource Hash: 9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 08:45:04 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
last-modified: Fri, 09 Nov 2018 13:38:20 GMT
server: Apache/2.4.6 (CentOS) PHP/5.5.21
age: 3834
etag: "277a-57a3b76e9180e"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10106
x-amz-cf-id: 7AoyayRJpHoZgUj6A7PrEtUyjJI0DHrCIE7BjpGzG3WBsT3WyY0ZYQ==
expires: Mon, 17 May 2021 08:50:04 GMT

GET
H2 200 guilherme-rodrigues.jpg
media.gazetadopovo.com.br/2019/12/09151333/ 9 KB
9 KB 56ms
12ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/12/09151333/guilherme-rodrigues.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 036cd4074bc09f061a7d6a56a3437bf4e7ce8d7b8961eb1a171fa0c1c1082d0b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:37:52 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 18:13:35 GMT
server: AmazonS3
age: 8496667
etag: "a07ae34fda0fe12834d71751c5baa064"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9208
x-amz-cf-id: zzxhgN75fUdaTglQRiO7iKcUGIZwNRKFB8GbsEoATqluqCRtL9oqyQ==
expires: Tue, 08 Dec 2020 18:13:33 GMT

GET
H2 200 paulo-polzonoff.jpg
media.gazetadopovo.com.br/2019/12/02152010/ 8 KB
8 KB 55ms
11ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/12/02152010/paulo-polzonoff.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8ce4a0a32c830a6051b2907482e3122be8ad51d495ed58b238c68502b5eb8cf

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:26 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 18:20:12 GMT
server: AmazonS3
age: 8487093
etag: "e94bc2091dec13fcb35322d48e48f9b3"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7448
x-amz-cf-id: 0LSrQ5IgKxMvADpvc8-eWmRds1rLK4G1cHBnS9yxVL4zn0UwP_N1Vw==
expires: Tue, 01 Dec 2020 18:20:10 GMT

GET
H2 200 jussara-3.jpg
media.gazetadopovo.com.br/2021/03/01174217/ 8 KB
8 KB 15ms
9ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/03/01174217/jussara-3.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2380ab708a75fc7442adfbb8fb830748d0214fd48d127a2802c50275b9885169

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 14:38:34 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 20:42:18 GMT
server: AmazonS3
age: 4648225
etag: "bfcf83bdbb615463d383738874a0e4bd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7801
x-amz-cf-id: qjuJgRq05uWKm2RwZEJF1UwBUVBokcQ2mxSwbhnOXk0eCByjDGRUZA==
expires: Tue, 01 Mar 2022 20:42:17 GMT

GET
H2 200 owl.carousel.min.js Show response
www.gazetadopovo.com.br/assets/legacy/ 43 KB
12 KB 10ms
10ms Script
application/javascript 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/owl.carousel.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b

Request headers

:path: /assets/legacy/owl.carousel.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:35:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 17:21:37 GMT
server: AmazonS3
age: 8064828
etag: W/"5274afb2522b0f6f1b6a019949c3c104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: iI8NcEzhCCynjWZysKqzxQi2K8S27hR7RH98o0Uo4Q0EYFZ25i1qGA==

GET
H2 200 GazetaDoPovoSDK.js Show response
www.gazetadopovo.com.br/assets/legacy/ 145 KB
37 KB 32ms
18ms Script
application/javascript 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/GazetaDoPovoSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2

Request headers

:path: /assets/legacy/GazetaDoPovoSDK.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 22:02:17 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2019 18:34:32 GMT
server: AmazonS3
age: 11015202
etag: W/"93db618a4f3bd0163e68ad039dcbd60c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: K9lUeZ31AG-PZdqTqX-bAsNsBJd5Hkn48d_Tnr39YQzcqUuodBlv_w==

GET
H2 200 social.js Show response
www.gazetadopovo.com.br/assets/legacy/ 264 KB
80 KB 36ms
23ms Script
application/javascript 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/social.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3bca498f4fa68a5d099135c6b44322e22aa62e509f59fc294d9e53d38475374

Request headers

:path: /assets/legacy/social.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 07:21:16 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 16:43:33 GMT
server: AmazonS3
age: 4847263
etag: W/"d36619672c599923a4c9712bd040f9e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: dV52Kzqow1NBBIZtXwMk1YqyC1M1bf7g0ayplvXuJdIHBbyXG5A5-Q==

GET
H2 200 vendor-9baf93355710264da6ef.js Show response
www.gazetadopovo.com.br/assets/ 295 KB
96 KB 26ms
14ms Script
application/javascript 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8081c769c2d9191a1ae2bea8b1409784c0a13d70b83bb2f41d41cc22ef2164e7

Request headers

:path: /assets/vendor-9baf93355710264da6ef.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 14:32:53 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 14:30:45 GMT
server: AmazonS3
age: 328565
etag: W/"3e425e478050fb49f8d5dbffdd68f55b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: pmjzgc0PQwxiMGeBlSLZEmPhVzIjiD-rHwUNSqmd6wQdKLNviMyVTA==

GET
H2 200 gazetadopovo-app-b3eeb35c5cd968c95b53.js Show response
www.gazetadopovo.com.br/assets/ 366 KB
67 KB 28ms
15ms Script
application/javascript 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bee94f92f87881238a9d783523e1d3c6eae7d4f808e261eea83c5c5b585e6a60

Request headers

:path: /assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 14:32:54 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 14:30:08 GMT
server: AmazonS3
age: 328565
etag: W/"ceb11d3e5815f015f9e46b4a991d0a61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: lwyh2_hXBr7y7ybBNnMzldJgrGeOghsIw-GLgZKa2VyDNxe6WM6aWg==

GET
H2 200 google-3.2.2.js Show response
www.gazetadopovo.com.br/assets/legacy/swg/ 114 KB
38 KB 32ms
20ms Script
text/javascript 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

:path: /assets/legacy/swg/google-3.2.2.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 22:04:47 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 20:50:04 GMT
server: AmazonS3
age: 11015051
etag: W/"9c302f91fb353b7f558cbda7922e6da1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: text/javascript; charset=UTF-8
x-amz-cf-id: UD5IjdgnbWOTpL4qoHyCwfHkwaFEnOzS5vIukapEq57w3i09p5yrVg==

GET
H/1.1 200
OK JSPianoSDK-0.4.4.js Show response
gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/ 323 KB
323 KB 456ms
126ms Script
application/json 52.217.72.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.72.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:48:59 GMT
Last-Modified: Fri, 05 Mar 2021 13:15:08 GMT
Server: AmazonS3
x-amz-request-id: AE4A3K39RWGQ0G0Z
ETag: "cc0b84a81c8868bf472ad514d8695844"
Content-Type: application/json
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 330317
x-amz-id-2: rSkHZCSZjEr2qM6+Qb5YKUpduOLhfmxkJUVIsVboewrPqNRuCWLujDDV1KXaT6AWriJJ2cMi2Rs=

GET
H3-29 200 e6Ya311101.js Show response
cdn.privacytools.com.br/public_api/banner/script/ 107 KB
19 KB 57ms
36ms Script
text/plain 2606:4700:20::ac43:442e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/script/e6Ya311101.js?p=bottom&t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:442e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ef970abec9e060cd27738ebb3195713fb367ebcf37702e825c93d990b4c493

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 54779
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EbTSPMcr7D2DOm9VTZl3%2BJqDJPl1JF1M0IF5Wk3cu22icfthh4cp9Z%2Fn6zCbAxQF9W6ZcL%2Bvoou8WfNou3s2VBq4agFmLVF65xTIPy1Mj9cfw4fnvMPXImVfVIMXCCK57iHd5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cache-control: public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate
cf-ray: 650beee25aa22c52-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a1b53a17b00002c524a0b3000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
62 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cdcc98e07292bea075f6eed777449b97efbd3186d9f87379382f573fdf6536f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63248
x-xss-protection: 0
last-modified: Mon, 17 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 May 2021 09:48:58 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 8 KB
3 KB 37ms
16ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 552
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 0a1b53a18f0000d6ed27242000000001
last-modified: Mon, 26 Apr 2021 21:14:53 GMT
server: cloudflare
etag: W/"60872d4d-1f5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 650beee27eebd6ed-FRA
expires: Mon, 17 May 2021 10:39:46 GMT

GET
H2 200 logo-gazeta-fallback.svg
assets.gazetadopovo.com.br/images/svg/ 2 KB
1 KB 66ms
18ms Image
image/svg+xml 2600:9000:2190:1200:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/logo-gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1200:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:13 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 19:11:32 GMT
server: AmazonS3
age: 8563486
etag: W/"d792eee1076dd5de89b09831c82d0436"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
content-type: image/svg+xml
x-amz-cf-id: sK9dAk5afWdtUkmdPPSk-3aNcFvcaOt96wnHJVMhMT3bRcdM-mH2Xw==

GET
H2 200 ico-related-items.svg
assets.gazetadopovo.com.br/images/svg/ 156 B
529 B 64ms
18ms Image
image/svg+xml 2600:9000:2190:1200:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-related-items.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1200:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 02:32:04 GMT
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 19:32:22 GMT
server: AmazonS3
age: 12813415
etag: "a1e034e511ddfddbd71c0ee10f8240f0"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 156
x-amz-cf-id: QDAaKa96Gshg_pacSXuvUGA7KYGIucafT9V_6MOcrC0LhIcM6GkYWw==

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 05:41:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
age: 101224
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
expires: Mon, 16 May 2022 05:41:54 GMT

GET
H2 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 06:10:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
age: 99479
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
expires: Mon, 16 May 2022 06:10:59 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 16ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:53 GMT
server: sffe
age: 373554
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19300
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:04 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 18 KB
19 KB 16ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:26:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:44 GMT
server: sffe
age: 548577
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18924
x-xss-protection: 0
expires: Wed, 11 May 2022 01:26:01 GMT

GET
H/1.1 200
OK 5294.json Show response
s3.amazonaws.com/gp-infoservices/infocoder/ 27 KB
27 KB 436ms
124ms Script
application/json 52.216.90.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/gp-infoservices/infocoder/5294.json?_=1621244938593
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.90.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd6d343c560c20611901e4c09e6f4da827fdb5957d2e4e2d3047c2e5804d4e6b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:00 GMT
Last-Modified: Tue, 20 Oct 2020 21:22:55 GMT
Server: AmazonS3
x-amz-request-id: 7BFV733R0BWN2K38
ETag: "16fd83f68ab6025e68cf1c8761f5a7c1"
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 27623
x-amz-id-2: 8jJO187FCkzfKzmWvzyjRv35LstcY4rcTfMGrQdzugMJnQCbvCtAZBmhSXB2EA3a/d4WyPOxWYg=

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1049595578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=8381435&gjid=904025878&cid=747907946.1621244939&tid=UA-23088598-1&_gid=1325827540.1621244939&_r=1&_slc=1&z=203435862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 147 KB
44 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2635
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44829
x-xss-protection: 0
expires: Mon, 17 May 2021 09:55:04 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 51ms
26ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 1747
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a34f00000605680e0000000001
x-request-id: C49v8tqoIcM
wn: prod-exp-10-200-138-40
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 650beee54bd00605-FRA
expires: Mon, 17 May 2021 10:18:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=8381435&gjid=904025878&_gid=1325827540.1621244939&_u=IEBAAEAAAAAAAC~&z=1880312970

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 May 2021 09:48:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 17 May 2021 10:30:15 GMT

GET
H2 200 hotjar-457089.js Show response
static.hotjar.com/c/ 32 KB
5 KB 123ms
64ms Script
application/javascript 13.224.95.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-457089.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.95.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-95-43.zrh50.r.cloudfront.net

Software

Resource Hash

8a4200c823e4f8842f29786426544546e6b40bd7063d3a928c3f34f571b6e565

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/809be412660258d031522601249defc5
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: K-l9DjBiQGQTEvMc6y0t30IKjKTTD1WnDcMyyZhltcut8rr9FIR-Yg==
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 107ms
40ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 May 2021 09:48:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: gyx+3Lm9HAcdlfCD2hFrYrtuEjhbvhhDLWl9UEzCq4NwiplOwxvPidffA+ytfTaT2tKKyH3c4F2Ln0qxqcmeDQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Mon, 17 May 2021 09:48:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 63ms
21ms Script
application/javascript 99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:36:45 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 2bjotCu9BxePcDz4HNXCT2ancDhl102D_l7Xltf_S3avod-NSpTqcw==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:295::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:48:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13350
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 13 B
413 B 72ms
21ms Script
application/javascript 13.32.23.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-227.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:27:07 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified: Thu, 05 Sep 2019 14:23:06 GMT
server: AmazonS3
age: 829312
etag: "8e742d11d6b24c401e35f3b516726584"
x-cache: Hit from cloudfront
x-amz-version-id: HcQ7eDLpUO0rOnZ5z49wWPmZsoIBXyGt
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 13
x-amz-cf-id: y4UC28xB9RHy4z4Aw-wZhAjrFYOkM6Cb5m5RNoLOOP6cTy02Ql9-FQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 65ms
19ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 32239
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1621244939.172432,VS0,VE0
x-served-by: cache-hhn11563-HHN

GET
H/1.1 200
OK rep.gif
scomcluster.cxense.com/Repo/ 43 B
469 B 78ms
25ms Image
image/gif 116.202.80.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kosfdl0b8kaf6kdo&sid=1138596144857280556&loc=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&new=1&arf=0&ltm=1621244938907&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kosfdl6cvvw43usb&ckp=kosfdl6fgof0zet7&glb=&wsz=1600x1200
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.80.167 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.167.80.202.116.clients.your-server.de
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=8381435&_u=IEBAAEAAAAAAAC~&z=1090210058

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=8381435&_u=IEBAAEAAAAAAAC~&z=1090210058

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
23 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGDAAEALQAAAAC~&jid=1248619309&gjid=1662937439&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=1325827540.1621244939&_r=1&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&z=309600937

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K98STKR&t=gtm4&cid=747907946.1621244939

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63cdee112c3109a37403c00a61befefcf8bef6da5f1501b34f3e0ea32b0d9b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35085
x-xss-protection: 0
last-modified: Mon, 17 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 May 2021 09:48:59 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 407 KB
128 KB 32ms
23ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb415a1f2a937acd71359821df2bfc6f9a8fa94b8c6424aba62fc2a5cf5e60fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 7
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a393000006058b3da000000001
wn: prod-dash-10-0-114-33
last-modified: Sat, 15 May 2021 14:49:56 GMT
server: cloudflare
etag: W/"416447-1621090196000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 650beee5bd0b0605-FRA
expires: Mon, 17 May 2021 09:53:59 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621244939147&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1621244939147%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621244939147&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621244939147&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQK1VTmNO0CiTwAAAXl5uo5zNwQzK9RhWBUAUksGL3fOCZAck9anSye...

0
156 B

336ms
140ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621244939147&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQK1VTmNO0CiTwAAAXl5uo5zNwQzK9RhWBUAUksGL3fOCZAck9anSye9zq8XYsDo6C8XV7A7
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:00 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: 4Cl6867RfxZQ/CjyxyoAAA==

Redirect headers

date: Mon, 17 May 2021 09:48:59 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621244939147&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQK1VTmNO0CiTwAAAXl5uo5zNwQzK9RhWBUAUksGL3fOCZAck9anSye9zq8XYsDo6C8XV7A7
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: OZ1o367Rfxbwvus1PisAAA==

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 478
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Mon, 17 May 2021 10:31:01 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 648A 25 KB
8 KB 78ms
68ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=450345

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d6d9e3df6c71fd8345ccebc3788e00c56c5c4ef59b4e02f9627f91ba4c487e3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-SN118uJgYIHQGq8Ore74MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-SN118uJgYIHQGq8Ore74MA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=450345
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 17 May 2021 09:48:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-SN118uJgYIHQGq8Ore74MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-SN118uJgYIHQGq8Ore74MA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=215=jh1enmI143_u6uoDWNfqHj9TClcKl_qMR1Su2DzBhU4UWBc0UmiXgH10aJ0F7PvMw0idb0NRlL4zb7BpZGFoQnjaSHsxne3n7dMa-3dHDBRogeHt0nT1xC1oMhrGlg1IdfObZUm9D5pF9Dq1Azutrz43nuSt7_eykEpi_p6mGcU; expires=Tue, 16-Nov-2021 09:48:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 18ms
7ms Other
image/svg+xml 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 2518
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Mon, 17 May 2021 09:57:01 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 51ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=1248619309&gjid=1662937439&_gid=1325827540.1621244939&_u=aGDAAEALQAAAAC~&z=419579233

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 May 2021 09:48:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/ 2 B
58 B 68ms
64ms Fetch
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 343122172743779 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 451ms
451ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/343122172743779?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

37d25577e88f765d4381881685f8439ff40b2dc900012402af750d4c44d1d2d2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: tachrUDbUNheEQx39vcm/3ZX8Pi5Skd2avZ7C2BVatf+eOTzeelblNrH6ziYhki6yVxG7vBTBxjw9KB9ysgdAg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 17 May 2021 09:48:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

HEAD
H2 200 / Show response
www.gazetadopovo.com.br/ 0
352 B 416ms
416ms XHR
text/html 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?&_=1621244938970
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.747907946.1621244939; _gid=GA1.3.1325827540.1621244939; _gat=1; _gcl_au=1.1.20444655.1621244939; cX_S=kosfdl6cvvw43usb; cX_P=kosfdl6fgof0zet7; _gat_UA-23088598-1=1
:path: /?&_=1621244938970
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: HEAD
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:00 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 02:04:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"03274f283673a5b7e0a60936679a0509"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=600
content-type: text/html
x-amz-cf-id: _Wgkw5xC9bgGbpUOX6yyVHuU0dg2jmkNxi59qf48csEAn_CjT9IxwQ==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621244939186&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=http...
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621244939186&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=htt...

64 B
328 B

22ms
22ms

Image
image/gif

99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621244939186&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: AFbn3I1cyGffbKQWOZDoYqM44--GBSiXkmahk3mbpwDOUQq26sPzlg==

Redirect headers

date: Mon, 17 May 2021 09:48:59 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621244939186&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
content-length: 314
x-amz-cf-id: y-XxZAn37ZApP7WPpeIa95p0UUSMjU7ZfnUZortkq5C52ebS64qAgA==

GET
H2 200 adsct
t.co/i/ 43 B
454 B 465ms
131ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 17 May 2021 09:48:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e3cf11485326999a5c022d5d2f12205c9c83c1b17e6dc75f4aafea26eb542821
x-transaction: 85337d17bf20e914
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 29ms
28ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=1248619309&_u=aGDAAEALQAAAAC~&z=959797894

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
37ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=1248619309&_u=aGDAAEALQAAAAC~&z=959797894

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 2 KB
2 KB 120ms
119ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b86b8259535f5ca14aab040c07ec4ad81f71c22b0c75689c53606bd6fafcd77

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a40e000006057ea10000000001
x-request-id: Cnlw8tqq4XY
pragma: no-cache
wn: prod-exp-10-0-119-72
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 650beee67f460605-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
379 B 132ms
129ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d312ff5fe45dca44f6c89d2bded8ae952ba441564b31a58d5282ca75cd1cea8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a4160000060523947000000001
x-request-id: Cnlw8tqaZ0J
pragma
wn: prod-dash-10-0-133-182
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 650beee68f5d0605-FRA
expires: Mon, 17 May 2021 10:08:59 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/?random=1621244939292&cv=9&fst=1621244939292&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d4022b167d58e09cbaab2c9d307c5d7fb6de024a4e80fb727690ba24f9a518e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/ 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/?random=1621244939295&cv=9&fst=1621244939295&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99193dc864a0fceb3c30d4109e2631b1f7ed836a579c71da956fec107a384b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.0fd8b750824023792fba.js Show response
script.hotjar.com/ 220 KB
58 KB 92ms
32ms Script
application/javascript 13.224.95.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0fd8b750824023792fba.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-457089.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.95.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-95-38.zrh50.r.cloudfront.net

Software

Resource Hash

65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 439914
x-cache: Hit from cloudfront
content-length: 59191
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 07:37:04 GMT
etag: "cd11ca1a90eced753504203f173db976"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 9NKrMD-Yy2PHSl0_BPcDqRCKvCfYmzu0ztrkpVum5veR59QL7Lcq9A==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
25 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1049595578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Placar%20Covid%20no%20Paran%C3%A1%20-%20Componente%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALQAAAAC~&jid=1711953491&gjid=1236712228&cid=747907946.1621244939&tid=UA-70198534-1&_gid=1325827540.1621244939&_r=1&_slc=1&cd1=infocoder&cd2=5294&z=1072250693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 flow1 Show response
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ 504 B
871 B 140ms
140ms XHR
application/json 13.224.95.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-54.zrh50.r.cloudfront.net
Software: /
Resource Hash: eacb9f14d3c5e2f2ab578097f285eead47da66ff15836beef4d348b127961e8b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amzn-requestid: 497711d4-aace-4128-97cc-4e136374ff2e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60a23c0b-6862161a5e993d8b1a68e82f;Sampled=1
x-amz-apigw-id: fd5R2EProAMFR6g=
content-length: 504
x-amz-cf-id: _LBFLmbgcaOkcypsxRhy3ZzS6cTTBAhNEYJZSE92paKf29CnbBqdxA==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 216ms
132ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 17 May 2021 09:48:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 34b21be5c207c6db7b639f166db99eb8b5c2497c9334440122d4cafe04c81a9e
x-transaction: 4d45f4d9c5e76234
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ico-arrow-left.svg
assets.gazetadopovo.com.br/images/svg/ 127 B
499 B 15ms
14ms Image
image/svg+xml 2600:9000:2190:1200:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-left.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1200:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:07:46 GMT
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:27 GMT
server: AmazonS3
age: 8815274
etag: "6ae51f29a6cffccc223655e32d23de10"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 127
x-amz-cf-id: MN5Vly4qxxU_dUJHXeJs-jmTa_4SJPNi3UUOildtdxa5xX4Qznv67A==

GET
H2 200 ico-arrow-right.svg
assets.gazetadopovo.com.br/images/svg/ 123 B
497 B 14ms
13ms Image
image/svg+xml 2600:9000:2190:1200:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-right.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1200:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 11:47:20 GMT
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
last-modified: Tue, 30 Mar 2021 21:25:52 GMT
server: AmazonS3
age: 4053700
etag: "360b8c417ef8fc3088f833de9723ae18"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: IY0ZO6ZfmSkafNU2oSzDP-G6HtFBf6v5NETm1K4wMUat8jwFuKcKLQ==

GET
H2 200 / Show response
infograficos.gazetadopovo.com.br/json-google-spreadsheet/ 762 B
1001 B 409ms
370ms Script
application/json 2600:9000:20eb:d800:16:bc5f:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://infograficos.gazetadopovo.com.br/json-google-spreadsheet/?callback=jQuery33107369227896889134_1621244938594&id=1Pn1D6-1SwjcjvVnigSTDUrgGfI3-xub00yvRMkRPIpI&sheet=3&_=1621244938595
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d800:16:bc5f:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ee32e0d94b88ad325fad827eeeab5da184668ef58a131df17f0edfa8fd146525

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json
content-length: 762
x-amz-cf-id: vHrjhYn6bEXBYjZRXGpHPiWsxVK8IIQFsjfWMGm3P1qbD3HKHtm8aw==

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame B147 1 KB
1 KB 68ms
20ms Document
text/html 65.9.69.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-457089.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -sYCyzmrZnaFKhQtyhk2R2wi2nvo526BHV8SmHAUhoyOuMYRN0mZOQ==
age: 4124307

OPTIONS
H2 200 flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame 0
0 222ms
127ms Preflight
application/json 13.224.95.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol: H2
Server: 13.224.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-54.zrh50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 17 May 2021 09:48:59 GMT
x-amzn-requestid: d67d0f53-da35-4693-b0b3-3eb04859838b
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: fd5R0FTVoAMFWUQ=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 8nFRIZRZdh1NjDQl6WzG_tFp7l6UUq3ufjKSfuwdys18KHCggy41_Q==

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-70198534-1&cid=747907946.1621244939&jid=1711953491&gjid=1236712228&_gid=1325827540.1621244939&_u=aGDAAEALQAAAAC~&z=1084752976

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 May 2021 09:48:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame 648A 21 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450345

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 478
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Mon, 17 May 2021 10:31:01 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6P6... Frame 648A 146 KB
52 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6P6eRXtNH-tilX1aBa3EcV30osjA/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb5ff84e63393bb298a05213f488e34cfb5ac638a8b381a7a9e45c39e4100b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 228724
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52628
x-xss-protection: 0
expires: Sat, 14 May 2022 18:16:55 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/854244571/ 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854244571/?random=1621244939292&cv=9&fst=1621242000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=4226197520&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/854244571/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854244571/?random=1621244939292&cv=9&fst=1621242000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=4226197520&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/961891575/ 42 B
64 B 79ms
79ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/961891575/?random=1621244939295&cv=9&fst=1621242000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2988393927&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/961891575/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/961891575/?random=1621244939295&cv=9&fst=1621242000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2988393927&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:48:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 648A 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450345

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 373557
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:02 GMT

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 648A 36 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6P6eRXtNH-tilX1aBa3EcV30osjA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05daf5641860d931d49d2ca3a20ed7783556a7ff7e33ea605d06c90629649d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 19:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 223271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13450
x-xss-protection: 0
expires: Sat, 14 May 2022 19:47:48 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 648A 95 KB
32 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI58Lm0UVMW1gRr-XcZmpfNmZ27tVw/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4217cd168f164b006c464f9f563d9f24c18a700e67b24616aad1d714c0187e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 19:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 223271
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33097
x-xss-protection: 0
expires: Sat, 14 May 2022 19:47:48 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 648A 256 B
225 B 68ms
67ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-8028479140346619973&bl=boq_subscribewithgoogleclientserver_20210513.11_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=42540&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bffa09e2bf4bb3983a321d60fd1b49f787f7957d15d602a4f896ff321d08970f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 648A 46 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI58Lm0UVMW1gRr-XcZmpfNmZ27tVw/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

babf9b4d3f19a5f57d8a37149b7367c713f3104c19fa4ed9efb7622652ecd67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 19:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 223270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17699
x-xss-protection: 0
expires: Sat, 14 May 2022 19:47:49 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 648A 236 B
183 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI58Lm0UVMW1gRr-XcZmpfNmZ27tVw/m=lwddkf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 19:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 223270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Sat, 14 May 2022 19:47:49 GMT

GET
H3-29 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L... Frame 648A 796 B
468 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.X5Lu8PjGzzI.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.EUfhyMeSD5k.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,lwddkf,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI58Lm0UVMW1gRr-XcZmpfNmZ27tVw/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed736d8aba55248a40a9c801b58dbb586b5083d4be20f53269e8b61d677108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 19:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:50:18 GMT
server: sffe
age: 223270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 0
expires: Sat, 14 May 2022 19:47:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
363 B 16ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=PageView&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&if=false&ts=1621244939677&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.2.1621244939675.696742751&it=1621244939169&coo=false&exp=l0&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 17 May 2021 09:48:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 17ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=ViewContent&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&if=false&ts=1621244939680&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.2.1621244939675.696742751&it=1621244939169&coo=false&exp=l0&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 17 May 2021 09:48:59 GMT

POST
H2 200 log Show response
play.google.com/ Frame 648A 131 B
644 B 58ms
40ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 17 May 2021 09:48:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
37ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 17 May 2021 09:48:59 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 09:48:59 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 648A 131 B
154 B 40ms
40ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 17 May 2021 09:48:59 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame 648A 131 B
154 B 40ms
40ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 17 May 2021 09:48:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
37ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 17 May 2021 09:48:59 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 09:48:59 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 648A 131 B
154 B 41ms
41ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 17 May 2021 09:48:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
37ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 17 May 2021 09:48:59 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 09:48:59 GMT
cache-control: private

POST
H2 200 unload
api-v3.tinypass.com/api/v3/page/ 0
0 126ms
119ms Ping
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/page/unload?aid=izBe3CQ7pu&tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQkkLvhnMdQtXn7_XmyWyW5W41DsEJ18TmX1UEl1RPSm1hpLnfvXNi-ku-m9ANigciO7urb9o0nEjVok2Mzb7iYzif62e0KiTLnFvluQL5Yoc_ClXXX7wZd7xhwozNxHCCQ&time_spent=%7B%22active%22%3A0%2C%22total%22%3A0%7D&scroll=%7B%22max_page_height%22%3A7875%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&pageview_id=2021-05-17-11-48-59-263-NyU8vCDVorWjqFtr-b936ad7ebc1e9e7e2afe591d682f915b&visit_id=v-2021-05-17-11-48-59-265-Ffvk7q8gjfAJnC5O-b936ad7ebc1e9e7e2afe591d682f915b
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 6 KB
3 KB 138ms
138ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f715d42b1bcc1bd6262504abc0c0e808023e0cb929cb2fab2b560b89240d2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a62400000605339cf000000001
x-request-id: Cnlw8tqnGJf
pragma: no-cache
wn: prod-exp-10-0-120-229
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 650beee9d8c40605-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 551 B
796 B 152ms
134ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5083f67c67f2aa335f8082f499c67fbf573328d328be985ae01decc85a0bb9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:49:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a6ca0000074ac7963000000001
x-request-id: Colw8tqKvJs
pragma: no-cache
wn: prod-dash-10-0-139-145
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-ray: 650beeeade30074a-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 6B46 6 KB
3 KB 22ms
22ms Document
text/html 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdc090c06f409343babe638f27863b76176043d71e5b3a9075ac19de6e2d58f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Mon, 17 May 2021 09:48:59 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Mon, 17 May 2021 12:48:59 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.001
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-82-160
x-forwarded-https: on
x-request-id: Cfto8tq1RJO
x-xss-protection: 0
cf-cache-status: HIT
age: 10088
cf-request-id: 0a1b53a6c000000605271a7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 650beeeacb780605-FRA
content-encoding: br

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 362ms
292ms Preflight
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 17 May 2021 09:49:00 GMT
x-amzn-requestid: d3487a95-2e19-4fba-96e1-0569c7b9ac59
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fd5R7EqMIAMFcXA=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _q0lZNs5Bvh5IKm53Mik4LlZ54TgI58Gt6uC5_6urNjy9qUPduhf-g==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 323ms
323ms XHR
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: / Express
Resource Hash: d9c07d356d45c00a73d034be2e878d0ba6bef2074b81497af9b50c61aec138e8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:49:00 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
etag: W/"501-U0x/4WoW7aAvUFd+h6nSfUkS/CU"
x-amzn-remapped-content-length: 1281
x-amzn-remapped-date: Mon, 17 May 2021 09:49:00 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fd5R-G3JoAMF8NA=
content-length: 1281
x-amzn-requestid: 5909151f-7502-400e-8d3f-d50e83d3915f
x-amzn-trace-id: Root=1-60a23c0c-6b636221746ff38652213bd5;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: PPcNbS1e80yfZtVmSYTEOsOD79rACRHRsx7jvaX_fSlZutuOlgVxlw==
x-amzn-remapped-connection: close

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 6B46 33 KB
5 KB 25ms
24ms Stylesheet
text/css 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:00 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 5436
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a6da000006052b2ea000000001
wn: prod-dash-10-0-134-202
last-modified: Wed, 12 May 2021 20:48:34 GMT
server: cloudflare
etag: W/"33843-1620852514000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 650beeeafbf30605-FRA
expires: Mon, 17 May 2021 11:49:00 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 6B46 509 KB
143 KB 54ms
53ms Script
text/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.190.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5996062961b290de6f5e449fbcfdc3df354b36605692d9be7e571b91f978e21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1833
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a6da000006053e28e000000001
wn: prod-dash-10-0-133-182
last-modified: Sat, 15 May 2021 14:40:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=602967
x-optimized-by: _sam
cf-ray: 650beeeafbf40605-FRA
expires: Mon, 24 May 2021 09:18:27 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6B46 6 KB
558 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

796b7c426168c17fd0cda987277798ded81c6503a920f1fa4a90b946356ccb6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 May 2021 09:49:00 GMT
server: ESF
date: Mon, 17 May 2021 09:49:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 May 2021 09:49:00 GMT

GET
H2 200 campanha-corrupcao-desktop.jpg
media.gazetadopovo.com.br/2021/05/11094814/ Frame 6B46 220 KB
221 KB 27ms
27ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094814/campanha-corrupcao-desktop.jpg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:21 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:15 GMT
server: AmazonS3
age: 496060
etag: "467c437588df95f88c8134c13e1277e4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 225668
x-amz-cf-id: XH8vsNkjDU_nTxgfWGq_LBpisx6cCqiXeTrXv-xE5yH9n-PG-H7CIw==
expires: Wed, 11 May 2022 12:48:14 GMT

GET
H2 200 campanha-corrupcao-mobile.jpg
media.gazetadopovo.com.br/2021/05/11094813/ Frame 6B46 63 KB
64 KB 7ms
7ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094813/campanha-corrupcao-mobile.jpg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f363bb1263ff140c7a599ac408717e56d801c29238b25bb8506a7a09527408c3

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:24 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:14 GMT
server: AmazonS3
age: 496057
etag: "cdfe63c78eeebb1a915d0428fde4c4b4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 65023
x-amz-cf-id: Z5gHOlXRS4A2rknwV-JGwzTrdOTLiQrY3rZqsJJ1onBA-s0D7BOufQ==
expires: Wed, 11 May 2022 12:48:13 GMT

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/template/ Frame 6B46 53 B
359 B 225ms
225ms XHR
application/json 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/trackShow

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.190.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f662e23645b1b81aaf6eb5901cc9162dc0316b2b48a735c2761493e8ecf1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:49:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a1b53a77a000006057ea70000000001
x-request-id: Colw8tqukzQ
pragma: no-cache
wn: prod-dash-10-0-124-91
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dashboard.piano.io
x-xss-protection: 0
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-ray: 650beeebfe970605-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 16ms
16ms Ping
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary2LkIEaV0s7tkn1T6

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 17 May 2021 09:49:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ Frame 6B46 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 06:10:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
age: 99481
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
expires: Mon, 16 May 2022 06:10:59 GMT

GET
H3-29 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ Frame 6B46 20 KB
20 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 05:41:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
age: 101226
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
expires: Mon, 16 May 2022 05:41:54 GMT

GET
H2 200 campanha-corrupcao-desktop.jpg
media.gazetadopovo.com.br/2021/05/11094814/ Frame 6B46 220 KB
221 KB 10ms
9ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094814/campanha-corrupcao-desktop.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:21 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:15 GMT
server: AmazonS3
age: 496060
etag: "467c437588df95f88c8134c13e1277e4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 225668
x-amz-cf-id: i5qljOi5sKLVZzd1jaHY7hQr8JPl8WIFzswT_ak6zl3Lz47II7H9Cw==
expires: Wed, 11 May 2022 12:48:14 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 291ms
291ms Preflight
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 17 May 2021 09:49:00 GMT
x-amzn-requestid: cb194988-1c4d-464c-ab5f-765151adb350
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fd5R-H_coAMF2mQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: D1fXBSTxgfu7D8e8GfpLioPR4c5W03gldWN9NckRnrjyWK4GbY_Ovw==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 1282ms
1282ms XHR
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 874455da63734b1c14b9573f328c4fd9721727e1e9894e7a6c93a7a0a8bcf3d8

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 May 2021 09:49:01 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
etag: W/"4c2-ttqpaSkNOsDMlEu77DATP9ZA5sU"
x-amzn-remapped-content-length: 1218
x-amzn-remapped-date: Mon, 17 May 2021 09:49:01 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fd5SBHM9IAMFWzQ=
content-length: 1218
x-amzn-requestid: 7fa41971-1048-4ee3-b287-2147512f81a3
x-amzn-trace-id: Root=1-60a23c0c-4c3600286f890e5006774d01;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 4xxn-m3CaIn6ZjKZpC1Ewzv8UpEsgzaY_JHKWeUivY77DKyFCeTR4A==
x-amzn-remapped-connection: close

OPTIONS
H2 200 /
comments.gazetadopovo.com.br/content/count/comments/ Frame 0
0 329ms
293ms Preflight
application/json 2600:9000:20eb:aa00:4:5c96:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%22aa4e0130-b6a5-11eb-bd63-19b90a5dbc9a%22,%22a4873160-b6a3-11eb-bd63-19b90a5dbc9a%22,%22f30a5cd0-b69f-11eb-bd63-19b90a5dbc9a%22,%2261006530-b502-11eb-a0fd-47fc02684014%22,%22ac67f410-b643-11eb-ae64-61796228bba6%22,%2222a3f2f0-b69e-11eb-a7a9-3fde41080c00%22,%22020806d0-b6ad-11eb-ae71-dd0ec085cebd%22,%22a7cc0880-b669-11eb-9df5-1189978eb9e8%22,%22fb8c2660-b67f-11eb-8a66-8b895adc0e56%22,%222f894aa0-b6b3-11eb-bf90-577f1796c39c%22,%226a410bc0-b4ff-11eb-a0fd-47fc02684014%22,%22706ba920-b643-11eb-9e77-a51b60cdde5f%22,%22ed650fd0-b67e-11eb-8a66-8b895adc0e56%22,%2217ec0290-b689-11eb-8a66-8b895adc0e56%22,%222752fb10-b6a9-11eb-828c-95fe44b7dfe4%22,%224c97f8b0-b6a1-11eb-a9a9-410308ff628a%22,%22d00dfc30-b692-11eb-ba23-090df87586fb%22,%22c4ed5260-b692-11eb-ba23-090df87586fb%22,%22415aee30-b4e9-11eb-80a9-d7630b3898f0%22,%22ca8eff50-b5d6-11eb-8e38-ed45966ef44a%22,%229e65fee0-b5d8-11eb-9ae7-81ff5f94a672%22,%223442d490-b351-11eb-9e49-ed09bdae7c6a%22,%22497530d0-b520-11eb-b627-4b8b42c02280%22,%22267908f0-b5b0-11eb-9c64-299ebb0272ff%22,%22719b2560-a829-11ea-8690-b7488a9f0453%22,%22f9b9d020-b4fa-11eb-b497-2b2353b9a2f3%22,%2248ad61b0-b4d8-11eb-893d-bfc914b5ec37%22,%22175cbce0-b673-11eb-aead-f51e255a0241%22,%22dfb53910-b5a1-11eb-925f-352833ccc7ea%22,%222b87e450-b34a-11eb-abee-03f5385d5ff5%22,%2242b9bb30-b7b6-11e9-96d3-6195e13c2fd4%22,%226e8ae520-b428-11eb-875b-7746cbd8ec2f%22,%227f93bc80-b3f5-11eb-bfa9-6d75d86756d2%22,%22b0a61680-b420-11eb-84fb-6f574c5dc335%22,%2232608ea0-b262-11eb-9664-8bedfda48389%22,%226597b8c0-b41f-11eb-8d21-55e545bfcd50%22,%22731cc630-b360-11eb-a21b-751ed1246604%22,%22a40845a0-b33b-11eb-8284-272359f31f7c%22,%224d353180-b31c-11eb-b2f2-a9b0dc1a9d89%22]
Protocol: H2
Server: 2600:9000:20eb:aa00:4:5c96:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 17 May 2021 09:49:02 GMT
x-amzn-requestid: 2fc5d8d0-85f0-400f-9b66-0bdeb8504ec5
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token
x-amz-apigw-id: fd5SPFl0IAMFVmg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront), 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1 FRA2-C1
x-cache: Miss from cloudfront
x-amz-cf-id: dUyNXA9mHfzXBxoaIFk8DbRGgDQ5l-8aybEADoViOLoe44ahIj58FQ==

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 289ms
288ms Preflight
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 17 May 2021 09:49:02 GMT
x-amzn-requestid: 93336368-7225-4193-8a7b-c57722974b8e
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fd5SPH7dIAMF-vA=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tpE7LyyGPbMOIWmVgiS20Xa4spMfWtDDCcj6nJYvNRbKp-s5-T_zdg==

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 114ms
114ms Preflight
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 17 May 2021 09:49:02 GMT
x-amzn-requestid: 5163a1e9-704f-4fdf-bb7f-94800997f5e2
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fd5SNHkcIAMFg_g=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: sDraplQsr4-Qug4qXJC3guQk2DFjqtTXH820DlwSUWmynD0ePxQFPg==

OPTIONS
H2 200 /
www.semprefamilia.com.br/cookie-exchanger/ Frame 0
0 127ms
127ms Preflight
application/json 2600:9000:2156:a00:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:2156:a00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Mon, 17 May 2021 09:49:02 GMT
x-amzn-requestid: 5a2a1f25-2039-45fa-bd09-9ab8c7544e82
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fd5SNGGkIAMF8PQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront), 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2 FRA50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 5cQsyf33emVOg2yFiqItxmgvNchNgYHxmJFi4vdRjbXqAtN_uEi0Mg==

OPTIONS
H2 200 /
www.umdoisesportes.com.br/cookie-exchanger/ Frame 0
0 361ms
312ms Preflight
application/json 2600:9000:2156:dc00:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:2156:dc00:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Mon, 17 May 2021 09:49:02 GMT
x-amzn-requestid: 16f753ad-26ee-44b4-b73c-367865e4d1ff
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fd5SQF5ZoAMFoCQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront), 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2 FRA50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: w-QyNg2TMOh8s1uP0X6ifc8KQihu2_mc0hBHTKHryq08FUVHSv7mNQ==

GET
H2 200 stf-segunda-vaga-favoritos-de-bolsonaro.json Show response
json.gazetadopovo.com.br/republica/ 30 KB
8 KB 504ms
428ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/stf-segunda-vaga-favoritos-de-bolsonaro.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0749e4706a4ed8d4ce6e310fe140f2922370a706119598869e99a89a75364a7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"99ab1f8ea2126a9309700ba66c7aa261"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 00:20:42 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: dIzEuZRuVTQM39jt5N3mqJal1LDYAkjAJuQghq0DoabMiJY7TvMb4g==

GET
H2 200 eua-beneficios-generosos-do-governo-biden-estao-gerando-escassez-de-mao-de-obra.json Show response
json.gazetadopovo.com.br/mundo/ 15 KB
4 KB 534ms
459ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/eua-beneficios-generosos-do-governo-biden-estao-gerando-escassez-de-mao-de-obra.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ed47760d70876001cbfa06fc278db790b9aaca51d41c0ee9082ff7c15952aef

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8722a12d29a8e86e1d181efe6fe0c63c"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 00:06:11 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: AtnspgfNXUyk9Ku48ZvDbamPXUUQiXk_tPu_fUhcKTtfCYtLUT-AKQ==

GET
H2 200 diretriz-para-uso-de-mascaras-nos-eua-causa-confusao-e-autoridades-reagem.json Show response
json.gazetadopovo.com.br/mundo/ 19 KB
4 KB 507ms
433ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/diretriz-para-uso-de-mascaras-nos-eua-causa-confusao-e-autoridades-reagem.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10b80e7cd4c70895709c9987f8fc05b10a23ea7d1c310c0aa9cf9a8c4ce8b8b6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f7d91a85d26c01be576e3c879a0682f3"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 21:24:34 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: b_YTfchhq5PG7JkXBxEEfM_UXQOsgPaDkjsFs50C4KBazmiXS_87Pw==

GET
H2 200 reconhecimento-facial-seguranca-riscos-privacidade.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/ 40 KB
8 KB 536ms
461ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/reconhecimento-facial-seguranca-riscos-privacidade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ae377b8bdf7546bbb874c993d05a03a50732b1bf536977d3e2a4e8ce6ca107e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"97d1fccc2802ee38709525705cb4a2bf"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 00:10:54 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 1Q_r66TlqBqD-d5hpeEOTjAk5xpXKbcLYYlGNlQtsAZhva7myXUEQA==

GET
H2 200 bolsonaro-inaugura-obras-onde-investiu-pouco-de-olho-na-reeleicao.json Show response
json.gazetadopovo.com.br/vozes/lucio-vaz/ 85 KB
12 KB 506ms
432ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/lucio-vaz/bolsonaro-inaugura-obras-onde-investiu-pouco-de-olho-na-reeleicao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b402ea09c47684e968844d25765e75122ceb28a148a918ad8173a4386e457b45

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e781075fbcde96dfcd7f812d8e5fc939"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 00:23:29 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: gbB0PjhE69XQLeJyzcKf0L_wdUW7jy_SV5L-nwZKT0zw3W9D1y3DPQ==

GET
H2 200 licoes-da-crise-de-2008-para-os-tempos-atuais.json Show response
json.gazetadopovo.com.br/opiniao/editoriais/ 29 KB
7 KB 523ms
450ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/opiniao/editoriais/licoes-da-crise-de-2008-para-os-tempos-atuais.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b44615c2824104d4b0d7ee790e7885b01f358ca4dde5f9cc08368e7ec44dbd8b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d6bf0e20360547e496bf40ec199a743f"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 12:39:14 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: SFi3YAyf5FuvcrhSDCYfDTpozLUS5MsmSf24hymUTWjACoj_nnL2Ng==

GET
H2 200 como-sites-de-pornografia-lucram-com-videos-de-estupro-e-abuso-sexual.json Show response
json.gazetadopovo.com.br/ideias/ 26 KB
8 KB 527ms
454ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/como-sites-de-pornografia-lucram-com-videos-de-estupro-e-abuso-sexual.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5411989b1746e8c4b81729c53524d51809e45aed3582994ffc12a32ade34dab4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"69bc8b51123ad6cd5ba781c28d22953c"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 23:26:49 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: -K6Ov9AflInqH4qH8rBhWVuAd0T28W5WTJR0a1j3E0rLeiUTq9G6Cw==

GET
H2 200 e-fera-em-redacao-nao-perca-o-concurso-de-bolsas-do-unicuritiba.json Show response
json.gazetadopovo.com.br/conteudo-publicitario/unicuritiba/ 107 KB
14 KB 560ms
487ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/conteudo-publicitario/unicuritiba/e-fera-em-redacao-nao-perca-o-concurso-de-bolsas-do-unicuritiba.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55c20d89f544ecba9fea9b9dda341190f8a9206d80ea17713e0ad0ec30242a81

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5009bbd4b0d5a4e4456fe093e9075ade"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 19:29:47 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: HBbGpwiAUBwLBYtxT--xsYM9DRUHMALVaj7oBd76PbsrJDR9EMo7Yg==

GET
H2 200 bolsonaro-recebe-forte-apoio-em-manifestacao.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 64 KB
9 KB 549ms
477ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/bolsonaro-recebe-forte-apoio-em-manifestacao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1aa06ae23b06fce6970d6c8806b11dbeaabe036ea40a0df4e285747137be114

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"27eb01b0dd3ae8aa501895e137a768a4"
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 01:30:25 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: aBB91uTJU8IV04SNtMlhaRU5CB8-nFSEWVSHTj5aEZSkfo9vFhQcHg==

GET
H2 200 bolsonaro-recebe-forte-apoio-em-manifestacao.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 64 KB
9 KB 547ms
476ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/bolsonaro-recebe-forte-apoio-em-manifestacao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1aa06ae23b06fce6970d6c8806b11dbeaabe036ea40a0df4e285747137be114

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"27eb01b0dd3ae8aa501895e137a768a4"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 01:30:25 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ui1Hs06V23d8k-mft2ZeXK0edIDa-I9ZFvTtGwVPz4OErnpFk5uJVA==

GET
H2 200 morte-de-bruno-covas-odio-politico.json Show response
json.gazetadopovo.com.br/vozes/diogo-schelp/ 64 KB
9 KB 539ms
468ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/diogo-schelp/morte-de-bruno-covas-odio-politico.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d9513f328a32e8228fb91dcfd1aba8668faa83864292fee0c9f8cd0dfe736f1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"11546dbbd6d3264b8c25e75a238c257d"
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 17:13:57 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: xCT1vC2HF28lHi7xpDzautdR0KEogZH8t1BOOsU1ugfEKv7QW-xo1Q==

GET
H2 200 morte-de-bruno-covas-odio-politico.json Show response
json.gazetadopovo.com.br/vozes/diogo-schelp/ 64 KB
9 KB 536ms
466ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/diogo-schelp/morte-de-bruno-covas-odio-politico.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d9513f328a32e8228fb91dcfd1aba8668faa83864292fee0c9f8cd0dfe736f1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"11546dbbd6d3264b8c25e75a238c257d"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 17:13:57 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: r7js4Hvw2K_gKAwWkIVW5jywe3_GDdXcgFVt38VW6yq3YrN2kzz9oQ==

GET
H2 200 thais-possati-de-souza.json Show response
json.gazetadopovo.com.br/vozes/guilherme-fiuza/ 62 KB
9 KB 503ms
433ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-fiuza/thais-possati-de-souza.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cfa8ee7bbc328e0f87bcb927046f16b786b9aba3c37d8ce90db6a85d53b1499

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"0e07eb5598e43eb06d4eb8c379b2a787"
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 19:31:12 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 8m9nG8FW98E2kRdNqvIDsiObtb7IOEZejX-qETFMLL-8AG1zvzaFRQ==

GET
H2 200 thais-possati-de-souza.json Show response
json.gazetadopovo.com.br/vozes/guilherme-fiuza/ 62 KB
9 KB 502ms
433ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-fiuza/thais-possati-de-souza.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cfa8ee7bbc328e0f87bcb927046f16b786b9aba3c37d8ce90db6a85d53b1499

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"0e07eb5598e43eb06d4eb8c379b2a787"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 19:31:12 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Cbstd43IneUNZrBrlxVhAdPZjYxcJINiAee-R8lLuZTK-7hPdZKBKA==

GET
H2 200 eleicoes-nos-eua.json Show response
json.gazetadopovo.com.br/vozes/certas-palavras/ 88 KB
12 KB 510ms
441ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/certas-palavras/eleicoes-nos-eua.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 454d9a238471322bc380398bd2c0f1ee52bcb0846671eb87669db893aa6dccb9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"df2c085000d0bdfc5be83e3b6a613482"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 00:45:12 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: tCgSmtvf-eUfAxlqMKyyW_MsKXKyYwGrZnDRTbZs9djNRU5gJdkixQ==

GET
H2 200 eleicoes-nos-eua.json Show response
json.gazetadopovo.com.br/vozes/certas-palavras/ 88 KB
12 KB 512ms
443ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/certas-palavras/eleicoes-nos-eua.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 454d9a238471322bc380398bd2c0f1ee52bcb0846671eb87669db893aa6dccb9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"df2c085000d0bdfc5be83e3b6a613482"
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 00:45:12 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: j1E6uYfSMVLV7Qo-Vj0qedJDeL3NDW006iSm8dhUqwV5vG_vXnr1Ig==

GET
H2 200 cronica-roberto-gomes-escritor-catarinense.json Show response
json.gazetadopovo.com.br/vozes/jose-carlos-fernandes/ 71 KB
10 KB 523ms
455ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/jose-carlos-fernandes/cronica-roberto-gomes-escritor-catarinense.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fe89f2808067c83efad60379d2073b419ebcfdcffe5a87b7738a4530a11694f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d5f6ca54cbefeb7b93b7cbb50fe0deb5"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 16:22:49 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: jPCXIafWeUecrJbO3JMYKYfyx6e0Hv3crqABe9YppQ2T2I43uNilvw==

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/jose-carlos-fernandes/cronica-roberto-gomes-escritor-catarinense.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fe89f2808067c83efad60379d2073b419ebcfdcffe5a87b7738a4530a11694f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d5f6ca54cbefeb7b93b7cbb50fe0deb5"
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 16:22:49 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 6Ifqu1Jo2cnMOdiWFo4OFBsMLXJg1zr0Jonph0LIosndYr5QDGWQyA==

GET bruno-covas-gol-de-alisson-poder-futebol.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/ 0
0

GET
H2 200 para-garantir-palanque-a-lula-pt-abre-mao-de-candidaturas-nos-estados.json Show response
json.gazetadopovo.com.br/republica/ 25 KB
7 KB 608ms
542ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/para-garantir-palanque-a-lula-pt-abre-mao-de-candidaturas-nos-estados.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75357fd177a0be860b0bae619682348a1b9bde0f8e2ed53fb68f44fdd3a33438

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5177a8d0c220b4f3e830bcbb1f22e407"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 19:50:56 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Zehv6jwzVM0OPYcxwS5NVfCxpyeZuUwAGjvifyOYWNNs3zLcKtPVMA==

GET
H2 200 para-eduardo-cunha-prisao-de-lula-foi-um-absurdo.json Show response
json.gazetadopovo.com.br/republica/breves/ 18 KB
4 KB 511ms
445ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/para-eduardo-cunha-prisao-de-lula-foi-um-absurdo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2fc4ccb49d836c5fc553e1cd0c8ab322763403a621cc41d62c8c49e0629d7aa

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1eac0bcff5936d91d8822ae05b64a7ad"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 22:57:59 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Dr1k-Eq9Ydkgjgp2LxVAqc0BGu2MIw3JCKEesPqky6BS-e1mv568IA==

GET
H2 200 apelos-da-onu-nao-surtem-efeito-confronto-entre-israelenses-e-palestinos-tem-dia-sangrento.json Show response
json.gazetadopovo.com.br/mundo/breves/ 14 KB
4 KB 495ms
430ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/breves/apelos-da-onu-nao-surtem-efeito-confronto-entre-israelenses-e-palestinos-tem-dia-sangrento.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0750c4816a8230fac694d697f8dc196f18cf78cbff36305e79ac26f128589be

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4a660464d806761debe1d3651cec8028"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 02:07:34 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: rP1doiOMB2NsYLR5ESOEmTV1sxVN0J9rcjg0-78gEoIeMj7G6f3IGA==

GET
H2 200 graos-preco-dispara-prejudica-producao-aves-suinos.json Show response
json.gazetadopovo.com.br/parana/ 18 KB
4 KB 484ms
419ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/graos-preco-dispara-prejudica-producao-aves-suinos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1ec86e80800e0f07b3fab9e773187c49e3f84ddebd25d18f7f815681777b789

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"78c948290903e00b4709890afb47c06c"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:58:04 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Ou2sNBF1Ea84OXTkh5P3My8wmdl4yAOpth3D2n0xKx6ZagUXiMiIqg==

GET
H2 200 processos-pedagio.json Show response
json.gazetadopovo.com.br/vozes/roger-pereira/ 64 KB
9 KB 533ms
469ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/roger-pereira/processos-pedagio.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e94c2cf548a037e03ab1abcba630c88913ea3f30405220d9775f141258da930

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b76a0e34d4647425f6f9931c09b1d8a1"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 12:37:32 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: rfQzaG2NrcCm9y1z7MQGhYm87MW18Mbe9tIU_yphK9kmjDWjKRqnDg==

GET
H2 200 boletim-coronavirus-parana-16-05-21.json Show response
json.gazetadopovo.com.br/parana/breves/ 15 KB
4 KB 504ms
441ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/breves/boletim-coronavirus-parana-16-05-21.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f15c359d8e7e5831725c38fd397e6e065fccd867dc06dab8d92ea86ebc145880

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8ff02f06e674244f116ab5569f86ab3e"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 19:43:21 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: AwC4uMLpQRrRV3SB_AK0Ymf1MoARGT3OOHWFuYr2Z5uvlGTtHme90Q==

GET
H2 200 policia-busca-serial-killer-pr-e-sc.json Show response
json.gazetadopovo.com.br/parana/breves/ 19 KB
4 KB 492ms
429ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/breves/policia-busca-serial-killer-pr-e-sc.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36d0b988fad57022324f75a6441b77cbf9f687684931fb7282314095d4128cb7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c735aa59c55fabef77edf0da782b8b70"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 20:56:08 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: EmFmWLjGeRcMoGuRHKqRaAmWLhl2XUAsuuHpLvBunhPOv9Y91Ez4uw==

GET
H2 200 resgate-helicoptero-morro-anhangava.json Show response
json.gazetadopovo.com.br/curitiba/breves/ 14 KB
3 KB 538ms
475ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/curitiba/breves/resgate-helicoptero-morro-anhangava.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72f7fa735adb621da15971f352ba8705481069dfd2452605e05f4069092b877b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9dbc954d28a1d524e059d9baabd8798b"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 01:01:44 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: zpOdhP2GKLFkaIjSPYay55DNRfneDDoQMUfpttrrxli-2Tc14KkbZw==

GET
H2 200 conheca-os-tipos-mais-comuns-e-como-evitar-lesoes-esportivas.json Show response
json.gazetadopovo.com.br/conteudo-publicitario/hospital-pilar/ 106 KB
16 KB 541ms
479ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/conteudo-publicitario/hospital-pilar/conheca-os-tipos-mais-comuns-e-como-evitar-lesoes-esportivas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbb7819eb1a1340b98e4ae2a29524afc8ee1aabb87791f985655298971e0b21b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"37e922b4fdfa52d8827195e89f070de9"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 05 May 2021 17:45:22 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: tY4sRvNhspQOlqr2SEGTWLcONb7ceVTbxaUS9BBSjFNIKlrdxCaMVw==

GET follador-admite-eliminacao-vergonhosa-do-coritiba-aceita-criticas-e-fala-em-corrigir-rota.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/ 0
0

GET parana-x-athletico-paranaense-2921-onde-assistir-escalacoes-noticias.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/parana-clube/ 0
0

GET tres-jogos-quartas-paranaense-interior.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/campeonatos/paranaense/ 0
0

GET
H2 200 morte-paulo-affonso-grotzner-aos-95-anos.json Show response
json.gazetadopovo.com.br/parana/ 25 KB
6 KB 533ms
473ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/morte-paulo-affonso-grotzner-aos-95-anos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b46989efe6f677f60e6910de647de787ea36f57517abf351de67f89f9dc9ba84

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1c88b5a64272457a24ba7f993424b23b"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:19:27 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: l7vtm4n5jpMoIgzWKonoQ9zD3IyGoVFbyPTVPRppm_DWne3pdqYLvQ==

GET
H2 200 lava-jato-frente-congresso-mobilizacao-contra-corrupcao.json Show response
json.gazetadopovo.com.br/republica/ 28 KB
8 KB 525ms
465ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lava-jato-frente-congresso-mobilizacao-contra-corrupcao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 260f5169d3ec2afa29bc51f1347e56b0346aff042efba4ef58f919d1d5010e58

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"02fc310d77d2f3f154cd0baa41a53fac"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 13:13:20 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 5ABbv_edAGU0zao2ZTlrByUIRAEtNUvz6YAE-w4g4H0q1J4diS9kEA==

GET
H2 200 carta-science-narrativa-origem-covid-teoria-vazamento-laboratorio.json Show response
json.gazetadopovo.com.br/mundo/ 34 KB
7 KB 597ms
538ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/carta-science-narrativa-origem-covid-teoria-vazamento-laboratorio.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afddb6162cf876aa5b7f7824c3815df516b449fe43599a38284a13205b9e9945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"257f935758d8d127352db9f2d7d816c6"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 13:04:12 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QWyK5ByDAdwakJWYNSdRoN3AvCrzi-VRcw8DtZLXMzKVcXdSnAYKmg==

GET
H2 200 as-fraudes-milionarias-no-mundo-dos-vinhos.json Show response
json.gazetadopovo.com.br/vozes/notas-baquicas/ 76 KB
10 KB 523ms
464ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/notas-baquicas/as-fraudes-milionarias-no-mundo-dos-vinhos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daab4d839ebb17136ea284ef731da4edc5d43196a2426ce0b54993a571829dce

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"919837e63d75d06e86011de15b38eb6f"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 18:38:31 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: gykJIWfO0JXQpE6xoMaL8k4jfrS6TGPdn4imMAQbEcdwmcCWNEDA5Q==

GET
H2 200 nosso-luto-seletivo.json Show response
json.gazetadopovo.com.br/opiniao/artigos/ 25 KB
6 KB 502ms
444ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/opiniao/artigos/nosso-luto-seletivo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 372694fc771ab17fa97cee300de1f8a0f6daf776a801c4f06ae247b4a029fa55

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"59f008ac407815df7f54c769589772eb"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 01:53:23 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: TvE8HMfaraj_3LHOMEMOHJ5Mniag6Em985Cm8-hU6VL0Obipxsijag==

GET
H2 200 o-papo-e-26-a-cpi-da-covid-e-um-palanque-para-2022.json Show response
json.gazetadopovo.com.br/ideias/ 12 KB
3 KB 521ms
463ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/o-papo-e-26-a-cpi-da-covid-e-um-palanque-para-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1804ab7f6b042a6d9119277c61a7eaf3b9f3bb557e671327e41f91c877403231

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"72d05196576dae279b405134adc04c0e"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 19:05:38 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: vGU-xPXypE4wUvOVGprn8ylzINRcOBaBgckoqy0Lmi2toOmTiSsUmQ==

GET
H2 200 classico-nada-e-para-sempre-oferece-oportunidade-de-contemplacao.json Show response
json.gazetadopovo.com.br/ideias/ 17 KB
5 KB 557ms
500ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/classico-nada-e-para-sempre-oferece-oportunidade-de-contemplacao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd8c8c0ff19c7335a9b34a9fab5afcbcd2cdbb6d877af2c45f143ae077d33df4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5250dece9a745331c3ab5e9535205ba7"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 06 Jun 2020 19:11:13 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: aPgg5Nl4KT56dxrwjgY5CQd_6pa-9bcy6HmJETfSwlkLHCWSu9OobQ==

GET
H2 200 que-fim-levou-jose-geraldo-vieira.json Show response
json.gazetadopovo.com.br/ideias/ 25 KB
9 KB 519ms
462ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/que-fim-levou-jose-geraldo-vieira.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 898e426c0d1434a9d1fb208183fb15a3de3901e461ad8c5703d244882534c7e3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b940d542100589d33b0233290224480b"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:54:22 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: o3E6lbKPcDjs0wwv0mG9dkfhZjiJa8TruKsDG1JxVZ2x6JhCi_Mk7w==

GET
H2 200 corrupcao-felicidade.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 64 KB
10 KB 528ms
471ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/corrupcao-felicidade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a5e3e9baab3ea602b9382fa4aab3b061d77b2604006c72813282b281ae99d2e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9f36fcaf6c67fb23dcc2242acf8f6663"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:47:21 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 7k6yE-aMoMntR7Jxg8deWBgLbA-EluG5ABmFeCyGxqBJJ9qorL1NzQ==

GET
H2 200 elas-trocaram-festa-de-formatura-por-trabalho-voluntario-e-hoje-auxiliam-70-mil-pessoas-compaixao-internacional.json Show response
www.semprefamilia.com.br/json/virtudes-e-valores/ 19 KB
20 KB 425ms
400ms XHR
application/json 2600:9000:2156:a00:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/virtudes-e-valores/elas-trocaram-festa-de-formatura-por-trabalho-voluntario-e-hoje-auxiliam-70-mil-pessoas-compaixao-internacional.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2800e16d65493613d8ace6e0b8ed53877c7ac7d038fd1a78117f3778cdc27d86

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 19553
last-modified: Sun, 16 May 2021 18:18:38 GMT
server: AmazonS3
etag: "22dce81314211437a42300cf7632675a"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: Lb8-Y33g89QuM6A0DCoPOVz41I2D7JUXeNLREgUYwtZ9SUImVEbf4A==

GET
H2 200 uma-infancia-cercada-de-carinho-e-a-chave-para-um-casamento-duradouro.json Show response
www.semprefamilia.com.br/json/ 10 KB
10 KB 442ms
418ms XHR
application/json 2600:9000:2156:a00:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/uma-infancia-cercada-de-carinho-e-a-chave-para-um-casamento-duradouro.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4083aa0dd380a5939e813fea913a50fb1d5402cfc89fbd3316799bae34cc5e6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 10112
last-modified: Mon, 16 Dec 2019 04:44:14 GMT
server: AmazonS3
etag: "36c2858681f294e6669b56ebf981e532"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: pRqxqcVH5Qh1IHAA-sE99lcZQoVPjwl7TQN5vbDm6qmoGQ6GAezFCg==

GET
H2 200 filhos-de-pais-alergicos-terao-alergia-veja-mitos-e-verdades-sobre-o-tema.json Show response
www.semprefamilia.com.br/json/saude/ 27 KB
27 KB 441ms
418ms XHR
application/json 2600:9000:2156:a00:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/filhos-de-pais-alergicos-terao-alergia-veja-mitos-e-verdades-sobre-o-tema.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c4dc3ebff73ec456fba2022af98851c463a45f1eb090dd9b02ec234bae39408

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 27138
last-modified: Sat, 15 May 2021 17:21:02 GMT
server: AmazonS3
etag: "53ca384b4a510359b966cde7a008eccb"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: ieae0DN1nCLW6Ail7s8wiboHqChN9wciy_iLXxsz1Az87jArqR9FXg==

GET
H2 200 e-tempo-de-fazer-geleia-de-laranja.json Show response
json.gazetadopovo.com.br/vozes/vosso-blog-de-comida/ 77 KB
10 KB 509ms
456ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/vosso-blog-de-comida/e-tempo-de-fazer-geleia-de-laranja.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5f899be7fac4078a0488684439d1224652ca9123fc8adae8d7718933e5dd873

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"dd4d2ce8e39503c9300405b7a4c53430"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 22:28:42 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Tva3HZxx8qZFWbV5rLCfyfYOmSCY8EyWNRwwePCxeVTUF0fZC67ZNw==

GET
H2 200 nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade.json Show response
www.semprefamilia.com.br/json/saude/ 20 KB
21 KB 433ms
411ms XHR
application/json 2600:9000:2156:a00:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d6fe15fe35d33f37ea9711b85b071960d8aff36e275f19b4c2463143a1715cc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-length: 20873
last-modified: Fri, 14 May 2021 12:27:45 GMT
server: AmazonS3
etag: "525fcfaaa899b04395aa1c8da3c52a5f"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: G-9_6-9QYxPnNVTgC0xMNel6e9-y3scCyvbjySd14b6RWjaGKs8pwg==

GET
H2 200 lava-jato-maos-limpas.json Show response
json.gazetadopovo.com.br/republica/ 19 KB
5 KB 518ms
465ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lava-jato-maos-limpas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47bb2760890a290ad550e791686a1d9648d2e398eb8342869819bbf68c3ae458

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3f4eb87506ca1625f91c4b76a023d6af"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 18:16:06 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: u2T_s8UD5GyVHnEDSxhrFTQY6X9MgSZuOkuC1T-lsF6V3PrNoUKhCw==

GET
H2 200 ideias-198-era-das-trevas-a-verdadeira-historia-da-iluminada-idade-media.json Show response
json.gazetadopovo.com.br/ideias/ 14 KB
3 KB 522ms
470ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/ideias-198-era-das-trevas-a-verdadeira-historia-da-iluminada-idade-media.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7f3f11c7dc946d768710ef63ab41344d69f8112d19123c346d3f56fcc95e1b5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"794a24fe1498df04f2ed24e07c3f9021"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:18:52 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: tMY-YsNy1lLAnxpPqhgJBobRyt1lxaU-f7HZVSXRIrGmXs_229EiKg==

GET
H2 200 lava-jato-stf-congresso-contra-ataque.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 498ms
446ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lava-jato-stf-congresso-contra-ataque.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acd98206b576b8f71d5f658eba383fe662814156290ab60c56f9e63935df618f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1396c90ebbe44657c5740335cb7e4f46"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 14:14:16 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: bYAHL4OVxXLC7MpjrsEfcq_ak3C2xcsCiEmqRTQ_05KpwMErzR5jKw==

GET
H2 200 quarentena-cult-50-o-tigre-branco-mostra-a-ascensao-financeira-num-mundo-sem-moral.json Show response
json.gazetadopovo.com.br/ideias/ 14 KB
3 KB 510ms
459ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/quarentena-cult-50-o-tigre-branco-mostra-a-ascensao-financeira-num-mundo-sem-moral.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6437fefcd5a8ed1fc150bcb0cb5beeea3dc6346a68b2bcb773a6efe0ca95265a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c7d11cf5ec1546c6c778ce99d60e4ea8"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:28:49 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: jKzcFRFj4xtVwRGWlpypNeoEX3byTCnlA2YkTglv08RJ_OMMkdY6QA==

GET
H2 200 lula-lava-jato-operacao-historia.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 520ms
469ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lula-lava-jato-operacao-historia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10ebb3e0760ada317a54cba370a08d133552db2caee5b7e6acf4f52a641eecc1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"7948ed8bdcb7e206658bc677bbb05c5a"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 19:33:25 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Sv0RmMtEwt2U4RNDbgXSrUufyZwLH_LLRy0Ho6L9tgPu0SdyUBEvJA==

GET
H2 200 produzir-insumos-para-vacina-contra-a-covid-19.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 514ms
464ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/produzir-insumos-para-vacina-contra-a-covid-19.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c45936acb85087e8a5ae92fc4ebc184e7d08ed6227541427a3bb62caa9b2922

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4ebf1d9173ac9dbe78f7507f160db0c1"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:14:11 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: w5Gh-N4FHieZOMJ8u5_X-bbw9gFe2H67JwQioaemZ0dKB8tMcwvxew==

GET
H2 200 defesa-da-vida-jovens-se-unem-para-salvar-bebes-da-cultura-do-aborto.json Show response
json.gazetadopovo.com.br/vozes/cristina-graeml/ 78 KB
13 KB 495ms
446ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cristina-graeml/defesa-da-vida-jovens-se-unem-para-salvar-bebes-da-cultura-do-aborto.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c616bb9626ceeb878247763ff72103e1ffe8d7c43cf7dc7e7442d3b0d4d0cec4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"dd19cddb437fd23f5f5b9c516c07637e"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:44:51 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 2d7B-uOpxzRiuniciOPE__6-wtwCUNDalx1ehEo-rh6d3Q0MDwvcRA==

GET
H2 200 lula-x-bolsonaro-um-pais-dividido.json Show response
json.gazetadopovo.com.br/vozes/alexandre-borges/ 58 KB
7 KB 813ms
764ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-borges/lula-x-bolsonaro-um-pais-dividido.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6d5c75ef2890b569b6f795bead913ea2b87ee173cfb7547af76d543b1d46757

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9b3e42227f5de16855758ce85d7656d2"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 16:03:51 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: si1nnboJ4n-w6MXvh6XaZ-viHR314hLKCsnG73wNT39TJ-mxnO9Oww==

GET
H2 200 o-que-explica-a-briga-interna-no-mercosul.json Show response
json.gazetadopovo.com.br/republica/ 21 KB
4 KB 523ms
474ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/o-que-explica-a-briga-interna-no-mercosul.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a21525f3b01371cf5cd313f733dee7148a4c0d9fe7126384aed6fa3aeb9b0c29

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"12e437155dac6bd985d95e96df6a4825"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 12:19:31 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: _UA49tcLbf0MiugVRTufTCJ7tOIZO7rHC7Aru7mf1h8xfYZBqFCoYg==

GET
H2 200 para-garantir-palanque-a-lula-pt-abre-mao-de-candidaturas-nos-estados.json Show response
json.gazetadopovo.com.br/republica/ 25 KB
7 KB 591ms
542ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/para-garantir-palanque-a-lula-pt-abre-mao-de-candidaturas-nos-estados.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75357fd177a0be860b0bae619682348a1b9bde0f8e2ed53fb68f44fdd3a33438

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5177a8d0c220b4f3e830bcbb1f22e407"
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 19:50:56 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: sqOQfZTLrPT-L55ZOtU5mL30jUtpmP2RsrIU-abia28IjdHhLSqW6g==

GET
H2 200 pandemia-estrategia-negocios-impacto-empresas-pwc.json Show response
json.gazetadopovo.com.br/economia/ 21 KB
6 KB 516ms
468ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/pandemia-estrategia-negocios-impacto-empresas-pwc.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c6c115c8cb89663ef2f715c1d5112030c1abe8edc74e379e14b5d10d25da762

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"543e2f55d1d554bc6dc255e3798dfd1a"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 20:37:45 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: RmUBuzNZceMh_7vuQDF96s8M6ONRFs-CVsyqxomXdN-9Y0OFhiIj5A==

GET
H2 200 psd-se-afasta-de-bolsonaro-afaga-lula-e-mira-estados-eleicoes-2022.json Show response
json.gazetadopovo.com.br/republica/ 37 KB
8 KB 510ms
463ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/psd-se-afasta-de-bolsonaro-afaga-lula-e-mira-estados-eleicoes-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa5d27ff3927dafe72c819b5f15d21bbf901671d26c07ac9d32da23e31f83e4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"010e76d5e11a991f0f26f0df272a845e"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:26:21 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: OD6E_yJTNo8yZlEeaYp2zT6OtUr2t0m-KNzqqaS6Hp-MNoUfD65zOQ==

GET
H2 200 8-leiloes-setor-saneamento-31-bilhoes-2021-2022.json Show response
json.gazetadopovo.com.br/economia/ 27 KB
7 KB 519ms
472ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/8-leiloes-setor-saneamento-31-bilhoes-2021-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51ebbcc0d1032e80874c0b1445b0a5e091e4706b7d2637e0ebbd315e7d90c718

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c01083234971bd52dbd95edca4736617"
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 23:03:25 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: drnF2VKBidGJWvwigyTvyIIe1K7P4utyzGDNMUxMPT2L2QCr6wfqiw==

GET cxense.json
apps.gazetadopovo.com.br/cxense/ 0
0

GET
H2 200 / Show response
comments.gazetadopovo.com.br/content/count/comments/ 2 KB
2 KB 167ms
166ms XHR
application/json 2600:9000:20eb:aa00:4:5c96:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%22aa4e0130-b6a5-11eb-bd63-19b90a5dbc9a%22,%22a4873160-b6a3-11eb-bd63-19b90a5dbc9a%22,%22f30a5cd0-b69f-11eb-bd63-19b90a5dbc9a%22,%2261006530-b502-11eb-a0fd-47fc02684014%22,%22ac67f410-b643-11eb-ae64-61796228bba6%22,%2222a3f2f0-b69e-11eb-a7a9-3fde41080c00%22,%22020806d0-b6ad-11eb-ae71-dd0ec085cebd%22,%22a7cc0880-b669-11eb-9df5-1189978eb9e8%22,%22fb8c2660-b67f-11eb-8a66-8b895adc0e56%22,%222f894aa0-b6b3-11eb-bf90-577f1796c39c%22,%226a410bc0-b4ff-11eb-a0fd-47fc02684014%22,%22706ba920-b643-11eb-9e77-a51b60cdde5f%22,%22ed650fd0-b67e-11eb-8a66-8b895adc0e56%22,%2217ec0290-b689-11eb-8a66-8b895adc0e56%22,%222752fb10-b6a9-11eb-828c-95fe44b7dfe4%22,%224c97f8b0-b6a1-11eb-a9a9-410308ff628a%22,%22d00dfc30-b692-11eb-ba23-090df87586fb%22,%22c4ed5260-b692-11eb-ba23-090df87586fb%22,%22415aee30-b4e9-11eb-80a9-d7630b3898f0%22,%22ca8eff50-b5d6-11eb-8e38-ed45966ef44a%22,%229e65fee0-b5d8-11eb-9ae7-81ff5f94a672%22,%223442d490-b351-11eb-9e49-ed09bdae7c6a%22,%22497530d0-b520-11eb-b627-4b8b42c02280%22,%22267908f0-b5b0-11eb-9c64-299ebb0272ff%22,%22719b2560-a829-11ea-8690-b7488a9f0453%22,%22f9b9d020-b4fa-11eb-b497-2b2353b9a2f3%22,%2248ad61b0-b4d8-11eb-893d-bfc914b5ec37%22,%22175cbce0-b673-11eb-aead-f51e255a0241%22,%22dfb53910-b5a1-11eb-925f-352833ccc7ea%22,%222b87e450-b34a-11eb-abee-03f5385d5ff5%22,%2242b9bb30-b7b6-11e9-96d3-6195e13c2fd4%22,%226e8ae520-b428-11eb-875b-7746cbd8ec2f%22,%227f93bc80-b3f5-11eb-bfa9-6d75d86756d2%22,%22b0a61680-b420-11eb-84fb-6f574c5dc335%22,%2232608ea0-b262-11eb-9664-8bedfda48389%22,%226597b8c0-b41f-11eb-8d21-55e545bfcd50%22,%22731cc630-b360-11eb-a21b-751ed1246604%22,%22a40845a0-b33b-11eb-8284-272359f31f7c%22,%224d353180-b31c-11eb-b2f2-a9b0dc1a9d89%22]
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:aa00:4:5c96:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 5d2c2790b50659c620892b87ef24b31d182ca68f466698b3ec703feb7695bd97

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront), 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
etag: W/"6fc-4Vx1Mtey2NM1DCRSFME0EHdTyGE"
x-amzn-remapped-content-length: 1788
x-amzn-remapped-date: Mon, 17 May 2021 09:49:02 GMT
x-amz-cf-pop: FRA50-C1, FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fd5SQEvBoAMFeQw=
content-length: 1788
x-amzn-requestid: 03c335ae-19fe-47f1-93fc-a2756b17b43d
x-amzn-trace-id: Root=1-60a23c0e-710014d0671ad3f31fe45f66;Sampled=0
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: -PgnTRXJJDOmp0JAkhrwoG7G2P-e_-5_dV2y_MB1DBXIQqJBPFSSbQ==
x-amzn-remapped-connection: close

GET
H2 200 saiba-agora.json Show response
www.gazetadopovo.com.br/json/ 49 KB
7 KB 409ms
409ms XHR
application/json 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/saiba-agora.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59078f7c727d97970da4b14b4afae140bf681b253721299c6240f41c3a96d5e

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.747907946.1621244939; _gid=GA1.3.1325827540.1621244939; _gat=1; _gcl_au=1.1.20444655.1621244939; cX_S=kosfdl6cvvw43usb; cX_P=kosfdl6fgof0zet7; _gat_UA-23088598-1=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQkkLvhnMdQtXn7_XmyWyW5W41DsEJ18TmX1UEl1RPSm1hpLnfvXNi-ku-m9ANigciO7urb9o0nEjVok2Mzb7iYzif62e0KiTLnFvluQL5Yoc_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=5e64e548-bc10-4439-ac70-c9f5b6deab1f; _hjFirstSeen=1; _fbp=fb.2.1621244939675.696742751; __pvi=%7B%22id%22%3A%22v-2021-05-17-11-48-59-265-Ffvk7q8gjfAJnC5O-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621244939811%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_TKTID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_LOCCT=AMSTERDAM; GPSDK_LOCCY=NETHERLANDS; GPSDK_LOCRG=NOORD-HOLLAND
:path: /json/saiba-agora.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Sun, 16 May 2021 21:32:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"aafaad1905750b8b91c7a736c250e93f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 17 May 2021 09:49:03 GMT
x-amz-cf-id: 5czPuQHDR-C65fhMemPywzRq6oE7oVUwammSkB5dUdLeB_LcMH7KcQ==

GET
H2 200 mais-lidas.json Show response
www.gazetadopovo.com.br/json/ 2 KB
1 KB 386ms
385ms XHR
application/json 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/mais-lidas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dfcfe62e4dbcae51f08c864bc3f128f1a91b2c1e852b91784f79cc366714cca

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.747907946.1621244939; _gid=GA1.3.1325827540.1621244939; _gat=1; _gcl_au=1.1.20444655.1621244939; cX_S=kosfdl6cvvw43usb; cX_P=kosfdl6fgof0zet7; _gat_UA-23088598-1=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQkkLvhnMdQtXn7_XmyWyW5W41DsEJ18TmX1UEl1RPSm1hpLnfvXNi-ku-m9ANigciO7urb9o0nEjVok2Mzb7iYzif62e0KiTLnFvluQL5Yoc_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=5e64e548-bc10-4439-ac70-c9f5b6deab1f; _hjFirstSeen=1; _fbp=fb.2.1621244939675.696742751; __pvi=%7B%22id%22%3A%22v-2021-05-17-11-48-59-265-Ffvk7q8gjfAJnC5O-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621244939811%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_TKTID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_LOCCT=AMSTERDAM; GPSDK_LOCCY=NETHERLANDS; GPSDK_LOCRG=NOORD-HOLLAND
:path: /json/mais-lidas.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 09:34:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"3747df354cbafdf572d2a34da39fb11f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-version-id: null
x-amz-cf-id: hMgTQgjDfImxSg6kIMcpirN1PXa2lnlEuMfvgTGy32qurMG-LT3hNA==

GET
H2 200 config.json Show response
www.gazetadopovo.com.br/json/ 59 KB
7 KB 398ms
398ms XHR
application/json 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/config.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0071c7a900a92904c5b673d2ae6b025d09a732028ebc2929e089628edbd0c64a

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.747907946.1621244939; _gid=GA1.3.1325827540.1621244939; _gat=1; _gcl_au=1.1.20444655.1621244939; cX_S=kosfdl6cvvw43usb; cX_P=kosfdl6fgof0zet7; _gat_UA-23088598-1=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQkkLvhnMdQtXn7_XmyWyW5W41DsEJ18TmX1UEl1RPSm1hpLnfvXNi-ku-m9ANigciO7urb9o0nEjVok2Mzb7iYzif62e0KiTLnFvluQL5Yoc_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=5e64e548-bc10-4439-ac70-c9f5b6deab1f; _hjFirstSeen=1; _fbp=fb.2.1621244939675.696742751; __pvi=%7B%22id%22%3A%22v-2021-05-17-11-48-59-265-Ffvk7q8gjfAJnC5O-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621244939811%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_TKTID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_LOCCT=AMSTERDAM; GPSDK_LOCCY=NETHERLANDS; GPSDK_LOCRG=NOORD-HOLLAND
:path: /json/config.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 13 May 2021 21:13:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"4daeb589c170de247d95656d19bd392a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
date: Mon, 17 May 2021 09:49:03 GMT
x-amz-cf-id: oPfNa0BZRX2rnuLSYOe3prPZ5_kJzC_3_P7T4XYBhbjCrVOHsQ2k7Q==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 506ms
506ms XHR
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: / Express
Resource Hash: bae9ccc711a13248df1c2c3cd0d748b60b92b9b9eeca51b954b3fcd5c29b9601

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
etag: W/"4e4-JjojxWv2vn3xoTz2sFHKND5zYiQ"
x-amzn-remapped-content-length: 1252
x-amzn-remapped-date: Mon, 17 May 2021 09:49:02 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fd5STHYhoAMFwfQ=
content-length: 1252
x-amzn-requestid: 97ac0b2f-0718-4675-b33e-ddba7b60d5d0
x-amzn-trace-id: Root=1-60a23c0e-7e9306d92d2af2f27b8467b6;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 9aqP7S-diSCU7m6yiIu8E2WibdxxmCtnT9kX02zQ0NND9QO7pf9o7Q==
x-amzn-remapped-connection: close

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 509ms
509ms XHR
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: / Express
Resource Hash: ab94e646b27bb07d81c13336cac2a07f186949a2b85538d32c0acd56090bccb6

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
etag: W/"4d8-Sv09LsRsrlOnEp8E1nekQHFDGLw"
x-amzn-remapped-content-length: 1240
x-amzn-remapped-date: Mon, 17 May 2021 09:49:02 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fd5SSGtMoAMF6kg=
content-length: 1240
x-amzn-requestid: 602be992-02cb-457c-abd1-4920b0437602
x-amzn-trace-id: Root=1-60a23c0e-16093dbd08dd41d90c6ef02a;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: RnqawIGxeTUPGj4OTttaus4CqqvOPFbRsURlnsuvndV8bQ_E6B_s2Q==
x-amzn-remapped-connection: close

GET
H2 200 reactions-rank.json Show response
www.gazetadopovo.com.br/json/ 11 KB
3 KB 400ms
399ms XHR
application/json 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/reactions-rank.json?_=1621244938971
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 181399d222fa424d3fd45bf1de934d1c59a0c11e8495532df714e65fb2cd48a4

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.747907946.1621244939; _gid=GA1.3.1325827540.1621244939; _gat=1; _gcl_au=1.1.20444655.1621244939; cX_S=kosfdl6cvvw43usb; cX_P=kosfdl6fgof0zet7; _gat_UA-23088598-1=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQkkLvhnMdQtXn7_XmyWyW5W41DsEJ18TmX1UEl1RPSm1hpLnfvXNi-ku-m9ANigciO7urb9o0nEjVok2Mzb7iYzif62e0KiTLnFvluQL5Yoc_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=5e64e548-bc10-4439-ac70-c9f5b6deab1f; _hjFirstSeen=1; _fbp=fb.2.1621244939675.696742751; __pvi=%7B%22id%22%3A%22v-2021-05-17-11-48-59-265-Ffvk7q8gjfAJnC5O-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621244939811%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_TKTID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_LOCCT=AMSTERDAM; GPSDK_LOCCY=NETHERLANDS; GPSDK_LOCRG=NOORD-HOLLAND
:path: /json/reactions-rank.json?_=1621244938971
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: gzip
last-modified: Mon, 17 May 2021 09:34:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"e7c47eae806823bf8b5fa91018697701"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-version-id: null
x-amz-cf-id: pp80bTKad2pPJFTofUb3hn5B_FCVItCTagrEVtN9emqtJyqnxj1eHg==

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 164 KB
30 KB 43ms
8ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 93c29356b85925ff806adbda076c942a77335fecee4715df51b86f50ba64082d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:00:58 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 19:00:08 GMT
server: marrakesh 1.16.6
age: 2884
etag: c9f18369ec081ccab71eb48cf99e40a5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 30230
x-amz-cf-id: aIUE-EThG6-QIrFeEQ3dLv4Ve37jzVUmuBs8_kB-79Lmlz-lQzP4sA==
expires: Mon, 17 May 2021 10:00:58 GMT

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
457 B 16ms
16ms Image
image/png 2600:9000:2190:1200:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1200:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 8393458
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: 6trQXlIZR2t2AVOHPhovFE5CDN84pT7FsHDYgiTSmX0maKSEIdlPMw==

GET
H2 200 escolha-do-editor.json Show response
www.gazetadopovo.com.br/json/ 52 KB
8 KB 400ms
400ms XHR
application/json 2600:9000:20eb:4000:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/escolha-do-editor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a3a2e63a4ea476dd546a2a0181ab72826f8706dc39649e7488c8e1bc3cba302

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.747907946.1621244939; _gid=GA1.3.1325827540.1621244939; _gat=1; _gcl_au=1.1.20444655.1621244939; cX_S=kosfdl6cvvw43usb; cX_P=kosfdl6fgof0zet7; _gat_UA-23088598-1=1; _gat_trackerInfocoder=1; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQkkLvhnMdQtXn7_XmyWyW5W41DsEJ18TmX1UEl1RPSm1hpLnfvXNi-ku-m9ANigciO7urb9o0nEjVok2Mzb7iYzif62e0KiTLnFvluQL5Yoc_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=5e64e548-bc10-4439-ac70-c9f5b6deab1f; _hjFirstSeen=1; _fbp=fb.2.1621244939675.696742751; __pvi=%7B%22id%22%3A%22v-2021-05-17-11-48-59-265-Ffvk7q8gjfAJnC5O-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621244939811%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_TKTID=us-east-1-1b71fcf0-b6f5-11eb-a92b-cd2eeb8b19d9; GPSDK_LOCCT=AMSTERDAM; GPSDK_LOCCY=NETHERLANDS; GPSDK_LOCRG=NOORD-HOLLAND
:path: /json/escolha-do-editor.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Sun, 16 May 2021 19:53:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"297a63c9cbc6c4a53881d4e5a89e66f5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 17 May 2021 09:49:03 GMT
x-amz-cf-id: yTGJggmoH-XTqwbqRk_Hu0OzuA_W7xRu-v-Aly647Plt1wRy93l8Pg==

POST
H2 200 / Show response
www.semprefamilia.com.br/cookie-exchanger/ 4 B
1 KB 145ms
123ms XHR
application/json 2600:9000:2156:a00:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 2e4a0520ad8fe16707823b20e9441e09.cloudfront.net (CloudFront), 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Mon, 17 May 2021 09:49:02 GMT
x-amz-cf-pop: FRA56-C2, FRA50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fd5SPEFkIAMFWPw=
content-length: 4
x-amzn-requestid: bcb524a8-5e5b-4955-9e25-2537b4c9d8d0
x-amzn-trace-id: Root=1-60a23c0e-142bdc890763a8025524163b;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: e_Eh-i0OGdo7ZSIUUJxL9HZeto_ElMM151HAj2nZeKzRfuCxXQjvqA==
x-amzn-remapped-connection: close

POST
H2 200 / Show response
www.umdoisesportes.com.br/cookie-exchanger/ 4 B
1 KB 152ms
125ms XHR
application/json 2600:9000:2156:dc00:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:dc00:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront), 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Mon, 17 May 2021 09:49:02 GMT
x-amz-cf-pop: FRA56-C2, FRA50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fd5SRH2QoAMFyRw=
content-length: 4
x-amzn-requestid: b9f524e4-391b-4281-8f8b-24bb7af88c81
x-amzn-trace-id: Root=1-60a23c0e-19336f735ae1c7c23473b56f;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: _FQKHsJK7e0nAZH6rfpFVw8nD8NWhYwwvw0URzgYSLtlJlGBINHqKw==
x-amzn-remapped-connection: close

GET
H2 200 kitchen-731351_1920-960x540.jpg
media.gazetadopovo.com.br/2021/05/11173459/ 62 KB
62 KB 16ms
14ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11173459/kitchen-731351_1920-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29e8996ff46f852556196235f26661697666d38fc3fc18677c247bb50551e8c5

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:24:08 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 20:35:00 GMT
server: AmazonS3
age: 30295
etag: "be954e65a471e4c1df9250c2c900ab37"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 63457
x-amz-cf-id: saytgooDtXl2BZ5hvHt_oWaPgHJtgnJEGXZXU-G-ZbH8370Kx0So3g==
expires: Wed, 11 May 2022 20:34:59 GMT

GET
H2 200 reconhecimento-facial-380x214.jpg
media.gazetadopovo.com.br/2021/05/14144908/ 16 KB
16 KB 14ms
13ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14144908/reconhecimento-facial-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c5523295cd638922f03b71df799e2a5b1989d8ac1c418967557b157436d9694

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:48:46 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 17:49:09 GMT
server: AmazonS3
age: 32417
etag: "605e91aeefa9f74917428a06c9b5d80a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16171
x-amz-cf-id: ooMlPysL7Z9WnhQaberVFQhioqR2ReQqwNgGpXFUEsOLU8pANBaACw==
expires: Sat, 14 May 2022 17:49:08 GMT

GET
H2 200 Ramal-do-Sert%C3%A3o-Sert%C3%A2nia-Bolsonaro-960x540.jpg
media.gazetadopovo.com.br/2021/05/14175629/ 109 KB
110 KB 11ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14175629/Ramal-do-Sert%C3%A3o-Sert%C3%A2nia-Bolsonaro-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f882d78fcd4abed9f2242703a5c35226e6b247fbf30dc4d0d6827e036ac4e11d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:24:08 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 20:56:30 GMT
server: AmazonS3
age: 30295
etag: "d011f4c598da0924f371ec6c8929c4b8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 111892
x-amz-cf-id: 88kblQ3omhuk5RYp8bmOHy9BNSv-TrJYLVvARa8-9Hov9qYc6MpABQ==
expires: Sat, 14 May 2022 20:56:29 GMT

GET
H2 200 Lehman-Brothers-Times-Square-David-Shankbone-Wikimedia-Commons-540x540.jpg
media.gazetadopovo.com.br/2021/05/16093619/ 54 KB
54 KB 13ms
11ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16093619/Lehman-Brothers-Times-Square-David-Shankbone-Wikimedia-Commons-540x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4837693f826dc0eced3c87d9684a12ccfb7a3ca55e7d3fa19be0ac1aa7d5cd8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:24:09 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 12:36:20 GMT
server: AmazonS3
age: 30294
etag: "c142469963614d77fa8a56b3596428f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 55282
x-amz-cf-id: CmO3rDmG0Tkz3mCC1fkCfOdHy-6Pcck4eoNUKDfQVkMkRL1jqXT1oQ==
expires: Mon, 16 May 2022 12:36:19 GMT

GET
H2 200 sad-505857_1920-540x540.jpg
media.gazetadopovo.com.br/2021/05/14214445/ 8 KB
8 KB 10ms
9ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14214445/sad-505857_1920-540x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fba63ae813d3cba6ec0d3e1c54cccab7c1b3c6e0f227f8d8ed432e852aa0e272

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:24:09 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sat, 15 May 2021 00:44:46 GMT
server: AmazonS3
age: 30293
etag: "a1e26778d2579366cf606be4d314ad59"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8234
x-amz-cf-id: GwTmpp0hZmtZmp5L1oHDQ1jNLN6OBjnPHkeRXdD4bIrnQUqzbfW9LQ==
expires: Sun, 15 May 2022 00:44:45 GMT

GET
H2 200 UNICURITIBA_VT1_2021.2_GAZETA_DO_POVO-1920x1080px-crop-20210507192346-crop-20210507192451-372x372.jpg
media.gazetadopovo.com.br/2021/05/07162553/ 28 KB
29 KB 15ms
14ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/07162553/UNICURITIBA_VT1_2021.2_GAZETA_DO_POVO-1920x1080px-crop-20210507192346-crop-20210507192451-372x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9987dfa1701bd64d5f011b22ea64934c360dd34b93d99dc9ff9a04267e7e45c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:04:00 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:25:55 GMT
server: AmazonS3
age: 31503
etag: "9cd90376dc8141820eb558ddc121d5f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 28948
x-amz-cf-id: odTH78lMfq5PiFa8gEdZCragQKitbYQoB1GZZ5sFJjnZBQifS03yTQ==
expires: Sat, 07 May 2022 19:25:53 GMT

GET
H/1.1 200
OK geolocalizacao.php Show response
apps.gazetadopovo.com.br/geolocalizacao/ 156 B
735 B 812ms
205ms XHR
application/json 18.229.193.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.gazetadopovo.com.br/geolocalizacao/geolocalizacao.php?inf=cidade
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.229.193.237 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-193-237.sa-east-1.compute.amazonaws.com
Software: Apache/2.4.10 (Amazon) PHP/5.4.37 / PHP/5.4.37
Resource Hash: 25f39ad5b197e5490c5201a3fb0b32a2b1eae179c44f6b97053745ebcd9fa669

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 17 May 2021 09:49:26 GMT
Server: Apache/2.4.10 (Amazon) PHP/5.4.37
Connection: keep-alive
X-Powered-By: PHP/5.4.37
Content-Length: 156
Content-Type: application/json; charset=utf-8

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 58B6 197 B
682 B 63ms
10ms Document
text/html 2600:9000:20eb:9200:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9200:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /mercurio.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 19:37:57 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Mon, 17 May 2021 09:49:02 GMT
expires: Mon, 17 May 2021 09:54:34 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: Hit from cloudfront
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7NKViyFN0bhwqDvN08nbFjRU2qa61jVHbu9lbGL2RKmphvi6TfUCCw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 75ms
27ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

13a050e23eedbb800ab452da997d0d05651f4b0b0829e0031d6ae771fe25f059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "874 / 937 of 1000 / last-modified: 1621244290"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21333
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:02 GMT

GET
H2 200 / Show response
t.dynad.net/script/ 115 KB
31 KB 979ms
387ms Script
text/javascript 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE1 / DynAd.net
Resource Hash: 526af9a6706a02a28c7ca8251a09f89c490bae93be46ee7209c2abdca8ca9d1d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
server: D3-FE1
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Mon, 17 May 2021 09:49:02 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 11ms
11ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:43:44 GMT
content-encoding: gzip
last-modified: Mon, 04 Jan 2021 18:03:18 GMT
server: marrakesh 1.16.6
age: 318
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 5277
x-amz-cf-id: L4TzDBG2RB36kj7CbiB7DqRaGW19gOoXdpC_UUFHYRu5aVO7GkqJUg==
expires: Mon, 17 May 2021 10:43:44 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 127 KB
17 KB 9ms
8ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: b8e0a46f1a28e4a7adc668158241a0748b4664b5e2fdf5d2e325936a5f09df36

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:11:56 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 22:07:28 GMT
server: marrakesh 1.16.6
age: 2226
etag: 7d6dcbe636a8358dfbd22b243ec5e0c8
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 17151
x-amz-cf-id: PGlJaZk73rzAgCN-_4-K4O7H6JmaL2978YYWfcbSwTzpQob7ks0dXw==
expires: Mon, 17 May 2021 10:11:56 GMT

GET
H2 200 gazetadopovo.js Show response
me.jsuol.com.br/aud/ 15 KB
6 KB 777ms
193ms Script
application/javascript 2804:49c:3102:401:ffff:ffff:ffff:50
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/gazetadopovo.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 17:18:07 GMT
server: marrakesh 1.16.6
etag: 3259e7f0de5880d1a62dfaa532afdb24
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 6355
expires: Mon, 17 May 2021 10:49:02 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 6 KB
3 KB 10ms
10ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 187724f70ee4b0489797a1e57b7851448eb8f44705ae4e27f1877aee681b3294

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:43:44 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 05:07:09 GMT
server: marrakesh 1.16.6
age: 318
etag: 3f49e0c04db03daf3e6521b90eda5f55
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 2098
x-amz-cf-id: RPVZl_DxDMYvrLGTgE7Ki4lB6LLWF-3pSgYnOM9PhNkYecdq6BqWog==
expires: Mon, 17 May 2021 10:43:44 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 595ms
197ms Script
application/javascript 2804:49c:3104:401:ffff:ffff:ffff:34
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3104:401:ffff:ffff:ffff:34 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:02 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Mon, 17 May 2021 09:49:01 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame EFD1 213 B
693 B 19ms
11ms Document
text/html 2600:9000:20eb:9200:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9200:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 17:11:31 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Mon, 17 May 2021 09:49:02 GMT
expires: Mon, 17 May 2021 09:54:34 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WUUM2RtJJgBRsLXwAr6ID8JCRl4PubEP76XGuU_9w_Kv619xCbkM8g==

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame E62B 213 B
692 B 17ms
11ms Document
text/html 2600:9000:20eb:9200:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9200:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Sun, 17 Jan 2021 17:14:18 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Mon, 17 May 2021 09:49:02 GMT
expires: Mon, 17 May 2021 09:54:34 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: G2ZyNjNbI1PiHbzgAlKcGkUu2z5VgNHYL0F8rh-TyWnAllZouuE2ZQ==

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
500 B 149ms
105ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 11ms
10ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:43:44 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 13:45:52 GMT
server: marrakesh 1.16.6
age: 318
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 6125
x-amz-cf-id: T-lzoNlm8G_oFCqBeJU6CER6Au7YtT1zapafnsH1ozqU_bnDXN1IKg==
expires: Mon, 17 May 2021 10:43:44 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 58B6 4 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:12:02 GMT
content-encoding: gzip
age: 2220
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 13:45:52 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: bkgMKVZ9BtMtCkEqVmYQqJ8k6-10h73x7ZEzrt3pnionF-vpe3qkCw==
expires: Mon, 17 May 2021 10:12:02 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame EFD1 42 KB
9 KB 12ms
11ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:38:16 GMT
content-encoding: gzip
age: 646
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: hRm_ed-MnNsfbIrdr3_RfZ0ARbpcyn_g0lwwRyupmrltwsh_nFk34Q==
expires: Mon, 17 May 2021 10:38:16 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame E62B 42 KB
9 KB 12ms
11ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:38:16 GMT
content-encoding: gzip
age: 646
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: Wm_grapjCl2ztwQsgjh4we-f_4nc9KLaPtbJbuQfoZDIIT6I3vKw7g==
expires: Mon, 17 May 2021 10:38:16 GMT

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 17ms
17ms Script
application/javascript 2600:9000:20eb:e600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:43:45 GMT
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 17:11:33 GMT
server: marrakesh 1.16.6
age: 317
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 8357
x-amz-cf-id: 7UQlEU_dkaHdoDw1lpxZwZY_q46KeyDGd7NpIjTEpR4uAgOsPs-a0w==
expires: Mon, 17 May 2021 10:43:45 GMT

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
460 B 116ms
106ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:gazetadopovo:1&tK=1621244942&tM=referral&tL=referral&tN=referral&tY=3&tZ=937695354
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H3-29 200 pubads_impl_2021051001.js Show response
securepubads.g.doubleclick.net/gpt/ 303 KB
107 KB 35ms
34ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 May 2021 08:38:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109340
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:02 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
319 B 122ms
106ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 501e6cb1c4d25a55e36b72d0a7a889e6a382eba2f451ed4cebf763176fd851cc

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 17 May 2021 10:02:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
448 B 14ms
14ms Image
image/png 2600:9000:2190:1200:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:1200:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 8393458
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: khEvGc5KMtsEKP85gOQZCUuoJ_ULuFReH3f9g1qoDyMWYrQy17lRRA==

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 2017ms
2016ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967145231228164&correlator=1047249776414822&output=ldjh&impl=fifs&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-7%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621217068&dt=1621244942336&dlt=1621244938462&idt=3799&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4683&adks=1274092519&ucis=1&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=747907946.1621244939&ga_sid=1621244942&ga_hid=1049595578&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

2c4672b907a112004a72d3ba69274c6310e8eaa2e80519c51e16a78635f53913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10460
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 30ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 401ms
400ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967145231228164&correlator=1047249776414822&output=ldjh&impl=fifs&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-6%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621217068&dt=1621244942341&dlt=1621244938462&idt=3799&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4198&adks=1274092516&ucis=2&ifi=2&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=747907946.1621244939&ga_sid=1621244942&ga_hid=1049595578&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

3f2c2bf5043a805ae350621d2ea268629101a40284bfa8da5b85409c9f556124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10323
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 1079ms
1079ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967145231228164&correlator=1047249776414822&output=ldjh&impl=fifs&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-5%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621217068&dt=1621244942343&dlt=1621244938462&idt=3799&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=3414&adks=1274092517&ucis=3&ifi=3&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=747907946.1621244939&ga_sid=1621244942&ga_hid=1049595578&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ab4fb83927d5aa2dc72bfa6db518ba125182da8b672dce3468330132389dcdbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8330
x-xss-protection: 0
google-lineitem-id: 5690180333
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349142507
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 1451ms
1450ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967145231228164&correlator=1047249776414822&output=ldjh&impl=fifs&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-4%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621217068&dt=1621244942345&dlt=1621244938462&idt=3799&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=2703&adks=1274092522&ucis=4&ifi=4&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=747907946.1621244939&ga_sid=1621244942&ga_hid=1049595578&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

629b25a22e97c61a6a4175da64513feb40f6fc1a8d23e0c1692e0045e96682ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
17 KB 2364ms
2363ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967145231228164&correlator=1047249776414822&output=ldjh&impl=fifs&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-3%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621217068&dt=1621244942347&dlt=1621244938462&idt=3799&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=2220&adks=1274092523&ucis=5&ifi=5&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=747907946.1621244939&ga_sid=1621244942&ga_hid=1049595578&ga_fc=false&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

c7cfa8c6a568aa81068d777cffed520737aaf10a8769a9fa27411675854d22ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17057
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 753ms
752ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967145231228164&correlator=1047249776414822&output=ldjh&impl=fifs&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-2%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621217068&dt=1621244942349&dlt=1621244938462&idt=3799&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=1390&adks=2044746413&ucis=6&ifi=6&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=747907946.1621244939&ga_sid=1621244942&ga_hid=1049595578&ga_fc=false&fws=4&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

f73e82a575bf0e93e9ef528b82d917249d479ccf8bc959c4a06490fcd1d8dd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9074
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 1715ms
1714ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967145231228164&correlator=1047249776414822&output=ldjh&impl=fifs&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C1190x150&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621217068&dt=1621244942350&dlt=1621244938462&idt=3799&frm=20&biw=1600&bih=1200&oid=3&adxs=205&adys=311&adks=1651446792&ucis=7&ifi=7&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x50&msz=1190x0&ga_vid=747907946.1621244939&ga_sid=1621244942&ga_hid=1049595578&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

6dd0a7080133912381e6d4b76232a90cbd75a694af58fc9c8651d8d948bdf81f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7379
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 2607ms
2606ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967145231228164&correlator=1047249776414822&output=ldjh&impl=fifs&vrg=2021051001&ptt=17&sc=1&sfv=1-0-38&ecs=20210517&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-footer-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621217068&dt=1621244942352&dlt=1621244938462&idt=3799&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1190&adks=2713759382&ucis=8&ifi=8&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1148x-1&ga_vid=747907946.1621244939&ga_sid=1621244942&ga_hid=1049595578&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

c5313f575dec9396740fb2f38cf2fad8bb8efa4fac5cced906915d541fd2d16f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8639
x-xss-protection: 0
google-lineitem-id: 5597359617
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138312099379
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jair_bolsonaro_brasilia_agricultores_e_religiosos_150520211168-214x214.jpg
media.gazetadopovo.com.br/2021/05/16215521/ 33 KB
33 KB 14ms
11ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16215521/jair_bolsonaro_brasilia_agricultores_e_religiosos_150520211168-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d1d182067308e6c8092d4b4997fca95404ed15ae0a67fe50a779d511649e029

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:53:28 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Mon, 17 May 2021 00:55:22 GMT
server: AmazonS3
age: 28534
etag: "07d3e66de58f4670d845450116baebe0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 33642
x-amz-cf-id: 578jlDl5dhxo9Mb6lr170vP3gsCGo2D2oPNnYSQ524FndsDcBxRetg==
expires: Tue, 17 May 2022 00:55:21 GMT

GET
H2 200 predio_stf-214x214.jpg
media.gazetadopovo.com.br/2021/04/18212754/ 21 KB
21 KB 13ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/18212754/predio_stf-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29971b6efe59e27dc467ed3da8fb17b1cbd70f7796baf85059ba3bfb9d275cc7

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:53:28 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 00:27:55 GMT
server: AmazonS3
age: 28535
etag: "e7c4636a466028d29d329a4deded03ff"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21607
x-amz-cf-id: l6P3XCypova5hPZLYNGc8qbpOarqKReAluugFA3YhCCnqQ-aLrhVSQ==
expires: Tue, 19 Apr 2022 00:27:54 GMT

GET
H2 200 kitchen-731351_1920-214x214.jpg
media.gazetadopovo.com.br/2021/05/11173459/ 9 KB
10 KB 14ms
12ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11173459/kitchen-731351_1920-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92d2253f569e3b7df2978166af2c3da2fd967691a70ce66d52f9cb770782f239

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:53:29 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 20:35:00 GMT
server: AmazonS3
age: 28534
etag: "7ad5e7fde1cc79756b12e04db179db15"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9697
x-amz-cf-id: xoypeqrmVKyrVJUTFZTKMGn9rdpdayRQZiOCq4juMYrFUMX9C68uig==
expires: Wed, 11 May 2022 20:34:59 GMT

GET
H2 200 Ramal-do-Sert%C3%A3o-Sert%C3%A2nia-Bolsonaro-214x214.jpg
media.gazetadopovo.com.br/2021/05/14175629/ 16 KB
17 KB 14ms
12ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14175629/Ramal-do-Sert%C3%A3o-Sert%C3%A2nia-Bolsonaro-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8fdca058abe2b2e3651587a53e0d2e13fe97c47cc99bfefa86f729b985937a9

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 01:53:31 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 20:56:30 GMT
server: AmazonS3
age: 28532
etag: "9837274a68cc207c84df442e522a01d8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16658
x-amz-cf-id: 3Z8cDzpLkWYukNKTjzsK6umJ1gmw0c2cNzJ4TvM_roiJHoDP9EhU_w==
expires: Sat, 14 May 2022 20:56:29 GMT

GET
H2 200 sad-505857_1920-214x214.jpg
media.gazetadopovo.com.br/2021/05/14214445/ 2 KB
3 KB 17ms
15ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14214445/sad-505857_1920-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a736ce3b9db1f9bc1b320bb5926e7d37cc3bc111d86a9b57f5c4be52d7e1dca

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 02:29:23 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sat, 15 May 2021 00:44:46 GMT
server: AmazonS3
age: 26380
etag: "5aa39df7b1f4a47ee240d209284f6c09"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2251
x-amz-cf-id: tZnu5nwC-0toWswaibUXEjqbncDG4MHjHVbiHc_spIXFZ07KRO3AnQ==
expires: Sun, 15 May 2022 00:44:45 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 08:45:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:07:15 GMT
server: sffe
age: 176640
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19152
x-xss-protection: 0
expires: Sun, 15 May 2022 08:45:02 GMT

GET
H2 200 vacinacao_pinhais_aen_1205-1-380x214.jpg
media.gazetadopovo.com.br/2021/05/12150114/ 39 KB
39 KB 13ms
9ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12150114/vacinacao_pinhais_aen_1205-1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de42571149eaab9f73801a5fb0df9602885385e4a3e366d9304dbccbb6562cd9

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 19:59:00 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 18:01:16 GMT
server: AmazonS3
age: 136203
etag: "56f8e0a9284e2dcf9ba5396eceef626c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 39851
x-amz-cf-id: EFnlTZFeU84Gk6Tc_ibiuAnEFaj-PwlsSir8HHj-mjjeZl_be-0upA==
expires: Thu, 12 May 2022 18:01:14 GMT

GET
H2 200 laboratorio-amostras-sangue-380x214.jpg
media.gazetadopovo.com.br/2021/05/13233229/ 20 KB
20 KB 11ms
9ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13233229/laboratorio-amostras-sangue-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d7bc926d5569df29d71239568cca1be8e851e5168220c3a2a69095c2a0fb04a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 00:37:23 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 02:32:30 GMT
server: AmazonS3
age: 119500
etag: "025cfa08229074c8d9e4ef9f8e31edda"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20362
x-amz-cf-id: G7mWHR_dID_rj_JuQV7W_9csUR4NX7aE178mK1QwYdvjmpHZdwiT_w==
expires: Sat, 14 May 2022 02:32:29 GMT

GET
H2 200 Gazeta-One-Child-Nation-380x214.jpg
media.gazetadopovo.com.br/2021/05/15150606/ 20 KB
21 KB 13ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/15150606/Gazeta-One-Child-Nation-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee2ffb2b8d6e90bdec1a9f7bafee820de5c930fd8cb508e9e4693b8b4d15a96

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 09:22:26 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sat, 15 May 2021 18:06:07 GMT
server: AmazonS3
age: 87997
etag: "c886a477e4598324354d951e69a23e5e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20689
x-amz-cf-id: P0BT0lSRn6rtIxQE4Yx5o21o4CkHEWRLWGd21odWuo-jG0Xp9YV0mQ==
expires: Sun, 15 May 2022 18:06:06 GMT

GET
H2 200 bruno-covas-380x214.jpeg
media.gazetadopovo.com.br/2021/05/02174113/ 22 KB
23 KB 14ms
11ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/02174113/bruno-covas-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7eb98f2451da8a6f5f6d31e590dd6c56ea58011363dcc614ada8b49597c227f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 23:17:25 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sun, 02 May 2021 20:41:14 GMT
server: AmazonS3
age: 210698
etag: "683c66f99cea26e514650d7d46134652"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 22980
x-amz-cf-id: mEK_5CmonGiVFZaItb6SI58F1bpfsM-OXqaRMY6AzD5HlceSufxgEA==
expires: Mon, 02 May 2022 20:41:13 GMT

GET
H2 200 ricardo-nunes-1-380x214.jpg
media.gazetadopovo.com.br/2021/05/16112839/ 21 KB
21 KB 13ms
11ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16112839/ricardo-nunes-1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fd9fa38f29bbfba03b702b380979d2debbfeddc10943a46e8c10d60f0f00494

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 14:37:13 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 14:28:41 GMT
server: AmazonS3
age: 69110
etag: "1728712a6336154a8466eebf36e3f379"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21607
x-amz-cf-id: s__FQh2T8Og7RGtQdxbzZTerAmVwnmlG8GZQzNMDW7W6YyGUoOKI8g==
expires: Mon, 16 May 2022 14:28:39 GMT

GET
H2 200 Eva-Wilma-380x214.jpg
media.gazetadopovo.com.br/2021/05/16112935/ 14 KB
14 KB 12ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16112935/Eva-Wilma-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf2624819daa0439f51ad05ba96a11ec909002f283772794f39b003abd2284d6

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 14:54:59 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 14:29:36 GMT
server: AmazonS3
age: 68043
etag: "f1bea511c5dd42a83c528ee01f20095c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 14185
x-amz-cf-id: 8Gss2SwQzoMln0mjc_Z0fb2bhWTJf_c9XTTZcjh0PwZAr0Cbv2nWMQ==
expires: Mon, 16 May 2022 14:29:35 GMT

GET
H2 200 jair_bolsonaro_brasilia_agricultores_e_religiosos_150520211168-380x214.jpg
media.gazetadopovo.com.br/2021/05/16215521/ 40 KB
40 KB 18ms
15ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16215521/jair_bolsonaro_brasilia_agricultores_e_religiosos_150520211168-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 363e6b20c5322db772b08ca4f778297b1a859b43087aab2e735a29a3cf66b3e6

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 03:41:49 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Mon, 17 May 2021 00:55:22 GMT
server: AmazonS3
age: 22034
etag: "d07a026865764134140e81e18c6c5b99"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 40655
x-amz-cf-id: KJEPlLqW5tO9ANEHXrp7QFUxFQx2tDCIca98uoka2lg14Kv063ZZdQ==
expires: Tue, 17 May 2022 00:55:21 GMT

GET
H2 200 Marcha-em-Bras%C3%ADlia-380x214.jpg
media.gazetadopovo.com.br/2021/05/15174529/ 20 KB
21 KB 12ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/15174529/Marcha-em-Bras%C3%ADlia-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bbbbb39cbb414d18f93cd2676b61afa7ae2830355de347bcf00e01f0a0eeaf4

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 23:51:07 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sat, 15 May 2021 20:45:31 GMT
server: AmazonS3
age: 122276
etag: "fcac183cb8c5525bdc3c97ae1c85309f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20592
x-amz-cf-id: P8lm3Kx0D6bLNpNK1Dyn-7V61pVnhXrgdyROYWOCtbSBS5x8ylGV9A==
expires: Sun, 15 May 2022 20:45:29 GMT

GET
H2 200 51181130171_306eec8eac_c-380x214.jpg
media.gazetadopovo.com.br/2021/05/15185324/ 30 KB
31 KB 13ms
11ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/15185324/51181130171_306eec8eac_c-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eaf473fd0258fa10aaebe997c35f15f9989a4b8ad42acf6ede1731ba26529553

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 00:49:57 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sat, 15 May 2021 21:53:25 GMT
server: AmazonS3
age: 118746
etag: "94a8a015f11b3e4c1971fc004d2bc853"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 30930
x-amz-cf-id: WYZFog0VzE0Qu4b45nVdmmTbJdFnQFNfppy1ezrURKIitFTFHYyHbQ==
expires: Sun, 15 May 2022 21:53:24 GMT

GET
H2 200 WhatsApp-Image-2021-04-26-at-14.07.58-380x214.jpeg
media.gazetadopovo.com.br/2021/04/26141529/ 16 KB
17 KB 14ms
12ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/26141529/WhatsApp-Image-2021-04-26-at-14.07.58-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80b7bc9ad3b815d7e0ec6011a41bf3c1219fbdb9b59141a5ae03aaf4e8f09b1a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 00:58:50 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Mon, 26 Apr 2021 17:15:30 GMT
server: AmazonS3
age: 118213
etag: "e5c84b4c1b67b407ff8ceb5359cc18b1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16530
x-amz-cf-id: y6H53GU4_SegA9H-JN8BvkCdfZ4uOHENBZRQInavD_4cwQ7KzvWTjA==
expires: Tue, 26 Apr 2022 17:15:29 GMT

GET
H2 200 andr%C3%A9-faria-380x214.jpg
media.gazetadopovo.com.br/2021/05/07164722/ 15 KB
16 KB 11ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/07164722/andr%C3%A9-faria-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2101046cf9bf0cf72b6b8aca4af7935b48b909d6625f6a9ab10bffed7b5b7a67

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 01:58:34 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:47:23 GMT
server: AmazonS3
age: 805829
etag: "f8facb2f70d389635971d0c050c7514a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15682
x-amz-cf-id: KW7IvcYa1APnp6BRU_1kctJajxijZl1QsGjp4HmixUq5D0fqbzHJcA==
expires: Sat, 07 May 2022 19:47:22 GMT

GET
H2 200 argentina-alberto-fernandez-2-380x214.jpg
media.gazetadopovo.com.br/2021/04/19195304/ 17 KB
18 KB 12ms
11ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/19195304/argentina-alberto-fernandez-2-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab1a6917c9b92b3a86875a682195a0280e1189878d5515cf89a17fb32931f993

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 06:17:13 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 22:53:05 GMT
server: AmazonS3
age: 99110
etag: "5c0413d649f46f7da271f3d83a6366e8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17613
x-amz-cf-id: 027cXkmiQUL5e8ISU4qnU40pXNcJs63F656BE_iris_HBKW9CNdrAw==
expires: Tue, 19 Apr 2022 22:53:04 GMT

GET
H2 200 Screen-Shot-2021-05-16-at-12.54.31-380x214.png
media.gazetadopovo.com.br/2021/05/16125638/ 80 KB
81 KB 12ms
9ms Image
image/png 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/16125638/Screen-Shot-2021-05-16-at-12.54.31-380x214.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 717ca5e682d73263363a4cc585bc9fe4766c7c79ed6957bdc78c4e7392c60b4c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 17:50:04 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Sun, 16 May 2021 15:56:39 GMT
server: AmazonS3
age: 57539
etag: "aa296b52722a19215be7caf368b7592d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 82245
x-amz-cf-id: 8i_T7HXdMEub_U3QUzpVj6eheTBwmIfq1MQZrj5VYd_O_6TMzARpdQ==
expires: Mon, 16 May 2022 15:56:38 GMT

GET
H2 200 kitchen-731351_1920-380x214.jpg
media.gazetadopovo.com.br/2021/05/11173459/ 16 KB
16 KB 9ms
8ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11173459/kitchen-731351_1920-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0cbfdf3989b65e46ef5d01459ce6c45aa4a139e8cdcbfac2688e46de0a401607

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 00:48:31 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 20:35:00 GMT
server: AmazonS3
age: 32432
etag: "a54d3adb33803788e868d9352dc8785d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15971
x-amz-cf-id: 9ATgUyXq1_EB_sz-EFAh2of4auSKZrQ3v6sXMSudwWbVbvye95W6oQ==
expires: Wed, 11 May 2022 20:34:59 GMT

GET
H2 200 internet-vicio-380x214.jpg
media.gazetadopovo.com.br/2021/05/14153705/ 27 KB
27 KB 11ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14153705/internet-vicio-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d30e1f33652b01033d3af46e70f09d77f4fda2cfc400d4cb2f7f3f86fa2413a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:56:56 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 18:37:06 GMT
server: AmazonS3
age: 219127
etag: "5b9355c82753d2e1a1e9c69df7b1594a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 27333
x-amz-cf-id: OW5IgFj7mtKohyS5Wm5oxVbsHS--g2CQMKsyozdTLOYo1Eu5FruNHA==
expires: Sat, 14 May 2022 18:37:05 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 148 B
588 B 110ms
110ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=2&tU=0100007F0E3CA260AB06678902FAA105&tX=b.52&tZ=558130574&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 24e0a3d76270ee38b9647cf43a51d05a09ac5591d729dee9882bbeae0e7b5b41

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 plantas-maconha-NickyPe-pixabay-380x214.jpg
media.gazetadopovo.com.br/2021/05/13195504/ 20 KB
21 KB 11ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13195504/plantas-maconha-NickyPe-pixabay-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c192ba214e94169e6f33b5979f9c04473f6098f9dacdf40b7965a1d2fd685127

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 21:18:40 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 22:55:06 GMT
server: AmazonS3
age: 131423
etag: "e4a38c527d76abef658aa0b0336b6018"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20925
x-amz-cf-id: CaWdMPK3ddMpDtoFvoiCGg84trlxyhn8EgJzCLKHOpXzx6x_L__q8Q==
expires: Fri, 13 May 2022 22:55:04 GMT

GET
H2 200 185150907_4182742275081176_5177986830996875391_n-380x214.jpg
media.gazetadopovo.com.br/2021/05/13144543/ 30 KB
30 KB 9ms
8ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13144543/185150907_4182742275081176_5177986830996875391_n-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13bcb9c65187c5a752d9885939ea73db5bebc90bcbe5e26b1cc6e619b34303a6

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:13:51 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 17:45:44 GMT
server: AmazonS3
age: 311712
etag: "110beb583ae0dab0c06b8afe9fb9846f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 30757
x-amz-cf-id: n14swYAYYyzPhyszX91paKdmf-kjjpb_gjmppW5zHD12vtObJx0vvg==
expires: Fri, 13 May 2022 17:45:43 GMT

GET
H2 200 crimes-sexuais-contra-criancas-luiz-walmocyr-policia-federal-darknet-380x214.jpg
media.gazetadopovo.com.br/2021/05/12095706/ 14 KB
14 KB 10ms
9ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12095706/crimes-sexuais-contra-criancas-luiz-walmocyr-policia-federal-darknet-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01387522bd0b23d643467eea489a8dca59fca8aa859bef983055d40d2120112

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 15:05:31 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 12:57:07 GMT
server: AmazonS3
age: 240212
etag: "d5c773df942e4623deafa77723badbe0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 13966
x-amz-cf-id: WRNpbFXSZbKvQLDq4N93UvSQvjnhp6N_LAU8bD91OQwJOE8L1pAqWA==
expires: Thu, 12 May 2022 12:57:06 GMT

GET
H2 200 saneamento-crop-20210513185947-380x214.jpg
media.gazetadopovo.com.br/2021/05/13160238/ 159 KB
160 KB 11ms
10ms Image
image/jpeg 2600:9000:2156:0:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13160238/saneamento-crop-20210513185947-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbb6b936b2c85c019776a06b312e96cb5b11ac07d89250eb1300ad2235564126

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 16:19:52 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 19:02:40 GMT
server: AmazonS3
age: 235751
etag: "872dbe58211e3cdfde1ab6589d1bf73d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 163264
x-amz-cf-id: YJjqWZ6uCd7CLB3_muDjf0xykHsbyaAbt3WsMhVgFHE8KG9iX5ll0Q==
expires: Fri, 13 May 2022 19:02:38 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 28ms
27ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afecdc3ffb8aa079db07b521931706c38f9b7cc6847f264d4d839df886f8dc24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7747
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:02 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 52B5 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 17 May 2021 09:40:30 GMT
expires: Tue, 17 May 2022 09:40:30 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 512
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gazetadopovo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1146
date: Mon, 17 May 2021 09:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 17 May 2021 11:29:56 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
4 KB

20ms
20ms

Script
application/javascript

99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:46:16 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
etag: "5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 167
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3690
x-amz-cf-id: uO3YIDNBY8seFE5I-KCHBIkIQGD-anTsKgglF1oAk88WoWSoKs0XmQ==

Redirect headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: PwHGwLphIhn65vrHGe4T7Q2qOuQeQUseZE-V0D9LdTNOC2PeUZ_FuQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
32 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1049595578&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GjAAEALQAAAAC~&jid=1727916953&gjid=703680485&cid=747907946.1621244939&tid=UA-97689914-251&_gid=325537218.1621244943&_r=1&_slc=1&cd1=Parceiros&cd2=Gazeta%20do%20Povo&cd3=Gazeta%20do%20Povo&cd11=normal&cd4=747907946.1621244939&cd66=1621244942896.3wq3yln7&cd85=none&cd87=none&cd88=none&z=962095166

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 52B5 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 1733
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 17 May 2022 09:20:09 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 38ms
38ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-97689914-251&cid=747907946.1621244939&jid=1727916953&gjid=703680485&_gid=325537218.1621244943&_u=6GjAAEALQAAAAC~&z=1075558942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 May 2021 09:49:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
338 B 109ms
109ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=785536922&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 463a5a6c0bc6a400662d90ec684678c4de16cae3936dfd6c9a3f280f72363df8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621244942943&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621244942943&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo...

64 B
328 B

23ms
23ms

Image
image/gif

99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621244942943&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: -QGuN3y8BHf232EiBuFU-ngo9iTir17UWbEVD-mMhRpxKzEZ8OGQ8g==

Redirect headers

date: Mon, 17 May 2021 09:49:02 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621244942943&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F
content-length: 342
x-amz-cf-id: xpNmPozvvND8QJPqNiO-4Oykmvjiz1fr9JJSVnctqJlrjsnrguPqcQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-97689914-251&cid=747907946.1621244939&jid=1727916953&_u=6GjAAEALQAAAAC~&z=713850550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-97689914-251&cid=747907946.1621244939&jid=1727916953&_u=6GjAAEALQAAAAC~&z=713850550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 123ms
107ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_amsterdam_north%20holland_nl_1621244942632_3107708533&tJ=&tQ=gazetadopovo&tU=0100007F0E3CA260AB06678902FAA105&tX=b.52&tY=1&tZ=736372228
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051001&jk=1967145231228164&bg=!UlGlURXNAAY59bwoOfU7ACkAdvg8Wj-9LoBTK6vScFYQLTwEhfsviLdIIsu6wzkU0xGs3EVI81Q7PQIAAAB0UgAAABBoAQcKATlO-rUoTcQNKfz72FLtf3vKzkewNY-re5WziyTEi1Ngz4FWsQffGoEAKoAoQ_MpL7IbV1Wfjhi-n-LZ8JB6At-Q6KrqYzlnXYaElJycAH5rXHiOWWVI816xuFi2HT_BtzOhXlJ_noKiBE1VsaYf8pbBur-PtekhlrzCU76vPCgw39HC2ppq05gFsItMKO_s2g60EOOz_Jjaqd5xl6dT1ExcG4rXIT-Ozv1Ew9F9K41UYvxfay1Vq_s0XMaYRxvSR_tyjBG_TF3WcfxJyjUcDG6euO5Sm3cY3Wxv62EEBa03MYQe3wyVEWwHeR8QKYrA3LuRZj12kZzJJY-a0x2M1tyCZ_yVmOICzh4vyJWHdtFGQMw-t2ASzbWVTj7XcA6is-566w20UGhKICF4qtlk2lvF3wWdgFmPOrR2mQJPxt1idTn_O1r5cflKdPVd3QVs9ieFHSwhBaGsT-szEZv5xiLhRPuYp4ygBLC2X0V0yIjii04LOMtyLd0GNMnS9WNtlV35UxAxpzvzcmnGH5K5gDIT48GYBYSPiyzHt0-71Evkid6NMdTJcqdp_N3-BhTj5u7UK4zlAU5aGn4U2JOJgh15iYIARlTg8b4XZcwJKe9Q7zqZTWjogeUu7OuWsP2odjnVUkBg5YwJUumTY0gVChosTq2-A3n05UYS51-0cn1ffdoCFBgFJkcbGp8NmiBTwtodozAMULPRpL724UD8Mew2yH2IzIz-fGeQ5apJHVuVXG_Hh4PWrMpZG-RaeH1I6lGxE6I3lrwZyXQC0qMxad5HALBv4ICTxncGgqGZQSicL-rDod9d4SpDaYxxTMXm3E6lg2NbFQpfMpooezIUOpMXK-nz-9tOy2zCiag2xrGG79KoqAgzE0hyQEfn_J2CPKjmmIkX78RZdpErkULIx0crl3Y6v9XWLHctJf6AM_GSuKGMI6rsxPccReoVBtpku3P-2F8KILgYb7Jauq49yIGPuO8-yEwz_5hRmnorkqgTMboHcfJxKRWo9qA_XsV4P9jBTn-Ffl39YiTVPd0nZnM6-4yqXBIeqtesSMlsVQ0q5sFSn8_SL6_I5tgGFBgKdHsriQ2J8yr5_5jOrALQIBhKdX6sELU5_wPgOw2s2jZuL5Z4qQUTY-gL0sgzpaSiMMEzt3xV9pXxS_hG1WlIsRTNAtxrD800gob8p75MnPe27kLzM6o6N3uosfuu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6E01 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 17 May 2021 09:49:02 GMT
expires: Tue, 17 May 2022 09:49:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991985148764"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:03 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5C5F 624 B
591 B 19ms
18ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDm090CGJ3r74QBMAE&v=APEucNVzgIu1fVLS19SpYv8frN_xil87UoH-2g9vpi8NXIAqmmSt5MRcbg5M2uY2TEwTuvyLXQpkH1rQh9cgVPU_b1skDzslNZjuSSygtv0Nwv6bjUVd6a1YofnrK6_4E0eKGbNmtctEEqt90M15B8BWOtCpU5kv-xr5xIBmnik9aIesb7M7wLZYgbU5bhxhANmiYcBpOZ2yQF3oDVASWzEtg78MrYZN6Q

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CK_PCBDm090CGJ3r74QBMAE&v=APEucNVzgIu1fVLS19SpYv8frN_xil87UoH-2g9vpi8NXIAqmmSt5MRcbg5M2uY2TEwTuvyLXQpkH1rQh9cgVPU_b1skDzslNZjuSSygtv0Nwv6bjUVd6a1YofnrK6_4E0eKGbNmtctEEqt90M15B8BWOtCpU5kv-xr5xIBmnik9aIesb7M7wLZYgbU5bhxhANmiYcBpOZ2yQF3oDVASWzEtg78MrYZN6Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 17 May 2021 09:49:03 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkVmE2TI5sF5JiFhEprUrqrF3EYPy-stfl1ouDQdwGevPjy4sy_fgl0eRxd; expires=Sat, 11-Jun-2022 09:49:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 09:49:03 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6E01 24 KB
12 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVEwn5Y6GXr5PuWZTWz5byIyUyKS7jvgJmWSG56pPBf5Nw5c9O48pAKUFqP5KiEIBU_zw48ikJavVspeGBRD_YAVLN2fe1sPsFRbxrlLtCd8RTx1RiBfE-X-FdbPWIi0p_rM7L3lCMsHE_KfRuIyPsuFaW5g&dbm_d=AKAmf-B1b5Fb6gLoVWKe01UrYU_6kjaX9xL-4rwxTNYVPMVWd-0P9f2u9ixUIPgUQ6ve51f4n5-qt2fK1RZHpE3iyxEcCTIaKvAg_XFhTR1hliMzzo0wsTN8PtpKENm-GZL5aR3nKtatOu18EzdXG_GaIzIcDlg2VniZtOisyauXroT1qK81Gsa3Myg9b3Krvad_ipMyOP_3ZyDmE8EZ1st_oGiKv-0HfyKp9V8b4Sz-Ge5xfl-Aa5WpDT7CCdvLmojrsiXAJbagy161MOB8P0cAhXnHzaqrjC5w0bnaFXFR6wHZEOC8ZlNiCg6UX4FWqqz7Cc3uGqcxBE3fZ2CnFismzkHmOvxh7fHbQTIEnMAd-gUTl4rLFP65FK_4XtzGN7zKQAHEj39D4AlM-7i4EeCxMbD6wuqVs49wH3xh3mFU2gHKXsfpjWE8j99D5tzhyVlYka2haThkpRQJpnVk3OgOQKfVZPmcF9SYvP1w-gIk9pcWC1cC3vrxnVrXYdK8WsPs-eMPCyc9bqKpxZVmqRU5-9FqMFVsbplpPwyf_NMYi1nf2D9_gPp9HnhTNOLYUsnHD_H4J21i-WefHFiJlIz8AY8dl32UIJF-ToH-x6y3zsOAwd7qzd8tG9jwbXkoXqRVgJ7rzr8zXLdFtpG91Bc97I5aw2jjCIgnMt-ud5YYvDDeQO__-G4ODrUKw1_2umYOI3yuhNIXNuLepc4ddVGrFsfsavNRkSxXM8_Iw3zbiJJII2vmFc-1dQkuYTbVpph-2_WvQ2WL7swCKXcavxtPT5t6811ni0ILohu8OyRAXuuK_4rO4UYCUqRQ8SpMgCRybiMKfn-y51_cP93xfaR_8_zl6fQDmTNaWgH5OxRyprVciMNIlmcQ4YH7y-V0d-MHLd-PcSNLV3kXPQYfk_DeVmxSqIQbUaN1zjjOM90dIKOI7tYBIEi-5rSt6WazqCfRivk5gxBODnMWYD17UGHLHtWX972mwxTRQGK2lR6f2zBh6OV5ACfDokmfYtFvBpJF_tEyRCSDai3ueyRxiD-CKTrFO2kj344jHtpfB89P12z1e6-Rm82Brp65VvkMDY7WhT_a-MHYtVz6HvaOhdJR80wCjg38w_3vK6oUdo5tVpUh7c0L6pwcHYliPwQsSBYXBZm1-4cZw7UdU6Coq92QmjcewoiQT-R1ComLWenvJHXRYo7Et9qbHAngJxEgQvQQRu9UvhRWhi6X0rVX4-FSCmSlA1-MUW8YgZR2-hOgkgvl8UgAz0eYsL3nP1eOKQJu9TSAovGh0U6mNTHz6FdfigJLfPukKx09SbMtHZBcwREWUga5afN8YwtedOuPTH1ngLeKX3T3dlCgmubUY6hSFNwLCM5fMoIDAAa3-0y61I9eNS8UbDA2y9ewl9RRZFC5ZPz9P2X9kkoR2W4xD1vARw-l1B3d4HhWaSzXg7gPp29iQCFSagyrQZGGvmad1qJtNO0_HYKxMfGDPUqh14LZCmhoX48PnPQGmy9y7AsVSjnwrgG5duESpc8c4zO3QOv84gUXQodbHHxC6ynskfZ9Ckhk2sCwjaZBcBOprJm0PJz74MyjUBZHdsgpFkq9V0r1a3plKaXKfheAogWs9ml_Dvu2fmNCjtkLJLkSGVolQ-5wHlBnD9GHl3tQVDtIZfgZNnJ1mSCWtKRN2g72ATtqwnE-ChUyYrw5D1nBwxoIGlWB5pRFOP1G8rH8hoVLLeEbEyNKG2Qxe2lUxeqIm846LwBDy2SZQl9_TxbI_vWXHg3sPVC2UOtTKEPyNH7a-ptTCdrXyFx8s8yNWbqlAblfRLvUpFvZggfHBNUslgGtIB9WHHwxU_QnJa31kn6pHQ0G8M8KOf1_iZXotCMSSAM-1DMe30sBwmhcjnvaxftswdE11RdnlfU5pQwmiYejOVix_2MXeCzlh1BvFnb_RWkIonlYxkoHveXuiv12XtSvo_1CgtzxOhAuy7cCB53GWgme_Xah9o2jet4ffrgaN9E5XcKRiZVniPwWGTnBBjzDMlCnlsvPQA5Dy4ba8RdCQpA1wL0GA9H7KzvV1ua_OobenuZ6EdQpN6YF67VbM9sRN_VMrzen3z7d8sl9Wjwq-aSV_0kq5cKRpDpwQGng2GzwDZTtH71vSF-5Y0lhN7JAXlDXobi8MRIvRpUwQ6bONpNFGYWvg0IsYzmdeXfj0qrrwF8hRMpSdNBCITu4Qmde4qjveH0YwBEZfD1EBj18rmf4sduEG9LHPRW1aIx7Zo-GI5tLucjJwWLdKw_czIiVgoC4MykOzC3iZAtGvFxVq5tFAHT_t2UC5kvYdFWjdaT0jsBlJ2bp4HyM8r7VnXcfmuzYyl6dwZ7wgM_hn0ujI34V9NtyNz9xA0fBYoG1ntg5TBOtxdh4JQmKPD1Ky1iRRIVqVFuPXV_gcmvpdcrtbgqb-8XldHM4mkH8kOpmcT6F25_nnvrDDomrnPlFTKHf4u4U2-_jMyjojAfZT6UsSH7l4bTw4VOY7riMoY_2-EuYjpUUNZrf0OKmXD_XorbOeiJRVKL7yx-aiN7l0cxv5sTCk8oJRItrPWKLayqLscdbWvFVUvgqDpG26nNhdoMQ2I_ivX6UsIHYyiMHzNlwFEQeNnxL_UN_S7tqnvbCtR2J_nYxzoxloR9ZgXv9nHVoUs53v9ucynCrYrXJSdlVUxxOHNEBQs2TFu23OeO-i0B5ANxmXaD5rfWP9UFNFwctubPrRicwp3FIEfVkHsWqRmmLT1NhFbkLqAlnxrXdnuR4M9aKAx5HBLWt-bnpkoQ_wf2I-6srBFjb7clrIOrPpr5mA4lbtvpnNjPEsA0qoc0azExCBiPjAHGLXcUhf1-jkXV1M0psBCoGMdk4ofRXjpfQlxdQ647SoorQCpP0bt7wCsdzQhuDi3WmOC_aO29CmLbFRPfOuVeotWkXF9irA79RnCAUYni5N02dxx_0DxZgyogwvjeXjsLWk-1VNDHpeKFkg9qss3T2CDgznKM5pcKz8ovSVlqx1ZFSl6XUcweTjIz2gs9FSbWAfIFZZFDJh7IbL6U7pC8k-a43VX3Os0974G1vgN6ISTEaT2okUr2P0ZPBAOAEefLHvfFLCWbYFLn9N_uP7-XalNYWt3QOTdWOgYFzN8-nD0jFy1SZBCr42-Rcvox8pFOeLpKa0Dm2wxivd86moKSkDyrq82wopRfFA9VQejh0d3XNYYLBODwUIVU-QBNGIttzA8FwSj8iWHa1B3WP6G3CEJTWIsCgWMTWdXZazlgXptEnF60gd3X8H8C9XxtId84-mhBSIQDITC6TqEOIo0unpJN90O9KFSmzRBEwWtz9nBAa_pf1sK-QWfD7biYbPE5TVC0KzCP2zs8NWhdQgEw&cid=CAASPeRoiSshGi4oiE2qJE7xhXaQFKA1FZfi1s-i_SV9gIFPHWcezmwbih5NQ7ODxW7uWEF6XG6l5WDlQfC_tAA&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c1ec937fcb9f4980eb54bfe0632d70f469715aa6624914c08b981fdc1e874fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E01 42 B
63 B 51ms
49ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnMj9OOYLxNGQuFXRZkfpViIAFcRKlaZXDUeOWgAMRrHquRSJ1n5IktEU6OoXrsJowabelxcV14zqhkSBH8UUxrgKvTXHzVXUfALgqrDBF8I8U35Q

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/460517/47724224/ Frame 6E01 44 KB
13 KB 117ms
50ms Script
application/javascript 34.254.6.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/460517/47724224/skeleton.js
Requested by: Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.6.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-6-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ff9f9aa967fd77537c4a1443d69ea739b66743714b14aceec918d0bd91f35cb2

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: gzip
x-server-name: app31.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 6E01 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 09:47:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E01 117 KB
36 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:03 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 6E01 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 09:48:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5C5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1&C=1

43 B
1014 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDm090CGJ3r74QBMAE&v=APEucNVzgIu1fVLS19SpYv8frN_xil87UoH-2g9vpi8NXIAqmmSt5MRcbg5M2uY2TEwTuvyLXQpkH1rQh9cgVPU_b1skDzslNZjuSSygtv0Nwv6bjUVd6a1YofnrK6_4E0eKGbNmtctEEqt90M15B8BWOtCpU5kv-xr5xIBmnik9aIesb7M7wLZYgbU5bhxhANmiYcBpOZ2yQF3oDVASWzEtg78MrYZN6Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 May 2021 09:49:03 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 17 May 2021 09:49:03 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5C5F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKI8DzF7fJ35N1b5ifaQMQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1

43 B
894 B

29ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDm090CGJ3r74QBMAE&v=APEucNVzgIu1fVLS19SpYv8frN_xil87UoH-2g9vpi8NXIAqmmSt5MRcbg5M2uY2TEwTuvyLXQpkH1rQh9cgVPU_b1skDzslNZjuSSygtv0Nwv6bjUVd6a1YofnrK6_4E0eKGbNmtctEEqt90M15B8BWOtCpU5kv-xr5xIBmnik9aIesb7M7wLZYgbU5bhxhANmiYcBpOZ2yQF3oDVASWzEtg78MrYZN6Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:03 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 May 2021 09:49:03 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5C5F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIjJbjsSS7WERCah-j-qk_0&google_cver=1

43 B
1 KB

35ms
35ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIjJbjsSS7WERCah-j-qk_0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK_PCBDm090CGJ3r74QBMAE&v=APEucNVzgIu1fVLS19SpYv8frN_xil87UoH-2g9vpi8NXIAqmmSt5MRcbg5M2uY2TEwTuvyLXQpkH1rQh9cgVPU_b1skDzslNZjuSSygtv0Nwv6bjUVd6a1YofnrK6_4E0eKGbNmtctEEqt90M15B8BWOtCpU5kv-xr5xIBmnik9aIesb7M7wLZYgbU5bhxhANmiYcBpOZ2yQF3oDVASWzEtg78MrYZN6Q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:03 GMT
X-Proxy-Origin: 185.59.222.117; 185.59.222.117; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: 27f36975-c2ca-4a4b-9032-46ef32261682
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIjJbjsSS7WERCah-j-qk_0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5C5F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ4MTg2Nzk5NjIzMTgzNjkwOA%3D%3D

170 B
243 B

36ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ4MTg2Nzk5NjIzMTgzNjkwOA%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:03 GMT
X-Proxy-Origin: 185.59.222.117; 185.59.222.117; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.177:80
AN-X-Request-Uuid: 5a4ae164-3599-4b11-a82d-f3cc3646993b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ4MTg2Nzk5NjIzMTgzNjkwOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 6E01 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVEwn5Y6GXr5PuWZTWz5byIyUyKS7jvgJmWSG56pPBf5Nw5c9O48pAKUFqP5KiEIBU_zw48ikJavVspeGBRD_YAVLN2fe1sPsFRbxrlLtCd8RTx1RiBfE-X-FdbPWIi0p_rM7L3lCMsHE_KfRuIyPsuFaW5g&dbm_d=AKAmf-B1b5Fb6gLoVWKe01UrYU_6kjaX9xL-4rwxTNYVPMVWd-0P9f2u9ixUIPgUQ6ve51f4n5-qt2fK1RZHpE3iyxEcCTIaKvAg_XFhTR1hliMzzo0wsTN8PtpKENm-GZL5aR3nKtatOu18EzdXG_GaIzIcDlg2VniZtOisyauXroT1qK81Gsa3Myg9b3Krvad_ipMyOP_3ZyDmE8EZ1st_oGiKv-0HfyKp9V8b4Sz-Ge5xfl-Aa5WpDT7CCdvLmojrsiXAJbagy161MOB8P0cAhXnHzaqrjC5w0bnaFXFR6wHZEOC8ZlNiCg6UX4FWqqz7Cc3uGqcxBE3fZ2CnFismzkHmOvxh7fHbQTIEnMAd-gUTl4rLFP65FK_4XtzGN7zKQAHEj39D4AlM-7i4EeCxMbD6wuqVs49wH3xh3mFU2gHKXsfpjWE8j99D5tzhyVlYka2haThkpRQJpnVk3OgOQKfVZPmcF9SYvP1w-gIk9pcWC1cC3vrxnVrXYdK8WsPs-eMPCyc9bqKpxZVmqRU5-9FqMFVsbplpPwyf_NMYi1nf2D9_gPp9HnhTNOLYUsnHD_H4J21i-WefHFiJlIz8AY8dl32UIJF-ToH-x6y3zsOAwd7qzd8tG9jwbXkoXqRVgJ7rzr8zXLdFtpG91Bc97I5aw2jjCIgnMt-ud5YYvDDeQO__-G4ODrUKw1_2umYOI3yuhNIXNuLepc4ddVGrFsfsavNRkSxXM8_Iw3zbiJJII2vmFc-1dQkuYTbVpph-2_WvQ2WL7swCKXcavxtPT5t6811ni0ILohu8OyRAXuuK_4rO4UYCUqRQ8SpMgCRybiMKfn-y51_cP93xfaR_8_zl6fQDmTNaWgH5OxRyprVciMNIlmcQ4YH7y-V0d-MHLd-PcSNLV3kXPQYfk_DeVmxSqIQbUaN1zjjOM90dIKOI7tYBIEi-5rSt6WazqCfRivk5gxBODnMWYD17UGHLHtWX972mwxTRQGK2lR6f2zBh6OV5ACfDokmfYtFvBpJF_tEyRCSDai3ueyRxiD-CKTrFO2kj344jHtpfB89P12z1e6-Rm82Brp65VvkMDY7WhT_a-MHYtVz6HvaOhdJR80wCjg38w_3vK6oUdo5tVpUh7c0L6pwcHYliPwQsSBYXBZm1-4cZw7UdU6Coq92QmjcewoiQT-R1ComLWenvJHXRYo7Et9qbHAngJxEgQvQQRu9UvhRWhi6X0rVX4-FSCmSlA1-MUW8YgZR2-hOgkgvl8UgAz0eYsL3nP1eOKQJu9TSAovGh0U6mNTHz6FdfigJLfPukKx09SbMtHZBcwREWUga5afN8YwtedOuPTH1ngLeKX3T3dlCgmubUY6hSFNwLCM5fMoIDAAa3-0y61I9eNS8UbDA2y9ewl9RRZFC5ZPz9P2X9kkoR2W4xD1vARw-l1B3d4HhWaSzXg7gPp29iQCFSagyrQZGGvmad1qJtNO0_HYKxMfGDPUqh14LZCmhoX48PnPQGmy9y7AsVSjnwrgG5duESpc8c4zO3QOv84gUXQodbHHxC6ynskfZ9Ckhk2sCwjaZBcBOprJm0PJz74MyjUBZHdsgpFkq9V0r1a3plKaXKfheAogWs9ml_Dvu2fmNCjtkLJLkSGVolQ-5wHlBnD9GHl3tQVDtIZfgZNnJ1mSCWtKRN2g72ATtqwnE-ChUyYrw5D1nBwxoIGlWB5pRFOP1G8rH8hoVLLeEbEyNKG2Qxe2lUxeqIm846LwBDy2SZQl9_TxbI_vWXHg3sPVC2UOtTKEPyNH7a-ptTCdrXyFx8s8yNWbqlAblfRLvUpFvZggfHBNUslgGtIB9WHHwxU_QnJa31kn6pHQ0G8M8KOf1_iZXotCMSSAM-1DMe30sBwmhcjnvaxftswdE11RdnlfU5pQwmiYejOVix_2MXeCzlh1BvFnb_RWkIonlYxkoHveXuiv12XtSvo_1CgtzxOhAuy7cCB53GWgme_Xah9o2jet4ffrgaN9E5XcKRiZVniPwWGTnBBjzDMlCnlsvPQA5Dy4ba8RdCQpA1wL0GA9H7KzvV1ua_OobenuZ6EdQpN6YF67VbM9sRN_VMrzen3z7d8sl9Wjwq-aSV_0kq5cKRpDpwQGng2GzwDZTtH71vSF-5Y0lhN7JAXlDXobi8MRIvRpUwQ6bONpNFGYWvg0IsYzmdeXfj0qrrwF8hRMpSdNBCITu4Qmde4qjveH0YwBEZfD1EBj18rmf4sduEG9LHPRW1aIx7Zo-GI5tLucjJwWLdKw_czIiVgoC4MykOzC3iZAtGvFxVq5tFAHT_t2UC5kvYdFWjdaT0jsBlJ2bp4HyM8r7VnXcfmuzYyl6dwZ7wgM_hn0ujI34V9NtyNz9xA0fBYoG1ntg5TBOtxdh4JQmKPD1Ky1iRRIVqVFuPXV_gcmvpdcrtbgqb-8XldHM4mkH8kOpmcT6F25_nnvrDDomrnPlFTKHf4u4U2-_jMyjojAfZT6UsSH7l4bTw4VOY7riMoY_2-EuYjpUUNZrf0OKmXD_XorbOeiJRVKL7yx-aiN7l0cxv5sTCk8oJRItrPWKLayqLscdbWvFVUvgqDpG26nNhdoMQ2I_ivX6UsIHYyiMHzNlwFEQeNnxL_UN_S7tqnvbCtR2J_nYxzoxloR9ZgXv9nHVoUs53v9ucynCrYrXJSdlVUxxOHNEBQs2TFu23OeO-i0B5ANxmXaD5rfWP9UFNFwctubPrRicwp3FIEfVkHsWqRmmLT1NhFbkLqAlnxrXdnuR4M9aKAx5HBLWt-bnpkoQ_wf2I-6srBFjb7clrIOrPpr5mA4lbtvpnNjPEsA0qoc0azExCBiPjAHGLXcUhf1-jkXV1M0psBCoGMdk4ofRXjpfQlxdQ647SoorQCpP0bt7wCsdzQhuDi3WmOC_aO29CmLbFRPfOuVeotWkXF9irA79RnCAUYni5N02dxx_0DxZgyogwvjeXjsLWk-1VNDHpeKFkg9qss3T2CDgznKM5pcKz8ovSVlqx1ZFSl6XUcweTjIz2gs9FSbWAfIFZZFDJh7IbL6U7pC8k-a43VX3Os0974G1vgN6ISTEaT2okUr2P0ZPBAOAEefLHvfFLCWbYFLn9N_uP7-XalNYWt3QOTdWOgYFzN8-nD0jFy1SZBCr42-Rcvox8pFOeLpKa0Dm2wxivd86moKSkDyrq82wopRfFA9VQejh0d3XNYYLBODwUIVU-QBNGIttzA8FwSj8iWHa1B3WP6G3CEJTWIsCgWMTWdXZazlgXptEnF60gd3X8H8C9XxtId84-mhBSIQDITC6TqEOIo0unpJN90O9KFSmzRBEwWtz9nBAa_pf1sK-QWfD7biYbPE5TVC0KzCP2zs8NWhdQgEw&cid=CAASPeRoiSshGi4oiE2qJE7xhXaQFKA1FZfi1s-i_SV9gIFPHWcezmwbih5NQ7ODxW7uWEF6XG6l5WDlQfC_tAA&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 13108869059872076478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 09:47:51 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E01 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 03:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109154
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 03:29:49 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/128750;4841421;201;js;Cadreon;jbl2020drnlcadreonnetplccrossdevwebchnrta1834everydayextraordinariesdispstandrd1x1nanacpmsitebranded728x90/ Frame 6E01 1 KB
2 KB 73ms
27ms Script
text/javascript 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/imp/1/128750;4841421;201;js;Cadreon;jbl2020drnlcadreonnetplccrossdevwebchnrta1834everydayextraordinariesdispstandrd1x1nanacpmsitebranded728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=35820946&ftOBA=1&ft_ifb=1&ft_domain=www.gazetadopovo.com.br&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ft_keyword=35820946&cachebuster=404716.24532561144
Requested by: Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app19.frk11 /
Resource Hash: 508e115cb5a30e270d26384e41abc243f9295cd13389adc42ddbf99d42c5f39b

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:03 GMT
Server: prod-xre-app19.frk11
X-HW: 1621244943.dop233.am5.t,1621244943.cds152.am5.shn,1621244943.dop233.am5.t,1621244943.cds250.am5.sc,1621244943.cds250.am5.p
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Type: text/javascript
Content-Length: 1502
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D51B 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 16 May 2021 03:29:49 GMT
expires: Mon, 16 May 2022 03:29:49 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109154
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D51B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 1734
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 17 May 2022 09:20:09 GMT

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame B004 6 KB
3 KB 1038ms
410ms Document
text/html 200.187.199.64
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-187-199-64.static.uol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=176381621244942793
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Mon, 17 May 2021 10:49:04 GMT
pragma: cache
last-modified: Thu, 13 May 2021 04:25:49 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 612.000h
x-varnish: 44566528 1071390550
age: 364994
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame EA24 53 KB
18 KB 1034ms
408ms Document
text/html 200.187.199.64
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-187-199-64.static.uol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=176381621244942793
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Mon, 17 May 2021 10:49:04 GMT
pragma: cache
last-modified: Tue, 11 May 2021 14:10:55 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 590.000h
x-varnish: 44537356 1046792161
age: 502688
via: 1.1 varnish-v4
content-encoding: gzip

GET
H/1.1 200
OK j-4841421-3111634.js Show response
cdn.flashtalking.com/xre/484/4841421/3111634/js/ Frame 6E01 80 KB
20 KB 152ms
112ms Script
text/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/484/4841421/3111634/js/j-4841421-3111634.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/128750;4841421;201;js;Cadreon;jbl2020drnlcadreonnetplccrossdevwebchnrta1834everydayextraordinariesdispstandrd1x1nanacpmsitebranded728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ft_section=35820946&ftOBA=1&ft_ifb=1&ft_domain=www.gazetadopovo.com.br&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ft_keyword=35820946&cachebuster=404716.24532561144
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 10deeddb7a473bec304320194ad81de2e681417c29b86825c59c8ab154e623b4

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2021 16:40:42 GMT
Server: Flashtalking (AKA)
ETag: W/"c26aae7f98fe1bd32c0cdf70f094580a"
Vary: Accept-Encoding
X-Varnish: 79770768
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 19898
Expires: Mon, 17 May 2021 10:09:03 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D51B 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4vYWDzyiYLneCreNjuwPrsW-MAAAAAA4AeAEAg&bg=!QUKlQgbNAAY59bwoOfU7ACkAdvg8WkdLvFg0aHspH9Noi6MGdIVxSqBg0p1Lyao_akSSpXOaShKQoAIAAAB0UgAAAA9oAQcKAOn6Oq70SjXk1EdOI31C9GkgXmVctZGnIbqlKWL1gEbmaNSyTVR4QNpoLYJ5doJdZQUKrWcoz_ktCwas5zRDSi2FrlWSseZC8Hdv28EuU-gQ9ziqn2Kj4i73WrHjycGg8HL0z1EDqd-HlBhPpwPD1XQT-C_PG1I6eqa3O3fgFQpJQ2lqDTU_mGKx7paRpoSOU859edfCx7pcAneMzgqxjrQnjZkV5IRbgCj9h78L1yehMypkMyglpLgLFy38NC8uPl4fOS1Mz1TVR5sdQSoVxR1XvjLrPJ0f-p0eh44cqafF_bUbQKdSKYrJAZkCpB4rVxRqsBdAsUYHTEKm2OA9viNUvUd31L-REvZwyM7ob_rAjYpme5dUTuY_fZy3zl1T9Mz-QViveIUfhC5bBpqI0IHwE3ceVQGLGaOHW-bEwQcLPNs8nPPPQ5j_TQxnErRByqTGUmZrCt_fMIOVVxKxUY-4MVgoXpxjznpWv2-Tuxp8o_kJ9TZmNQIxIeIAoqDlz_Eabj-EQEncIn1BUYq2yqYj_5nUq4OmkWuu8w5ls9Q1IF2a9jNfO9iWVTlcejKPObBDKp-g7DYaVu2ZBtIJtLHcNGTkLGTtGWzKWRvms6U3ZG-SIlP5c9tHbZcayZHKduftQDz9d4sZnxMxDxtSaKdGFf4h2SRNuJxquAJAkHA6YAtWcvlfRSydxUDsdP4HKnQ6fEh88Wf2SYo2SaN8aJWDJbWSLDb-tgdFIF7LmKdlif9CAqNOUTE4ADwKRcNsou1uUsjKYYRZiZxuK7KLS82waase2TXU1RQV0DQnWNu7eQKkoMMA6D-lJkQsrysGaktLktgxVqawLzqVyJks6ak0_ciSZPpfg2JCKEbRb49hECJolliLcqKSJ1gXTim6bp85PVHGA1Q0s4Q69YzCus3USrzqLtWN28CGmpJpr9PfUjhrjCEaHm_MeoVCiiBnWiPUg8CO8iixtlUl3cNaRDa-EVHMVX55yJUMp3gtIONHkAYA7NFoKJum4V7-AhRClH5vzqm5fazlw2_z8-LLv9orVG-aVw8SoNEt300PTaofmjj2fVl-6KX1YpWhrA8GBUBEn326DZEWoY7CF6qaGPFKa-curQ3U50S2NfY3vUwIKNM1ynIMLq1oFbxMggevqxR0Lj84E3muMn0l14raw9fnL251hHa98VX2Xdurz0-JWVRQP3IKM9D2OJ5cv61XTGQ

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bolsonaro-recebe-forte-apoio-em-manifestacao.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 64 KB
9 KB 25ms
25ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/bolsonaro-recebe-forte-apoio-em-manifestacao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1aa06ae23b06fce6970d6c8806b11dbeaabe036ea40a0df4e285747137be114

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"27eb01b0dd3ae8aa501895e137a768a4"
age: 1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 01:30:25 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 4YACIKN996SHuRDU-kiFTNlxUDCelfdQcsr-2hFUhFET3lklR9TCuw==

GET
H2 200 stf-segunda-vaga-favoritos-de-bolsonaro.json Show response
json.gazetadopovo.com.br/republica/ 30 KB
8 KB 26ms
26ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/stf-segunda-vaga-favoritos-de-bolsonaro.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0749e4706a4ed8d4ce6e310fe140f2922370a706119598869e99a89a75364a7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"99ab1f8ea2126a9309700ba66c7aa261"
age: 1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 00:20:42 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: fuT7csE01sinPtQ7eZOw2q0T4dhrWB-seZI4OzQxkUENWkiRcC-uZg==

GET
H2 200 eua-beneficios-generosos-do-governo-biden-estao-gerando-escassez-de-mao-de-obra.json Show response
json.gazetadopovo.com.br/mundo/ 15 KB
4 KB 26ms
26ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/eua-beneficios-generosos-do-governo-biden-estao-gerando-escassez-de-mao-de-obra.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ed47760d70876001cbfa06fc278db790b9aaca51d41c0ee9082ff7c15952aef

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8722a12d29a8e86e1d181efe6fe0c63c"
age: 1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 00:06:11 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: iJV6BtXVqvKWWn7DgmZfCLM_vYLDpsQhsGIgOXfgzSl6sFNd1zrmiA==

GET
H2 200 bolsonaro-inaugura-obras-onde-investiu-pouco-de-olho-na-reeleicao.json Show response
json.gazetadopovo.com.br/vozes/lucio-vaz/ 85 KB
12 KB 26ms
26ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/lucio-vaz/bolsonaro-inaugura-obras-onde-investiu-pouco-de-olho-na-reeleicao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b402ea09c47684e968844d25765e75122ceb28a148a918ad8173a4386e457b45

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e781075fbcde96dfcd7f812d8e5fc939"
age: 1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 00:23:29 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: LRpM5t-wY1se-SPs_xl9wM5_9ZYcKXEcaTgD-JWJqkoumAixnDYwKw==

GET
H2 200 como-sites-de-pornografia-lucram-com-videos-de-estupro-e-abuso-sexual.json Show response
json.gazetadopovo.com.br/ideias/ 26 KB
8 KB 26ms
26ms XHR
application/json 2600:9000:2190:0:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/como-sites-de-pornografia-lucram-com-videos-de-estupro-e-abuso-sexual.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:0:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5411989b1746e8c4b81729c53524d51809e45aed3582994ffc12a32ade34dab4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"69bc8b51123ad6cd5ba781c28d22953c"
age: 1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 16 May 2021 23:26:49 GMT
server: AmazonS3
date: Mon, 17 May 2021 09:49:03 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 2m4lDA6u-wNPbxbcpSkRwSO_4kEy6FPOnXbM4TxVggVRgkeZxiZVFA==

GET
H/1.1 200
OK index.html Show response
cdn.flashtalking.com/124929/3111634/ Frame 593F 17 KB
5 KB 93ms
92ms Document
text/html 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/124929/3111634/index.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/484/4841421/3111634/js/j-4841421-3111634.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 01cc82274c69853679e37d617b41be6787af4182844278fa717746b8d21aef9e

Request headers

Host: cdn.flashtalking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Last-Modified: Tue, 19 Jan 2021 11:48:06 GMT
Content-Type: text/html
ETag: W/"60091b2521e3f8fe59ee7c68763d3757"
X-Varnish: 469088446
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 17 May 2021 10:09:03 GMT
Date: Mon, 17 May 2021 09:49:03 GMT
Content-Length: 4062
Connection: keep-alive
Server: Flashtalking (AKA)

GET
H3-29

200

B24383104.277459578;dc_pre=CK670Ye40PACFdLIuwgdQIUBqQ;dc_trk_aid=471499907;dc_trk_cid=134837416;ord=1621244943;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N437205.279382DBMCADREONUK115683/ Frame 6E01
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N437205.279382DBMCADREONUK115683/B24383104.277459578;dc_trk_aid=471499907;dc_trk_cid=134837416;ord=1621244943;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N437205.279382DBMCADREONUK115683/B24383104.277459578;dc_pre=CK670Ye40PACFdLIuwgdQIUBqQ;dc_trk_aid=471499907;dc_trk_cid=134837416;ord=1621244943;dc_lat=;dc_rd...

42 B
63 B

65ms
39ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N437205.279382DBMCADREONUK115683/B24383104.277459578;dc_pre=CK670Ye40PACFdLIuwgdQIUBqQ;dc_trk_aid=471499907;dc_trk_cid=134837416;ord=1621244943;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?586366569

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N437205.279382DBMCADREONUK115683/B24383104.277459578;dc_pre=CK670Ye40PACFdLIuwgdQIUBqQ;dc_trk_aid=471499907;dc_trk_cid=134837416;ord=1621244943;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?586366569
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.198.js Show response
static.adsafeprotected.com/ Frame 6E01 182 KB
58 KB 121ms
53ms Script
application/javascript 52.18.40.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.198.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/460517/47724224/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.40.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-40-16.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 15:54:21 GMT
server: nginx/1.16.1
etag: W/"66c7ceb040197cc2f4530f680aec8772"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
DATA 200
OK truncated
/ Frame 6E01 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 344b4551d6749a5ff0e884aad752d3284bea21766b258dbebcee9ad62c04f386

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK style.css
cdn.flashtalking.com/124929/3111634/ Frame 593F 8 KB
8 KB 75ms
75ms Stylesheet
text/css 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/124929/3111634/style.css
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: fa6deeba5307cb3bd27c29fc2df252922249d38a9239cf74b0118c0add19faf3

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Last-Modified: Tue, 19 Jan 2021 11:48:06 GMT
Server: Flashtalking (AKA)
ETag: W/"2be66084c5b1163455ecf564d8381320"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 448429728
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 8125
Expires: Mon, 17 May 2021 10:09:03 GMT

GET
H/1.1 200
OK loader.gif
cdn.flashtalking.com/124929/3111634/assets/ Frame 593F 7 KB
7 KB 131ms
94ms Image
image/gif 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/124929/3111634/assets/loader.gif
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f8108128bdee3905d17f3a0530131258b40ff53cf07e80b39a1ca671efe19f9f

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Last-Modified: Tue, 19 Jan 2021 11:48:05 GMT
Server: Flashtalking (AKA)
ETag: W/"14c56c5a40e61aea738e46b66d4d8c90"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 580407679
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 6820
Expires: Mon, 17 May 2021 10:09:03 GMT

GET
H/1.1 200
OK gsap.min.js Show response
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame 593F 56 KB
23 KB 86ms
51ms Script
text/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/gsap.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 18:56:48 GMT
Server: Flashtalking (AKA)
ETag: W/"663fd753cae2b462cf8ed119c3f991ab"
Vary: Accept-Encoding
X-Varnish: 522141145 514888608
Cache-Control: max-age=44013
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 22803
Expires: Mon, 17 May 2021 22:02:36 GMT

GET
H/1.1 200
OK html5API.js Show response
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 593F 95 KB
31 KB 80ms
43ms Script
application/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 May 2021 15:35:29 GMT
Server: Flashtalking (AKA)
ETag: W/"db3a9e799b66fd834e149105a04e7840"
Vary: Accept-Encoding
X-Varnish: 771130938 766075164
Cache-Control: max-age=73603
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 31158
Expires: Tue, 18 May 2021 06:15:46 GMT

GET
H/1.1 200
OK FTFeed.min.js Show response
cdn.flashtalking.com/feeds/frameworks/js/api/20/ Frame 593F 5 KB
2 KB 56ms
19ms Script
text/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/feeds/frameworks/js/api/20/FTFeed.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: b29a8f5cd6937592b2aad723385204b0633d519300ef632cf8361d1b47e72553

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2017 15:57:44 GMT
Server: Flashtalking (AKA)
ETag: W/"5a61df4ec54451376992c20f8c760126"
Vary: Accept-Encoding
X-Varnish: 634965138 637581027
Cache-Control: max-age=421
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 1651
Expires: Mon, 17 May 2021 09:56:04 GMT

GET
H/1.1 200
OK Tracker.js Show response
cdn.flashtalking.com/feeds/frameworks/js/utils/ Frame 593F 7 KB
2 KB 67ms
30ms Script
text/javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/feeds/frameworks/js/utils/Tracker.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4c177e4e7d46fc0cd191cfd21e1d4fb24229e5c03e491cec02b6a4cd1c459ded

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Oct 2017 20:49:54 GMT
Server: Flashtalking (AKA)
ETag: W/"dd0371837f9bb02ffb72b212c849f4d8"
Vary: Accept-Encoding
X-Varnish: 772567036 776043713
Cache-Control: max-age=133
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 1816
Expires: Mon, 17 May 2021 09:51:16 GMT

GET
H/1.1 200
OK shrinkr4.js Show response
cdn.flashtalking.com/124929/3111634/ Frame 593F 3 KB
2 KB 82ms
82ms Script
application/x-javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/124929/3111634/shrinkr4.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ea5ad9fd3e79d3e5ac60ec7309f35652896c6899197aefc073c5b853fe33730a

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1321
Last-Modified: Tue, 19 Jan 2021 11:48:06 GMT
Server: Flashtalking (AKA)
ETag: W/"d40481edf4a977d2fed681895b84c7df"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 698461553
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Mon, 17 May 2021 10:09:03 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 6E01
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/460517/47724224/skeleton.js?adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Feccef3b152d70a4161a425d396a7d7ca.safe...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

33ms
32ms

Script
application/javascript

52.18.40.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.40.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-40-16.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 5269090
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame D5DB 82 KB
21 KB 36ms
36ms Script
application/javascript 52.18.40.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.40.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-40-16.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:03 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 333922
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1 200
OK blank.png
cdn.flashtalking.com/124929/3111634/assets/ Frame 593F 930 B
1 KB 34ms
34ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/124929/3111634/assets/blank.png
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 6e6d4ec5c164084dadc25d0d1a463d51dac702c7b56dc1fb0c309c8c4bb2336a

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Last-Modified: Tue, 19 Jan 2021 11:48:05 GMT
Server: Flashtalking (AKA)
ETag: W/"3ad70c03493f12a72c38f0768cc89985"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 677244428
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 930
Expires: Mon, 17 May 2021 10:09:03 GMT

GET
H/1.1 200
OK AvantGardGothEF-Bold.woff
cdn.flashtalking.com/124929/3111634/fonts/ Frame 593F 17 KB
18 KB 22ms
22ms Font
application/octet-stream 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/124929/3111634/fonts/AvantGardGothEF-Bold.woff
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/124929/3111634/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 88f16975a74c0610e76af7cbaf98a7361408e1d9f43e8152353ce4996015456d

Request headers

Origin: https://cdn.flashtalking.com
Referer: https://cdn.flashtalking.com/124929/3111634/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Connection: keep-alive
Content-Length: 17368
Last-Modified: Tue, 19 Jan 2021 11:48:05 GMT
Server: Flashtalking (AKA)
ETag: W/"214cb7cc794034cb7a3e934d3a737a28"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
X-Varnish: 702249000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Range
Cache-Control: max-age=27765
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/octet-stream
Access-Control-Allow-Headers: Range
Expires: Mon, 17 May 2021 17:31:48 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 6E01 43 B
301 B 287ms
95ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=460517&asId=dfe398df-7926-3ed2-ac96-5a44bc467e7e&tv=%7Bc:cRQSRC,pingTime:-2,time:250,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:33,bdZ:151,beA:367,beZ:369,mfA:538,cmA:540,inA:540,inZ:545,prA:545,prZ:554,si:561,poA:562,poZ:574,cmZ:574,mfZ:574,loA:585,loZ:587,ltA:616,ltZ:616%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:728,h:90,t:193%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:250,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:193,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~1%5D,as:%5B74~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sxF0yPU+11%7C12%7C131%7C14%7C15%7C16%7C17*.460517-47724224%7C171%7C172%7C173%7C18%7C19%7C1a,idMap:17*,rmeas:1,rend:0,renddet:na,sinceFw:54,readyFired:true%7D&br=u
Requested by: Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:03 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK manifest.js Show response
cdn.flashtalking.com/124929/3111634/ Frame 593F 672 B
1 KB 68ms
68ms Script
application/x-javascript 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/124929/3111634/manifest.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 3489882e6e7a900144ea97cc1120e37cfa60af5393fce479d73dfca45409026a

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
Last-Modified: Tue, 19 Jan 2021 11:48:06 GMT
Server: Flashtalking (AKA)
ETag: W/"22e50a01d254c27193cf95d61a85c1dc"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 13881325 13755755
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 672
Expires: Mon, 17 May 2021 10:09:03 GMT

GET
H/1.1 200
OK mv21187690.json Show response
cdn.flashtalking.com/124929/ Frame 593F 455 B
1 KB 29ms
28ms XHR
application/json 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/124929/mv21187690.json?cb=217712671
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 7f2bb80ae4f890fca4ba3f095baec50fddf02246b0de2829761b5c914757d64c

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:03 GMT
x-amz-meta-creative-id: 3111634
Connection: keep-alive
x-amz-meta-creative-library-id: 124929
Content-Length: 455
Last-Modified: Tue, 19 Jan 2021 11:48:06 GMT
Server: Flashtalking (AKA)
ETag: W/"a8b64d594bf75fe1a6e63a990c617ed7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 821012358
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
x-amz-meta-ad-type: HTML_onpage
x-amz-meta-version-id: 21187690
Accept-Ranges: bytes
Content-Type: application/json
Expires: Mon, 17 May 2021 10:09:03 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
31 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=317600346&gjid=669031877&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&_r=1&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Prefeito%20de%20Santos%20decreta%20luto%20de%20tr%C3%AAs%20dias%20pela%20morte%20de%20Bruno%20Covas&il1pi1id=1d9afd40-b68e-11eb-ac80-eb58807c1c85&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=1&z=562361815

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 11ms
9ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Bolsonaro%20presta%20solidariedade%20%C3%A0%20fam%C3%ADlia%20de%20Bruno%20Covas&il1pi1id=e0bfc500-b682-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=2&z=205837313

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 12ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Atriz%20Eva%20Wilma%20morre%20aos%2087%20anos&il1pi1id=2817d250-b654-11eb-9711-55f013ecc167&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=cultura&il1pi1ps=3&z=788621910

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 15ms
12ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Caixa%20paga%20segunda%20parcela%20do%20aux%C3%ADlio%20emergencial%20para%20nascidos%20em%20janeiro&il1pi1id=c073ca10-b643-11eb-ae64-61796228bba6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=4&z=1044888065

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 18ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=breaking-news&il1pi1nm=Quais%20s%C3%A3o%20os%20cotados%20para%20o%20STF%2C%20os%20favoritos%20e%20o%20que%20pesa%20a%20favor%20e%20contra%20cada%20um%20deles&il1pi1id=aa4e0130-b6a5-11eb-bd63-19b90a5dbc9a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=5&z=289040433

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 20ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=EUA%3A%20Benef%C3%ADcios%20generosos%20do%20governo%20Biden%20est%C3%A3o%20gerando%20escassez%20de%20m%C3%A3o%20de%20obra&il1pi1id=a4873160-b6a3-11eb-bd63-19b90a5dbc9a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=6&z=1990419013

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 20ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Diretriz%20para%20uso%20de%20m%C3%A1scaras%20nos%20EUA%20causa%20confus%C3%A3o%20e%20autoridades%20reagem&il1pi1id=111c3f80-b68d-11eb-ba23-090df87586fb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=7&z=183112246

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 21ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Cresce%20o%20uso%20reconhecimento%20facial%20para%20seguran%C3%A7a.%20Entenda%20os%20riscos%20para%20a%20privacidade&il1pi1id=f30a5cd0-b69f-11eb-bd63-19b90a5dbc9a&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=vida-e-cidadania&il1pi1ps=8&z=1922637678

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 22ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=De%20olho%20na%20reelei%C3%A7%C3%A3o%2C%20Bolsonaro%20inaugura%20obras%20onde%20investiu%20poucos%20recursos&il1pi1id=61006530-b502-11eb-a0fd-47fc02684014&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=lucio-vaz&il1pi1ps=9&z=1942693410

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 22ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Li%C3%A7%C3%B5es%20da%20crise%20de%202008%20para%20os%20tempos%20atuais&il1pi1id=ac67f410-b643-11eb-ae64-61796228bba6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=10&z=1008295681

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 24ms
9ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Como%20sites%20de%20pornografia%20lucram%20com%20v%C3%ADdeos%20de%20estupro%20e%20abuso%20sexual&il1pi1id=22a3f2f0-b69e-11eb-a7a9-3fde41080c00&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=11&z=1542713358

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 28ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=%C3%89%20fera%20em%20reda%C3%A7%C3%A3o%3F%20N%C3%A3o%20perca%20o%20Concurso%20de%20Bolsas%20do%20UniCuritiba&il1pi1id=4f78c820-af67-11eb-a3e3-c70fb5e79f25&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=unicuritiba&il1pi1ps=12&z=1430568711

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 28ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Bolsonaro%20recebe%20forte%20apoio%20em%20manifesta%C3%A7%C3%A3o&il1pi1id=020806d0-b6ad-11eb-ae71-dd0ec085cebd&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-garcia&il1pi1ps=13&z=1039678225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 29ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=A%20morte%20de%20Bruno%20Covas%20e%20o%20%C3%B3dio%20pol%C3%ADtico&il1pi1id=a7cc0880-b669-11eb-9df5-1189978eb9e8&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=diogo-schelp&il1pi1ps=14&z=374615377

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 29ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Thais%20Possati%20de%20Souza&il1pi1id=0f57f1d0-b4ee-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=guilherme-fiuza&il1pi1ps=15&z=228549173

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 29ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=O%20que%20%C3%A9%20o%20HR1%2C%20campo%20de%20batalha%20entre%20conservadores%20e%20progressistas%20nos%20EUA&il1pi1id=2661cf30-b6a7-11eb-828c-95fe44b7dfe4&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=certas-palavras&il1pi1ps=16&z=486537630

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 29ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=O%20livro%20roubado.%20Ou%3A%20tomara%20que%20o%20Bira%20n%C3%A3o%20leia%20esta%20cr%C3%B4nica&il1pi1id=3f0a8390-b33e-11eb-8284-272359f31f7c&il1pi1pr=0.00&il1pi1br=pino&il1pi1ca=jose-carlos-fernandes&il1pi1ps=17&z=1444093205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 30ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Bruno%20Covas%2C%20o%20gol%20de%20Alisson%20e%20o%20poder%20que%20o%20futebol%20exerce%20sobre%20nossas%20vidas&il1pi1id=1c258860-b69b-11eb-853b-55bb1a7ac7fb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=18&z=1129550616

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 30ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=O%20%E2%80%9CPL%20da%20maconha%E2%80%9D%20e%20as%20prioridades%20tortas%20da%20C%C3%A2mara&il1pi1id=960eae20-b4ef-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=19&z=1678606911

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 31ms
11ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Por%20que%20os%20dist%C3%BArbios%20internos%20entre%20%C3%A1rabes%20e%20judeus%20s%C3%A3o%20a%20maior%20amea%C3%A7a%20a%20Israel&il1pi1id=7192a5d0-b4f7-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=20&z=1893529796

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 31ms
11ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=%E2%80%9CGuerra%20a%20crimes%20sexuais%20contra%20crian%C3%A7as%20%C3%A9%20cada%20vez%20mais%20tecnol%C3%B3gica%E2%80%9D%2C%20diz%20especialista%20em%20cibercrimes&il1pi1id=808e2860-b4c1-11eb-a9ed-898d61679f0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=21&z=1852176216

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 31ms
11ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Oito%20leil%C3%B5es%20no%20setor%20de%20saneamento%20devem%20movimentar%20R%24%2031%20bilh%C3%B5es%20at%C3%A9%202022&il1pi1id=541432b0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=22&z=1104542937

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 32ms
12ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Para%20garantir%20palanque%20a%20Lula%2C%20PT%20abre%20m%C3%A3o%20de%20candidaturas%20nos%20estados&il1pi1id=fb8c2660-b67f-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=2022&il1pi1ca=republica&il1pi1ps=23&z=88652091

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 32ms
12ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Para%20Eduardo%20Cunha%2C%20pris%C3%A3o%20de%20Lula%20foi%20um%20%E2%80%9Cabsurdo%E2%80%9D&il1pi1id=1e254570-b69a-11eb-a7a9-3fde41080c00&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=24&z=1337152083

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 33ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Apelos%20da%20ONU%20n%C3%A3o%20surtem%20efeito%20e%20conflito%20entre%20israelenses%20e%20palestinos%20se%20intensifica&il1pi1id=2f894aa0-b6b3-11eb-bf90-577f1796c39c&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=25&z=1848944180

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 33ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Una-se%20ao%20movimento%20anticorrup%C3%A7%C3%A3o%20e%20n%C3%A3o%20deixe%20essa%20bandeira%20ser%20esquecida&il1pi1id=cea109ba-e58b-48c0-8b80-4197022161c2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=26&z=2017730192

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 34ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=N%C3%BAmeros%20da%20Covid-19%3A%20acompanhe%20o%20avan%C3%A7o%20da%20doen%C3%A7a%20no%20Brasil%20e%20no%20mundo&il1pi1id=b92fa6f1-e32b-4096-be30-99217fe7a2f2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=27&z=689454508

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 35ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Efeito%20cascata%3A%20pre%C3%A7o%20dos%20gr%C3%A3os%20dispara%20e%20prejudica%20produ%C3%A7%C3%A3o%20de%20aves%20e%20su%C3%ADnos&il1pi1id=6a410bc0-b4ff-11eb-a0fd-47fc02684014&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=parana&il1pi1ps=28&z=895213627

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 35ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=A%20seis%20meses%20do%20fim%20dos%20contratos%2C%2036%20processos%20judiciais%20tramitam%20sobre%20o%20ped%C3%A1gio%20do%20Paran%C3%A1&il1pi1id=706ba920-b643-11eb-9e77-a51b60cdde5f&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=roger-pereira&il1pi1ps=29&z=1624466330

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 35ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Domingo%20tem%20mais%205.083%20casos%20e%2073%20mortes%20registradas%20por%20Covid-19%20no%20PR&il1pi1id=ed650fd0-b67e-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=parana&il1pi1ps=30&z=1443900418

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 36ms
14ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Pol%C3%ADcia%20identifica%20e%20faz%20buscas%20por%20%E2%80%9Cserial%20killer%E2%80%9D%20de%20homossexuais%20no%20PR%20e%20em%20SC&il1pi1id=17ec0290-b689-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=parana&il1pi1ps=31&z=376974195

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 36ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Homem%20%C3%A9%20resgatado%20de%20helic%C3%B3ptero%20ap%C3%B3s%20cair%20em%20pared%C3%A3o%20do%20Anhangava&il1pi1id=2752fb10-b6a9-11eb-828c-95fe44b7dfe4&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=curitiba&il1pi1ps=32&z=105861362

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 36ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Conhe%C3%A7a%20os%20tipos%20mais%20comuns%20e%20como%20evitar%20les%C3%B5es%20esportivas&il1pi1id=1eb6bcf0-ad0b-11eb-b122-f5a82506bb42&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=hospital-pilar&il1pi1ps=33&z=1725219478

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 36ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Follador%20admite%20elimina%C3%A7%C3%A3o%20vergonhosa%20do%20Coritiba%2C%20aceita%20cr%C3%ADticas%20e%20fala%20em%20%E2%80%9Ccorrigir%20rota%E2%80%9D&il1pi1id=4c97f8b0-b6a1-11eb-a9a9-410308ff628a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=34&z=97432074

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 37ms
14ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Paran%C3%A1%20e%20Athletico%20se%20reencontram%20na%20Vila%20pelo%20mata-mata%20do%20Paranaense&il1pi1id=d00dfc30-b692-11eb-ba23-090df87586fb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=35&z=1673916002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 37ms
14ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Tr%C3%AAs%20jogos%20das%20quartas%20de%20final%20do%20Paranaense%20agitam%20o%20interior&il1pi1id=c4ed5260-b692-11eb-ba23-090df87586fb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=36&z=1532605846

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 37ms
14ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Paulo%20Affonso%20Gr%C3%B6tzner%3A%20deixou%20como%20heran%C3%A7a%20rel%C3%ADquias%20da%20hist%C3%B3ria%20de%20Curitiba&il1pi1id=415aee30-b4e9-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=37&z=164497473

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
14ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=%E2%80%9CLava%20Jato%20deu%20esperan%C3%A7a%20de%20que%20o%20Brasil%20tem%20jeito%20e%20deve%20resistir%E2%80%9D%2C%20diz%20presidente%20da%20Frente%20Contra%20Corrup%C3%A7%C3%A3o&il1pi1id=ca8eff50-b5d6-11eb-8e38-ed45966ef44a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=38&z=1171923556

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Carta%20%C3%A0%20Science%20quebra%20%E2%80%9Cmorda%C3%A7a%E2%80%9D%20da%20narrativa%20sobre%20a%20origem%20da%20Covid&il1pi1id=9e65fee0-b5d8-11eb-9ae7-81ff5f94a672&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=mundo&il1pi1ps=39&z=149496115

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Fraudes%20milion%C3%A1rias&il1pi1id=3442d490-b351-11eb-9e49-ed09bdae7c6a&il1pi1pr=0.00&il1pi1br=pino&il1pi1ca=notas-baquicas&il1pi1ps=40&z=321959665

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 37ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Nosso%20luto%20seletivo&il1pi1id=497530d0-b520-11eb-b627-4b8b42c02280&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=artigos&il1pi1ps=41&z=374248085

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=O%20Papo%20%C3%89%20%2326%3A%20CPI%20da%20Covid%2C%20um%20palanque%20para%202022&il1pi1id=267908f0-b5b0-11eb-9c64-299ebb0272ff&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=42&z=1508026465

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Cl%C3%A1ssico%20%E2%80%9CNada%20%C3%A9%20Para%20Sempre%E2%80%9D%20oferece%20oportunidade%20de%20contempla%C3%A7%C3%A3o&il1pi1id=719b2560-a829-11ea-8690-b7488a9f0453&il1pi1pr=0.00&il1pi1br=cultura&il1pi1ca=ideias&il1pi1ps=43&z=1308401348

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 37ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Que%20fim%20levou%20Jos%C3%A9%20Geraldo%20Vieira%3F&il1pi1id=f9b9d020-b4fa-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=cultura&il1pi1ca=ideias&il1pi1ps=44&z=2143053776

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=N%C3%A3o%20existe%20a%20menor%20possibilidade%20de%20um%20corrupto%20ser%20feliz&il1pi1id=48ad61b0-b4d8-11eb-893d-bfc914b5ec37&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=polzonoff&il1pi1ps=45&z=472985274

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 37ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Elas%20trocaram%20festa%20de%20formatura%20por%20trabalho%20volunt%C3%A1rio%20e%20hoje%20auxiliam%2070%20mil%20pessoas&il1pi1id=175cbce0-b673-11eb-aead-f51e255a0241&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=virtudes-e-valores&il1pi1ps=46&z=1974238651

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 37ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Uma%20inf%C3%A2ncia%20cercada%20de%20carinho%20%C3%A9%20a%20chave%20para%20um%20casamento%20duradouro&il1pi1id=59c6a22ab0ea4339f8a054ba7d51caed&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=casamento-e-compromisso&il1pi1ps=47&z=115144393

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 37ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Filhos%20de%20pais%20al%C3%A9rgicos%20ter%C3%A3o%20alergia%3F%20Veja%20mitos%20e%20verdades%20sobre%20o%20tema&il1pi1id=dfb53910-b5a1-11eb-925f-352833ccc7ea&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=48&z=261603912

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=A%20geleia%20de%20laranja%20mais%20f%C3%A1cil%20do%20mundo%20que%20voc%C3%AA%20pode%20fazer&il1pi1id=2b87e450-b34a-11eb-abee-03f5385d5ff5&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vosso-blog-de-comida&il1pi1ps=49&z=1569976502

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=N%C3%A3o%20%C3%A9%20s%C3%B3%20o%20a%C3%A7%C3%BAcar!%20Conhe%C3%A7a%20mais%20alimentos%20que%20aumentam%20a%20ansiedade&il1pi1id=95da72d0-b4af-11eb-b7d5-37c03f3b7778&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=50&z=1032977088

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20inspira%C3%A7%C3%A3o%20italiana%20e%20os%20recados%20da%20Justi%C3%A7a%20e%20dos%20pol%C3%ADticos&il1pi1id=42b9bb30-b7b6-11e9-96d3-6195e13c2fd4&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=51&z=717082320

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Era%20das%20Trevas%3F%20A%20verdadeira%20hist%C3%B3ria%20da%20iluminada%20Idade%20M%C3%A9dia&il1pi1id=6e8ae520-b428-11eb-875b-7746cbd8ec2f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=52&z=48681887

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20o%20%E2%80%9Ccontra-ataque%E2%80%9D&il1pi1id=7f93bc80-b3f5-11eb-bfa9-6d75d86756d2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=53&z=493816651

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=%E2%80%9CO%20Tigre%20Branco%E2%80%9D%20mostra%20a%20ascens%C3%A3o%20financeira%20num%20mundo%20sem%20moral&il1pi1id=b0a61680-b420-11eb-84fb-6f574c5dc335&il1pi1pr=0.00&il1pi1br=cultura&il1pi1ca=ideias&il1pi1ps=54&z=836990474

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
16ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20os%20conflitos%20entre%20Lula%20e%20a%20Opera%C3%A7%C3%A3o&il1pi1id=32608ea0-b262-11eb-9664-8bedfda48389&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=55&z=308499243

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=O%20que%20falta%20para%20o%20Brasil%20produzir%20insumos%20da%20vacina%20contra%20Covid-19%3F%20Entenda%20em%201%20Minuto&il1pi1id=6597b8c0-b41f-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=saude&il1pi1ca=republica&il1pi1ps=56&z=97376691

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Defesa%20da%20vida%3A%20jovens%20se%20unem%20para%20denunciar%20a%20cultura%20do%20aborto%20e%20salvar%20beb%C3%AAs&il1pi1id=731cc630-b360-11eb-a21b-751ed1246604&il1pi1pr=0.00&il1pi1br=vida-e-cidadania&il1pi1ca=cristina-graeml&il1pi1ps=57&z=459083919

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 39ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Por%20dentro%20das%20pesquisas%3A%20Lula%20x%20Bolsonaro%20e%20um%20pa%C3%ADs%20dividido&il1pi1id=a40845a0-b33b-11eb-8284-272359f31f7c&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-borges&il1pi1ps=58&z=209302718

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 39ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=O%20que%20explica%20a%20briga%20interna%20no%20Mercosul.%20Assista%20a%20Entenda%20em%201%20Minuto&il1pi1id=4d353180-b31c-11eb-b2f2-a9b0dc1a9d89&il1pi1pr=0.00&il1pi1br=mundo&il1pi1ca=republica&il1pi1ps=59&z=1979619423

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Bolsonaro%20recebe%20forte%20apoio%20em%20manifesta%C3%A7%C3%A3o&il1pi1id=020806d0-b6ad-11eb-ae71-dd0ec085cebd&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-garcia&il1pi1ps=60&z=305201666

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 39ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Quais%20s%C3%A3o%20os%20cotados%20para%20o%20STF%2C%20os%20favoritos%20e%20o%20que%20pesa%20a%20favor%20e%20contra%20cada%20um%20deles&il1pi1id=aa4e0130-b6a5-11eb-bd63-19b90a5dbc9a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=61&z=1492243850

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 39ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=EUA%3A%20Benef%C3%ADcios%20generosos%20do%20governo%20Biden%20est%C3%A3o%20gerando%20escassez%20de%20m%C3%A3o%20de%20obra&il1pi1id=a4873160-b6a3-11eb-bd63-19b90a5dbc9a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=62&z=1292949548

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=De%20olho%20na%20reelei%C3%A7%C3%A3o%2C%20Bolsonaro%20inaugura%20obras%20onde%20investiu%20poucos%20recursos&il1pi1id=61006530-b502-11eb-a0fd-47fc02684014&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=lucio-vaz&il1pi1ps=63&z=637154750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
16ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Como%20sites%20de%20pornografia%20lucram%20com%20v%C3%ADdeos%20de%20estupro%20e%20abuso%20sexual&il1pi1id=22a3f2f0-b69e-11eb-a7a9-3fde41080c00&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=64&z=1370479205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 38ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Para%20garantir%20palanque%20a%20Lula%2C%20PT%20abre%20m%C3%A3o%20de%20candidaturas%20nos%20estados&il1pi1id=fb8c2660-b67f-11eb-8a66-8b895adc0e56&il1pi1pr=0.00&il1pi1br=2022&il1pi1ca=republica&il1pi1ps=65&z=235431715

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 39ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Como%20a%20pandemia%20afetou%20a%20estrat%C3%A9gia%20das%20empresas%2C%20e%20que%20li%C3%A7%C3%B5es%20ela%20deixou&il1pi1id=3c7b7210-b5a0-11eb-b94e-f796f3d13427&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=66&z=1856379713

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 40ms
14ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=PSD%20se%20afasta%20de%20Bolsonaro%2C%20afaga%20Lula%20e%20mira%20governos%20de%20SP%2C%20MG%20e%20RJ%20em%202022&il1pi1id=68629ee0-b4eb-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=67&z=770569946

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 40ms
14ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Oito%20leil%C3%B5es%20no%20setor%20de%20saneamento%20devem%20movimentar%20R%24%2031%20bilh%C3%B5es%20at%C3%A9%202022&il1pi1id=541432b0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=68&z=881707410

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 28ms
24ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=317600346&gjid=669031877&_gid=325537218.1621244943&_u=6GjAAEALQAAAAC~&z=1999263107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 17 May 2021 09:49:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 on-ear-en-over-ear-koptelefoons Show response
fm.flashtalking.com/feed/1219/trending/ Frame 593F 14 KB
2 KB 303ms
105ms XHR
application/json 34.235.247.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fm.flashtalking.com/feed/1219/trending/on-ear-en-over-ear-koptelefoons?
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.247.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-247-123.compute-1.amazonaws.com
Software: nginx / PHP/5.6.40
Resource Hash: ea77d52b0d6e488af5d7465a30408547f6a480668c295e4c9778234fd8534c61

Request headers

Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
x-app-env: prod
access-control-allow-origin: *
content-type: application/json

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 6E01 43 B
301 B 98ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=460517&asId=dfe398df-7926-3ed2-ac96-5a44bc467e7e&tv=%7Bc:cRQT1F,pingTime:-10,time:873,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1621244944370%7C%7C7971a272c18fac688e1ea67aa566f7eb%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C9d4cbb192dc4cb9bcdb4db10007defd9%7C%7C57d28ea0588bcc5ec03950bb0cd241f5%7C%7C45787d792f4def4e2314b14e505868bb%7C%7C4cb42a237580c908fab725d6b9e5698a%7C%7C76cfa59fab468ed96b2f8a9707036cf9%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:618,ecd:33,tsecr:2%7D,pci:%7Btdr:135%7D%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:04 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
29ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=317600346&_u=6GjAAEALQAAAAC~&z=1500612883

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=747907946.1621244939&jid=317600346&_u=6GjAAEALQAAAAC~&z=1500612883

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0ADE 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 17 May 2021 09:49:02 GMT
expires: Tue, 17 May 2022 09:49:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EA24 334 KB
115 KB 36ms
13ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117163
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:04 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A87A 624 B
299 B 19ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMaVpwIQif64AhiZm4ioATAB&v=APEucNV8yWim4JWJ-SowwJL0CC0xq8XIonR8TjQrZ6Sm07csiOONOXSI-HNVXz6VCKghHeJbLm5nK9wbeCxyt8HfTj7mwLmmDTON_YLttY7J2SvppGblzi1HVz9pXSKcBqP1_2V4NeX7sby9c0LXipwlmDl-osgvT6oqgZe5ugJPU7JqEg9An8ztaRIINeoTRfLm7DWjXVC9x6uHUV74x2zQ8fJYjzc2Fg

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMaVpwIQif64AhiZm4ioATAB&v=APEucNV8yWim4JWJ-SowwJL0CC0xq8XIonR8TjQrZ6Sm07csiOONOXSI-HNVXz6VCKghHeJbLm5nK9wbeCxyt8HfTj7mwLmmDTON_YLttY7J2SvppGblzi1HVz9pXSKcBqP1_2V4NeX7sby9c0LXipwlmDl-osgvT6oqgZe5ugJPU7JqEg9An8ztaRIINeoTRfLm7DWjXVC9x6uHUV74x2zQ8fJYjzc2Fg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk06pgndhtrMCyQBWDNrXdXdJBEZs4Fq0NHe4SIUZvhmlJ84lB8EY1tviZcAQU; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 17 May 2021 09:49:04 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 17 May 2021 09:49:04 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0ADE 57 KB
23 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSOr2ge00ORxXvU28sXqo0kWruH1aLwnnaoArTNRg4mm3kHLOsWLSMDs_PQd3AS3uMHUUKIBZyaJLw3rhqLooJJMhHMASHejCiq_7mMdx5Z0W1B40nc4w1fAPEZZ3Ce8gkkChCdyOUO8ourVhXLxGwFTqc0A&dbm_d=AKAmf-A4yDhgCkLb1VDKrXbFKloxM9O64E5MdggoFVd-kuIqmEvc9lj-x0qHwzSiOvSKbGHfjMDxgQpXj0bDZZjoeWZfgj2ehU9Bp2dY4cy9k3xgw1AuD_hhzaDY3dfB7HVwh0auRhQ1ivLm8PP07brxEAn3UZMdER6iYUb8QSzmL07H8jJ1evL_zuYqMSXnQ4n08LgngoWpL1THkNFs2-Tgbx8b58i1I4AlxSxOImK8kryTH9OnyXhaBtwT9_bQUYsxQAZhT7LgHdPMT7_Lw0Y5yOWik_lhuLFb0yWGFLtb_QCphb2pFCWYq4A5L37ePlaSniIsCtQUDBOaZ7t7PS2PQgJ4tNdz2PIFfwp-wmSvkzOBx5joVswMH8VpJVjuH835nYkJBFNvPWTPiX_OZCyinoh_SFysgj4Ua7Bi2QGA5hfTuB9W0x86ypdcBU9IDsmjmOoVmCPmDemUlzdPLOj4y84g65fzqgE2_MkjzI1EtAFxmNuFtXl1MnG0mlFEDZ626EcbgOMQ2eqOZUcXNohCrbZfdXBfyd746CjO5NCjZCDufzUVrKSBCAJ5rKspBaSabqvvlLP0ZYBhmSOFMX61VHHx5TDO0s5MZKBTRdwU1He-Z-Yv_2r15-30BtKQFpnh88g9kBvZIGcmDJhx8kWYny7QmO8zX0mvHa4_NJcRnm0vFL4NgxAljDRFK5HEpPdsUQ4zE7asLxJd6Y2ZZGIm5yj8eX0pBgr87EZmOAU_sAGrVCaunuPLeOyAFQs2lZaBql_kPQOY7b7F1rakoDqCuElViiBfG4RDr101c0KQxPIiQcfv1FxRD7VckaSOx9tO-3TYAR-ty02eKdy71_opx5Nzwtbs83sJGhSdDFNaEGydh9ikrqrLqXYbKFDQZzLMztHbTU8SZfXNSVxJrVZ3sdQmJGV3qniN5OkAes0Tl4SeuO_3srFbN5buArjvrxp-Ng13hCYRAEK2WUwpDBu5_7g9iZh3EzZpVH311yLnQlS5e5OK9-zCKXEbKY7IOfobmRaGRxa05o371-eCvvXckzesKMhh6Wfx2BAm9vJ6cw0QfcRVFjaGRsi6L3mdULTceQO5XJVP9_I9o4RtOhyedpfVW9ThitDPBiH0tDcOwDLBkBzkE75cdIkUXdRTRi9CF5gfy05NdmIJ0HwuWI1nteIuMKCb8mAkZ7Nr3nxPt_7t6YhO3qxzvQkeLekzkDKR4QG6unEPv-Zpd7ubQBX6F3tABzSbyKAG88OtYUY21TZUQzMcSPnGaoec6R6CF2vAJT6ZG5-5b92rOU3kIzh6IDmEi1wTujHc3Rt1xzVr3V-JuqkJr_zDI1La1ULw_lE01fm8OfYMHDe1y7iHCo5wEOVhMWytLk3BU_WU23PtRZ53mxIwJ05cs5LZIqMCl0L0GbFwIE7FfxgPB85PhXpcTAHCVVQ0HsjCklocKQYAcoVcmZAHn8YZdcvlepcgduUmOrGctknOGBslFQP8kDLYapC2ioTTD0IINf4fRe8gXaFg41h8U0dTmG7hBewJkV3Ok8vtCt2WoMF_LJ6CflY6Mqh5FJCUcIajhZX-MFg2qFCYUFy_8rWsaVwfSnHkS0MpgwZqa3hEPbNBuMZL4eL5lJTAEhimwSJzmPlziSXd-7h0mlGaAs5cwrzm-CDgorBLZLqTd5bEhsXMAvlE8lVaihgKz8i9kMYIHikagLyoCHmG4xufSzWUotwDHqtm6r0PyqgPYoF0q3rPNBJ8e5-uJPcZxkNCyQwZuHMUwzuzMobEVlhBmo4HTpsnno56YPC5e6uKp6N8XbxpoRqBwxU2fbAkGLGheYi3co2TT4WlNviEVbYzY7LoiM8mt35cyNzeVSns3PfDQNJoHOWGiJ4hoHp34zVnoEvgPiy0_YJrad3uPGrJOvhKLfIsrKCmYU4FQcNVGDr2bk61h2HfmTDInfptrkbxpAIKXUxAxnuM_Krw8mj_5vnDAI7Vifs5fLGmXJsl0LJ-vsalc8pBUmfgxx7tdLMRkKVgNro3B-ahI246o9pVGStUke79MVVq1NmEUJ76RIJeBAwy_YgT-dQUcgIEfEOrdtwZC6cNBeIa-B4KZ0m9s4CuiLuZuHgPTZMcIJHmnU_C4luunCtI9PzUogakaFa9j2vHVDw-fSzAPf3_Uqqk0BQljcGjvrdsaZjTisRqLKRs8bNK3J6gYO-97PON5UvK2Sl2ONAMuSZZP7xe0ilz5MnXqtvLi_KjnFiRvFSH893D6ix5Rj9ZeIN8mIuNEEQ7chKjMMhEvtZDBLqr9XoROG3dh-YpjN0P3Jd5bwMFfn2K2anIsCC3NOmGXZ1bJedFtQxKM3eFW6sePJeiJU0epQp-9qgUnCo0rGDOSCewhFZhrW2wT2RFJ5E3nhMxK-4AA9jMrZklyGMKWeRZ7-KY2RLYYC86OgVMZwS1k_XjDXy27yqV4jq7dHlZRknMskN-m_uslsYgpCWCbwqfbZJcrGAJPqjYqXjNrAoz9w5mR4-xmIPeMWGGekEP8wADCWbeEKimAtIj7qlmbKPkBfQp8aRRzXth_jofZUrKG8yQLCDU_Dzz9YZHdNVkTbDdX4jeq80RDTGXW0zN5MmbDObDqXPXcDelMb7FWQ9BozfbkB7t3mWt86YyBTyP0RyBZ_PrXnb_jPH7yPwtB_M8YudRyhaB0fCZDhwCEZ7fbh-yVRE-TVnvDrtvsp7E0QMm5rslA_XpWxSYB9RDFjzkskt1k_dhfqgZIQ5FKAoaqvsPLGnGVYPPXNchm5CeoLQZ5z19y_nuninzJ4_Mm6q_dR02pAQDPhFa-Ef6wKEpoAQ0k9KP57DWhzYa4Km9JCxMHH8yFvCzSRw3ufbXrpKzEiUT2oDRBMryN210e33FyOZ6d5_QOGgfNkt99KseMQqnLV32lz_ZNuiq7qF9rHp4QyV451xTTfcULTpIVTtnRZSAJxHGp1kbfnsfcuiFtzgn0_aa0yfqryJx4DCsD2LhXPdM1YOjAU9Fa3MPfT8_aWFcMHDuET8ry7ztc-W1Cq3h-YdawMPlaBuuhnSqNr5y32yVDqVmPW83JBI2Yr8kTZB8vtJMPb13Zv5GsvajKAapWoxyOM6MP6g_okTlFFbsWSsKJVrK-alfxChwAjJUEqDfH76yjeL9uVk-SChB_m-FxOFj6_BofWmT1nEi7O7ad8d4mDk&cid=CAASFeRoRb_7-eEhtHCSlpLjcXcA_uD3Qg&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06ee812d66d62bea7e9d3010b38328b61b09520d2674e3a933f044f1b24e1f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23753
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ADE 42 B
63 B 40ms
38ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxmOZ6sZD1aKzPqz_wKAaMl9oEXGYQk_PpCEw0anxwpfTlA64KSJx-Tl54jrxyCWd7-rX5SqLbOgDEg8xiDq1t4znwOviLpI2zbXOGF3lv10vq1ZM

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 0ADE 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 09:47:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0ADE 117 KB
36 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:04 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 0ADE 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 09:48:22 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0ADE 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeMcK33wpGUN5HmuaLbr4ZYQFChrDU6HBvG90gppvTfemHk7pU7Q7x3aoOrpC4JNzYWY-YJ1jsAq71mcaRAp5jRxufWw
Requested by: Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A87A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1

43 B
894 B

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMaVpwIQif64AhiZm4ioATAB&v=APEucNV8yWim4JWJ-SowwJL0CC0xq8XIonR8TjQrZ6Sm07csiOONOXSI-HNVXz6VCKghHeJbLm5nK9wbeCxyt8HfTj7mwLmmDTON_YLttY7J2SvppGblzi1HVz9pXSKcBqP1_2V4NeX7sby9c0LXipwlmDl-osgvT6oqgZe5ugJPU7JqEg9An8ztaRIINeoTRfLm7DWjXVC9x6uHUV74x2zQ8fJYjzc2Fg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 May 2021 09:49:04 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A87A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKI8D-LXhcZtB2HJOZSX-wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1

43 B
894 B

27ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMaVpwIQif64AhiZm4ioATAB&v=APEucNV8yWim4JWJ-SowwJL0CC0xq8XIonR8TjQrZ6Sm07csiOONOXSI-HNVXz6VCKghHeJbLm5nK9wbeCxyt8HfTj7mwLmmDTON_YLttY7J2SvppGblzi1HVz9pXSKcBqP1_2V4NeX7sby9c0LXipwlmDl-osgvT6oqgZe5ugJPU7JqEg9An8ztaRIINeoTRfLm7DWjXVC9x6uHUV74x2zQ8fJYjzc2Fg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 17 May 2021 09:49:04 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEq9So5zCKu31A5DWQAyu9Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A87A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIjJbjsSS7WERCah-j-qk_0&google_cver=1

43 B
1 KB

15ms
15ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIjJbjsSS7WERCah-j-qk_0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMaVpwIQif64AhiZm4ioATAB&v=APEucNV8yWim4JWJ-SowwJL0CC0xq8XIonR8TjQrZ6Sm07csiOONOXSI-HNVXz6VCKghHeJbLm5nK9wbeCxyt8HfTj7mwLmmDTON_YLttY7J2SvppGblzi1HVz9pXSKcBqP1_2V4NeX7sby9c0LXipwlmDl-osgvT6oqgZe5ugJPU7JqEg9An8ztaRIINeoTRfLm7DWjXVC9x6uHUV74x2zQ8fJYjzc2Fg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:04 GMT
X-Proxy-Origin: 185.59.222.117; 185.59.222.117; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid: e442df4b-b11e-41ed-9eb4-0208cd57ecaf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIjJbjsSS7WERCah-j-qk_0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A87A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ4MTg2Nzk5NjIzMTgzNjkwOA%3D%3D

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ4MTg2Nzk5NjIzMTgzNjkwOA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:04 GMT
X-Proxy-Origin: 185.59.222.117; 185.59.222.117; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.53:80
AN-X-Request-Uuid: 8bd08d19-4d5d-494c-a678-b104db2b4707
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ4MTg2Nzk5NjIzMTgzNjkwOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 0ADE 111 KB
39 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 20:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 May 2021 20:28:43 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame 0ADE 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSOr2ge00ORxXvU28sXqo0kWruH1aLwnnaoArTNRg4mm3kHLOsWLSMDs_PQd3AS3uMHUUKIBZyaJLw3rhqLooJJMhHMASHejCiq_7mMdx5Z0W1B40nc4w1fAPEZZ3Ce8gkkChCdyOUO8ourVhXLxGwFTqc0A&dbm_d=AKAmf-A4yDhgCkLb1VDKrXbFKloxM9O64E5MdggoFVd-kuIqmEvc9lj-x0qHwzSiOvSKbGHfjMDxgQpXj0bDZZjoeWZfgj2ehU9Bp2dY4cy9k3xgw1AuD_hhzaDY3dfB7HVwh0auRhQ1ivLm8PP07brxEAn3UZMdER6iYUb8QSzmL07H8jJ1evL_zuYqMSXnQ4n08LgngoWpL1THkNFs2-Tgbx8b58i1I4AlxSxOImK8kryTH9OnyXhaBtwT9_bQUYsxQAZhT7LgHdPMT7_Lw0Y5yOWik_lhuLFb0yWGFLtb_QCphb2pFCWYq4A5L37ePlaSniIsCtQUDBOaZ7t7PS2PQgJ4tNdz2PIFfwp-wmSvkzOBx5joVswMH8VpJVjuH835nYkJBFNvPWTPiX_OZCyinoh_SFysgj4Ua7Bi2QGA5hfTuB9W0x86ypdcBU9IDsmjmOoVmCPmDemUlzdPLOj4y84g65fzqgE2_MkjzI1EtAFxmNuFtXl1MnG0mlFEDZ626EcbgOMQ2eqOZUcXNohCrbZfdXBfyd746CjO5NCjZCDufzUVrKSBCAJ5rKspBaSabqvvlLP0ZYBhmSOFMX61VHHx5TDO0s5MZKBTRdwU1He-Z-Yv_2r15-30BtKQFpnh88g9kBvZIGcmDJhx8kWYny7QmO8zX0mvHa4_NJcRnm0vFL4NgxAljDRFK5HEpPdsUQ4zE7asLxJd6Y2ZZGIm5yj8eX0pBgr87EZmOAU_sAGrVCaunuPLeOyAFQs2lZaBql_kPQOY7b7F1rakoDqCuElViiBfG4RDr101c0KQxPIiQcfv1FxRD7VckaSOx9tO-3TYAR-ty02eKdy71_opx5Nzwtbs83sJGhSdDFNaEGydh9ikrqrLqXYbKFDQZzLMztHbTU8SZfXNSVxJrVZ3sdQmJGV3qniN5OkAes0Tl4SeuO_3srFbN5buArjvrxp-Ng13hCYRAEK2WUwpDBu5_7g9iZh3EzZpVH311yLnQlS5e5OK9-zCKXEbKY7IOfobmRaGRxa05o371-eCvvXckzesKMhh6Wfx2BAm9vJ6cw0QfcRVFjaGRsi6L3mdULTceQO5XJVP9_I9o4RtOhyedpfVW9ThitDPBiH0tDcOwDLBkBzkE75cdIkUXdRTRi9CF5gfy05NdmIJ0HwuWI1nteIuMKCb8mAkZ7Nr3nxPt_7t6YhO3qxzvQkeLekzkDKR4QG6unEPv-Zpd7ubQBX6F3tABzSbyKAG88OtYUY21TZUQzMcSPnGaoec6R6CF2vAJT6ZG5-5b92rOU3kIzh6IDmEi1wTujHc3Rt1xzVr3V-JuqkJr_zDI1La1ULw_lE01fm8OfYMHDe1y7iHCo5wEOVhMWytLk3BU_WU23PtRZ53mxIwJ05cs5LZIqMCl0L0GbFwIE7FfxgPB85PhXpcTAHCVVQ0HsjCklocKQYAcoVcmZAHn8YZdcvlepcgduUmOrGctknOGBslFQP8kDLYapC2ioTTD0IINf4fRe8gXaFg41h8U0dTmG7hBewJkV3Ok8vtCt2WoMF_LJ6CflY6Mqh5FJCUcIajhZX-MFg2qFCYUFy_8rWsaVwfSnHkS0MpgwZqa3hEPbNBuMZL4eL5lJTAEhimwSJzmPlziSXd-7h0mlGaAs5cwrzm-CDgorBLZLqTd5bEhsXMAvlE8lVaihgKz8i9kMYIHikagLyoCHmG4xufSzWUotwDHqtm6r0PyqgPYoF0q3rPNBJ8e5-uJPcZxkNCyQwZuHMUwzuzMobEVlhBmo4HTpsnno56YPC5e6uKp6N8XbxpoRqBwxU2fbAkGLGheYi3co2TT4WlNviEVbYzY7LoiM8mt35cyNzeVSns3PfDQNJoHOWGiJ4hoHp34zVnoEvgPiy0_YJrad3uPGrJOvhKLfIsrKCmYU4FQcNVGDr2bk61h2HfmTDInfptrkbxpAIKXUxAxnuM_Krw8mj_5vnDAI7Vifs5fLGmXJsl0LJ-vsalc8pBUmfgxx7tdLMRkKVgNro3B-ahI246o9pVGStUke79MVVq1NmEUJ76RIJeBAwy_YgT-dQUcgIEfEOrdtwZC6cNBeIa-B4KZ0m9s4CuiLuZuHgPTZMcIJHmnU_C4luunCtI9PzUogakaFa9j2vHVDw-fSzAPf3_Uqqk0BQljcGjvrdsaZjTisRqLKRs8bNK3J6gYO-97PON5UvK2Sl2ONAMuSZZP7xe0ilz5MnXqtvLi_KjnFiRvFSH893D6ix5Rj9ZeIN8mIuNEEQ7chKjMMhEvtZDBLqr9XoROG3dh-YpjN0P3Jd5bwMFfn2K2anIsCC3NOmGXZ1bJedFtQxKM3eFW6sePJeiJU0epQp-9qgUnCo0rGDOSCewhFZhrW2wT2RFJ5E3nhMxK-4AA9jMrZklyGMKWeRZ7-KY2RLYYC86OgVMZwS1k_XjDXy27yqV4jq7dHlZRknMskN-m_uslsYgpCWCbwqfbZJcrGAJPqjYqXjNrAoz9w5mR4-xmIPeMWGGekEP8wADCWbeEKimAtIj7qlmbKPkBfQp8aRRzXth_jofZUrKG8yQLCDU_Dzz9YZHdNVkTbDdX4jeq80RDTGXW0zN5MmbDObDqXPXcDelMb7FWQ9BozfbkB7t3mWt86YyBTyP0RyBZ_PrXnb_jPH7yPwtB_M8YudRyhaB0fCZDhwCEZ7fbh-yVRE-TVnvDrtvsp7E0QMm5rslA_XpWxSYB9RDFjzkskt1k_dhfqgZIQ5FKAoaqvsPLGnGVYPPXNchm5CeoLQZ5z19y_nuninzJ4_Mm6q_dR02pAQDPhFa-Ef6wKEpoAQ0k9KP57DWhzYa4Km9JCxMHH8yFvCzSRw3ufbXrpKzEiUT2oDRBMryN210e33FyOZ6d5_QOGgfNkt99KseMQqnLV32lz_ZNuiq7qF9rHp4QyV451xTTfcULTpIVTtnRZSAJxHGp1kbfnsfcuiFtzgn0_aa0yfqryJx4DCsD2LhXPdM1YOjAU9Fa3MPfT8_aWFcMHDuET8ry7ztc-W1Cq3h-YdawMPlaBuuhnSqNr5y32yVDqVmPW83JBI2Yr8kTZB8vtJMPb13Zv5GsvajKAapWoxyOM6MP6g_okTlFFbsWSsKJVrK-alfxChwAjJUEqDfH76yjeL9uVk-SChB_m-FxOFj6_BofWmT1nEi7O7ad8d4mDk&cid=CAASFeRoRb_7-eEhtHCSlpLjcXcA_uD3Qg&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 09:46:01 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 0ADE 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 13108869059872076478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 09:47:51 GMT

GET
DATA 200
OK truncated
/ Frame EA24 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bridge3.458.0_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 7695 573 KB
188 KB 21ms
7ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e3b76bf5d88736c9b9656cf2810230a811e0e3b7a1e0de037f4345a3e971529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.458.0_pt_br.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.dynad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.dynad.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191996
date: Wed, 12 May 2021 02:16:50 GMT
expires: Thu, 12 May 2022 02:16:50 GMT
last-modified: Wed, 12 May 2021 01:31:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 459134
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame EA24 44 KB
16 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:04 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame EA24 107 B
122 B 29ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0ADE 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
URL: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 03:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109155
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 03:29:49 GMT

GET
DATA 200
OK truncated
/ Frame 0ADE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6132aae7adcfa32081f9e337d92f92c0b08b6ca7039a344f80d7c921cc872dee

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9364 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 17 May 2021 10:39:03 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9662254/1620226019207/ Frame 98B9 24 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9662254/1620226019207/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

347c5341604c5c2b96e3c6b91d76757287437db91bc851f04595f2ef2dd3a9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9662254/1620226019207/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 4850
date: Mon, 17 May 2021 08:37:14 GMT
expires: Tue, 18 May 2021 08:37:14 GMT
last-modified: Wed, 05 May 2021 14:46:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 4310
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0ADE 0
575 B 135ms
75ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWtWMDUPLkqJyuAjYwj_8Vdsy5Wv6FYvdzruVzVCCKUDNnVwOjkGYEXjKt1E3H41yHlTPZbUEPxpHEf7cK8GUj5HAVglgBKAygnUfg6nmwVoVMh8CH7zaEnWq3ACYDzPvbQJ0TnwVNUMAnPVO5IloYuhCdFfI-eHIzn3ClmVPQfyBtvIlIIZIsKBGJb4aeXXFhsK2edNhNrFY0543gKO-t9Pqa26SsXF9s8ZmqefSO0kpjJEgMU2D_b4k6v0X_4CLKlBwEmIHG0YTL6EzU3nx7dCsYjAPcM4LcOtKZ9DQ78kIz4D8XEpMr4JbEaGclKsSl8ijYeolCBVqfwEhbJEzzA87DlfNzmpKvTlMBYBD0hHeaIRZCxD-SfdNbcAiskdTT9upvu6zRzR7FMYopl5e5xuo8i7T5997uxWsWB5hub5iT5WiGP4rT2pgDoyQDvbtL3Sr0CDlFnqF2DwBn-CNbAieSHEXBxHraqT50_DuWXK1yeqh_w4Lsm08eZuUWPRbghU4wLehTe-9CMnuixObxExBB-Ue1iXKc9fPoKUN-PMtzvPLMe6wGTC81d1ynKX-F9qnpJ2Qd3FN8b5-2usR2hUq6FeM_WeJtbcPWSaiYbvYRnLhcMGTOF59IYteArO4nL7CCDoMpB4rrEJuXH0NEFFgXj2-_D6dqfSIv8mUkCdj0gSmxexpMek8COISjGi8ni-jUoS-aV16ybvvQ8yPrGdv4PMP7-nfoEB60UjliokaNaulN3D15E1kBAd-wwr2I2f7T4TQJlOcDbNifRbR0VG_CQM4zgH24XPRe5Unq7rQm1RBQ76EGUKy9hcCHvqt7B8-_vYCnCCCHYfTK2c1x2ElGh2Ywgmt-EdmDWsxUMUiQFbZ4eDLdIHGjsjgwDPS0hHKaWal83xxjYFC6BZXJHjDnCmUV73Gfh4D7pRxy3Jc2tu8unTCxeV0S9g2sJkwh5TtJBY6WcYGBSGx5rVx7p0ns6CZ5YCfRekf92vwXJjTS-Adx_EIRN-X7n9caw20P6hJCiavYQ-RK3balvyelOWF1ndKmHSfy6RP-y8VDS3B9BowZwK0ietR8228vK8ZfxwDC5Tcqs7ikZu83Tv9wrU2FtmuOSoqQFokDOtEpERCN58jBFoWtTZLNADHqdbuhgbsEEbHlp36LuEV2qifKR_-EKtPrXy6Y-ItfwAhgWvHO4sqDFfiZW_udCmumgeSJkpEj-Eyw&sai=AMfl-YQLpLvxo_MtIolA_zqYxzmCUSZgOJl0XaopEU-ZiZxJu1U4pB0mL8p9bdVLxNYV_-Iswps1Pkzfq0vuxifv2rYythBJwhw1gPAqtxBDBmqEzbCTRfejSPAY_UCuZm5sviXjcBlsOaumKrnDoGU8STfIlUo7aZj5oSVbnEM&sig=Cg0ArKJSzEoOkj7_SVWIEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=95&cbvp=1&cstd=93&cisv=r20210511.55829&adurl=

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 17 May 2021 09:49:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 17B7 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 16 May 2021 03:29:49 GMT
expires: Mon, 16 May 2022 03:29:49 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109155
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 209f99d60a0a69b40d970a359a986ae0.js Show response
s0.2mdn.net/9662254/1620226019207/ Frame 98B9 72 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9662254/1620226019207/209f99d60a0a69b40d970a359a986ae0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c901a58d7481ff5e987c9252916274ccd279f180bc157154b6852d63d45cf5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 08:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4310
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19165
x-xss-protection: 0
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 18 May 2021 08:37:14 GMT

GET
H/1.1 200
OK product_bg.png
cdn.flashtalking.com/124929/3111634/assets/ Frame 593F 17 KB
18 KB 108ms
106ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/124929/3111634/assets/product_bg.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 115d13b428cc1032836410b89fd44b1ce71b16d92d5d741e5f23f4db203c63da

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:04 GMT
Last-Modified: Tue, 19 Jan 2021 11:48:05 GMT
Server: Flashtalking (AKA)
ETag: W/"5d0a7b587d6b7e14a3adc471788cc160"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 565744599
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 17604
Expires: Mon, 17 May 2021 10:09:04 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 593F 219 KB
219 KB 79ms
29ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?w=500&h=500&url=https%3A%2F%2Fproduction-web-harman.demandware.net%2Fon%2Fdemandware.static%2F-%2FSites-masterCatalog_Harman%2Fdefault%2Fdwcafaf9e9%2FJBL_LIVE650BTNC_Product-Image_Hero_Black_071_x1-1605x1605px.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 6978037564805e46e09300245b5744f44665b03c760731659c4c2941075a37fa

Request headers

Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Mon, 17 May 2021 09:49:04 GMT
Content-Encoding: gzip
Server: AKA
X-Cache-Hit: false
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=328317
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Fri, 21 May 2021 05:01:01 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 593F 135 KB
134 KB 86ms
35ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?w=500&h=500&url=https%3A%2F%2Fproduction-web-harman.demandware.net%2Fon%2Fdemandware.static%2F-%2FSites-masterCatalog_Harman%2Fdefault%2Fdw97179a2d%2FJBL_TUNE700BT_ProductImage_Hero_Black%2002.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 8cc3fded2bb37d4d0c8bab12ee58438b1535a440240b9a0b174fa7367aafa21a

Request headers

Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Mon, 17 May 2021 09:49:04 GMT
Content-Encoding: gzip
Server: AKA
X-Cache-Hit: false
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1204998
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Mon, 31 May 2021 08:32:22 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 593F 161 KB
161 KB 96ms
46ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?w=500&h=500&url=https%3A%2F%2Fproduction-web-harman.demandware.net%2Fon%2Fdemandware.static%2F-%2FSites-masterCatalog_Harman%2Fdefault%2Fdw7f7d4938%2FJBL_CLUB_700BT_Product%20Photo_HERO.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 09d4547d75b157fb66cfc8beb73037d1ef4a86b7195441e2f05b0a0acbaeef63

Request headers

Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Mon, 17 May 2021 09:49:04 GMT
Content-Encoding: gzip
Server: AKA
X-Cache-Hit: false
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=671139
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Tue, 25 May 2021 04:14:43 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 593F 121 KB
121 KB 75ms
25ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?w=500&h=500&url=https%3A%2F%2Fproduction-web-harman.demandware.net%2Fon%2Fdemandware.static%2F-%2FSites-masterCatalog_Harman%2Fdefault%2Fdw5044f9f4%2FJBL_TUNE%207508TNC_Black_Hero.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 7284266f99cabe69bf8a8e32902a89855d67accb833ed6eecbc619eb88a59830

Request headers

Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Mon, 17 May 2021 09:49:04 GMT
Content-Encoding: gzip
Server: AKA
X-Cache-Hit: false
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=306650
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Thu, 20 May 2021 22:59:54 GMT

GET
H/1.1 200
OK get.php
img.flashtalking.com/temp/ Frame 593F 128 KB
128 KB 75ms
25ms Image
image/png 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.flashtalking.com/temp/get.php?w=500&h=500&url=https%3A%2F%2Fproduction-web-harman.demandware.net%2Fon%2Fdemandware.static%2F-%2FSites-masterCatalog_Harman%2Fdefault%2Fdw168c2475%2F600BTNC_Hero_Black-1605x1605px.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: AKA /
Resource Hash: 67df774b6ae31d9c582628156346f56e7ec884fabe050c748d1ebf9d7426df0f

Request headers

Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Mon, 17 May 2021 09:49:04 GMT
Content-Encoding: gzip
Server: AKA
X-Cache-Hit: false
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=334573
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Expires: Fri, 21 May 2021 06:45:17 GMT

GET
H/1.1 200
OK carousel_arrow.svg
cdn.flashtalking.com/124929/3111634/assets/ Frame 593F 276 B
829 B 74ms
72ms Image
image/svg+xml 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/124929/3111634/assets/carousel_arrow.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 93be8eb291a17f9a1c4b91f57a68c4767f00f37bf9ad75e3c01551cc6d1d4141

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:04 GMT
Last-Modified: Tue, 19 Jan 2021 11:48:05 GMT
Server: Flashtalking (AKA)
ETag: W/"0ad8d99dc6db5103e8571e3ea3667a98"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 821329991
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 276
Expires: Mon, 17 May 2021 10:09:04 GMT

GET
H/1.1 200
OK background_image_728x90.jpg
cdn.flashtalking.com/124929/3111634/assets/ Frame 593F 26 KB
27 KB 83ms
81ms Image
image/jpeg 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/124929/3111634/assets/background_image_728x90.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: c7369f38f3a5143dd868120b027496802bb4de6fe53e1b5dbff0ab05085c0e71

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:04 GMT
Last-Modified: Tue, 19 Jan 2021 11:48:05 GMT
Server: Flashtalking (AKA)
ETag: W/"c52614fcab7f40437c119b7d1095f04a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 649675685
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 27035
Expires: Mon, 17 May 2021 10:09:04 GMT

GET
H/1.1 200
OK jbl_logo.svg
cdn.flashtalking.com/124929/3111634/assets/ Frame 593F 2 KB
2 KB 87ms
85ms Image
image/svg+xml 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/124929/3111634/assets/jbl_logo.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: e1c03b86dac8a986d0191cafd690b06986578246e015375d2301261b449611a4

Request headers

Referer: https://cdn.flashtalking.com/124929/3111634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 1056
Last-Modified: Tue, 19 Jan 2021 11:48:05 GMT
Server: Flashtalking (AKA)
ETag: W/"39846191d961b07cc9114b8f413cdb6c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 625537796
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Accept-Ranges: bytes
Content-Type: image/svg+xml
Expires: Mon, 17 May 2021 10:09:04 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/4841421;3111634;21187690;402;9A5F8F22-0F84-ECCF-5605-A6D2935C4DBC/ Frame 593F 42 B
539 B 23ms
22ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/state/4841421;3111634;21187690;402;9A5F8F22-0F84-ECCF-5605-A6D2935C4DBC/?ft_product=jbllive650btncblk_jblt700btblk_jblclub700btblk_jblt750btncblk_jblt600btncblk&cachebuster=2690432978
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app56.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 May 2021 09:49:04 GMT
Server: prod-xre-app56.frk11
X-HW: 1621244943.dop233.am5.t,1621244943.cds152.am5.shn,1621244943.dop233.am5.t,1621244944.cds250.am5.sc,1621244944.cds250.am5.p
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 17B7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DyQI0nSy6BUFz1wbhNnw1YMoJJCDSr_iJxDmlzQsBeQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 1735
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Tue, 17 May 2022 09:20:09 GMT

GET
H3-29 200 user_uploaded_myriad_pro_700_normal.ttf
s0.2mdn.net/9662254/1620226019207/fonts/ Frame 98B9 95 KB
64 KB 9ms
7ms Font
font/ttf 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9662254/1620226019207/fonts/user_uploaded_myriad_pro_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/209f99d60a0a69b40d970a359a986ae0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a6a43a9769d42ee5aba0c7584e5d5b7e143fa2ccafd4518f64a047e98f3e91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76386
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65175
x-xss-protection: 0
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 17 May 2021 12:35:58 GMT

GET
H3-29 200 b8684ab30a4b275521c87f3ff8d93774.jpg
s0.2mdn.net/9662254/1620226019207/media/ Frame 98B9 359 KB
360 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9662254/1620226019207/media/b8684ab30a4b275521c87f3ff8d93774.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ded2cca7625c43f363717d453d9b3e03107134dab8f3aa67744279a8476bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
age: 76386
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368087
x-xss-protection: 0
expires: Mon, 17 May 2021 12:35:58 GMT

GET
H3-29 200 ca9725c0f1d91b0fb9edefe08978263c.png
s0.2mdn.net/9662254/1620226019207/media/ Frame 98B9 403 B
425 B 15ms
15ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9662254/1620226019207/media/ca9725c0f1d91b0fb9edefe08978263c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d2ce07add99cf98c50711c1a7d4deb91aee9a2decda95ed80b6878b06188f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
age: 76386
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
expires: Mon, 17 May 2021 12:35:58 GMT

GET
H3-29 200 15328cdb17801d10dabf7a34bbe76485.png
s0.2mdn.net/9662254/1620226019207/media/ Frame 98B9 3 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9662254/1620226019207/media/15328cdb17801d10dabf7a34bbe76485.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0f66cfe501acfe6fefb31c72de55ec8b3faa1a3f291621cbc786b57453b686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
age: 76386
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2729
x-xss-protection: 0
expires: Mon, 17 May 2021 12:35:58 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7695 40 KB
9 KB 371ms
369ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Fgazeta_do_povo%2Fin-article&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=3477195271005855&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&vpa=auto&vpmute=1&sdkv=h.3.458.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2829802952&sdk_apis=2%2C8&sid=3D5C3ADD-1749-428A-885E-D8B7D924443A&eid=44725355%2C44742277&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dt=1621244944806&scor=3668586120619868&ged=ve4_td1_tt0_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

5f31df2d0e41a6af9881486ffb91a5e68db3b4f45b425e9244193ef9b2203d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
google-lineitem-id: 5692665106
pragma: no-cache
server: cafe
google-creative-id: 495062798533
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 user_uploaded_myriad_pro_600_normal.ttf
s0.2mdn.net/9662254/1620226019207/fonts/ Frame 98B9 95 KB
64 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9662254/1620226019207/fonts/user_uploaded_myriad_pro_600_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/209f99d60a0a69b40d970a359a986ae0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f711cbed3ae7bcca9b2c00cb5dfb1d53ac4e752166ea6b3aaa00b676935685dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76385
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65232
x-xss-protection: 0
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 17 May 2021 12:35:59 GMT

GET
H3-29 200 f48ea437bebb2d1c8b251a56206866cf.jpg
s0.2mdn.net/9662254/1620226019207/media/ Frame 98B9 217 KB
217 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9662254/1620226019207/media/f48ea437bebb2d1c8b251a56206866cf.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63939bac7b709016c509ca37bb2bec9d8b858d12ae6a1fd9b6acfc09821b0050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
age: 76385
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221863
x-xss-protection: 0
expires: Mon, 17 May 2021 12:35:59 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0ADE 0
23 B 105ms
67ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 09:49:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 328ms
328ms XHR
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 644470874c77fcd30909ba97ae3341d3f3de1ac030cdff5535a75f47a1ac1b80

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 May 2021 09:49:05 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
etag: W/"544-GCvgt6UGFVT/hwObHrMlWepeeJ0"
x-amzn-remapped-content-length: 1348
x-amzn-remapped-date: Mon, 17 May 2021 09:49:05 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fd5StFCToAMFzBg=
content-length: 1348
x-amzn-requestid: 18c05c5b-d60c-49b5-9248-66c53a106d22
x-amzn-trace-id: Root=1-60a23c11-79db93a74ff9622738daa8aa;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 4N1aKJFVaGbZ5Y9pPrDwvKb-umygXhClkMRPrJ7P54m_ulM2rZRVmA==
x-amzn-remapped-connection: close

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 113ms
113ms Preflight
application/json 13.225.74.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-8.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 17 May 2021 09:49:04 GMT
x-amzn-requestid: f004c9c7-b4cd-4b59-9e9c-918403677de4
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fd5SqF-woAMFpNg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ST5DIwT8lQ8mwFlQDdY_ILF24TqrgX54AqUaC37Y0y5zsg-nCnHzxw==

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 6ms
5ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=O%20%E2%80%9CPL%20da%20maconha%E2%80%9D%20e%20as%20prioridades%20tortas%20da%20C%C3%A2mara&il1pi1id=960eae20-b4ef-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=69&z=1998214948

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Por%20que%20os%20dist%C3%BArbios%20internos%20entre%20%C3%A1rabes%20e%20judeus%20s%C3%A3o%20a%20maior%20amea%C3%A7a%20a%20Israel&il1pi1id=7192a5d0-b4f7-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=70&z=357819197

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=%E2%80%9CGuerra%20a%20crimes%20sexuais%20contra%20crian%C3%A7as%20%C3%A9%20cada%20vez%20mais%20tecnol%C3%B3gica%E2%80%9D%2C%20diz%20especialista%20em%20cibercrimes&il1pi1id=808e2860-b4c1-11eb-a9ed-898d61679f0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=71&z=1753576218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
61 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1049595578&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.us3.cas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=747907946.1621244939&uid=&tid=UA-23088598-1&_gid=325537218.1621244943&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Oito%20leil%C3%B5es%20no%20setor%20de%20saneamento%20devem%20movimentar%20R%24%2031%20bilh%C3%B5es%20at%C3%A9%202022&il1pi1id=541432b0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=72&z=393959864

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 06:37:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11503
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A196 0
0 56ms
55ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMVNZEWX1d9JmszG-Le20hnSU96SXCrtvfukxSvouFxCgixQZHuBaudRpoaZUYCIYCPZf1t6YLCrG_IWTBuy15xAv-zI1VQreNyFGSGLawAeDkHylPEoOnwJLg5AiEe9IyY1Frk6KgTvUeNAsQ4QSBsgdxqHOLvs1PKC4pt2U56nZksi0pvjMlw5deZnA5rMgTHIGSh6Ss_pHkTYAInOsUnpa0EFVN1NMhx7CpQ2jvOIOWBMEkuLgCjxye_lWwXaMWE_y3iAKVG38ZlLTtq0j4ywpufrKQOU843r-SvWfmxGRNbbojxX4wp08rmgN6T88VVWXDLLE&sai=AMfl-YT55ZcK2jIVIzrT5x9ZYMN4VOgDpgVNmvgfPUoFGnQ8JTw8xrUfa1ICaus3aR1QvTN1Wp2Z0ROeYxd4xxA_GP5mwQZI-40dknAmvlWpTPxAgsqD1fZYd209FF2_rVI&sig=Cg0ArKJSzAMxC044LvgzEAE&adurl=

Requested by

Host: www.gazetadopovo.com.br.us3.cas.ms
URL: https://www.gazetadopovo.com.br.us3.cas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame A196 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 May 2021 09:47:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A196 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620991973329016"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36585
x-xss-protection: 0
expires: Mon, 17 May 2021 09:49:04 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A196 0
0 20ms
19ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIHbZ3zUN19sPak9VVlhS58Jq79dnHFKUEjVE1ME-Xsv3Fm_j-qoxZSBhBvZNr3iANOB1MYLcXYiFkUEott4J9r6RsvQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 13284522048959956133
tpc.googlesyndication.com/simgad/ Frame A196 42 KB
42 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13284522048959956133

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff5767ddc28b62cdfd27605665e1ccd4c3131507bbeb517c6bb5440e52093e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 21:48:07 GMT
x-content-type-options: nosniff
age: 129657
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43407
x-xss-protection: 0
last-modified: Fri, 15 May 2020 16:08:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 May 2022 21:48:07 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17B7 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBR1AEDyiYJ_wGpCMjuwPk9OD2AwAAAAAOAHgBAI&bg=!y8ilyIzNAAY59bwoOfU7ACkAdvg8WhkE2tkWLGCLFWlqFvxtzLfS4k6rZ9lYpXkKqBDtu6snRgzbXgIAAADaUgAAABJoAQcKACqfSFTEEW1PO6byAKywHXUeFnbE05-QOt7iCulpt7-9MKu_PN92qmYEgZWZAp_ByhnlOYucZijzoeBYBMSCZ3pb3LREGYG9mAzVU0EWBv3nqz_o9nc1Ryi2g2sLJ2nMUgHKYswJliTEYS_3VU4l0iaZlYXlfllhX6HUCtKivkHDp57zctPbywX7muyxdd_vyC3IMOfZNR_eW0XhNxJDoN357l8uEk6Iegks-KE0Eoqaf-ypp-4lc1ab3sEFE9cofxQ1j4Twds9R8rw0d_po1h0fej4MJ43I4ObNn9T9ULe2mZwxTJboEKuegq386nDrMfwUZ3Qs2ilBEy4iF67kLRkyphy0iAYKcP7RfCGGrEqCosWKUDL8q0HZCzqqB2wpl7Zfs5lOvsXz2NikUmVtCLV0g90xr8ekzJvLZY758seUb6RvjlDt3FV-iQoWDKjY5MZ4pqo0bWtQGXJzyA35YaYlAuwjtf5pE56Yda5wD6WnnlxWsSoy_Ve7MXOjZx875wLv4xIeT54hLzGpuOHs_CtcoN32ZSwqdIpCj0gm1HhQtkY9tnwVuRs1921xM1n51azGoyGVvc20f2D0Sv226IUvBPexafbRrirUm8B83hOziIOJ6h1VAib4vV-V3BYkmOfadfSAYXKX2YmSxfHd6W5fajjQWZDXLoZG6hZMx_rt29uhQpxaG1RwTd73cPh5Z4rYv6ULn1IEZZX3NXQpA4Q0bMTW1dwufEbVBY1PZFGUUVAUEfuQHJxCsF20RaZlmFN8TvP5wrER9r-LQy_LB4H-pjyqqUsTbzyMJFhLsrms58Lld9LY-CSUq-Cn90EjC8Sv_CzxTIypudXiqUYVUbj8nNiWl8utJ9PznLC66D2rfewbTaDtqdUzyGDgHwOajc0pIqExWgFA-KVTokKgHx-G_ts5tYTijrdyldblZOU1TGhVzi1rLBex0yxBtg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A196 0
0 62ms
61ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPRnKwAmtkWpl-hV-p9xR3v9u8QbOXknkg529YCfbq2JcGLiYJfE64h_v2gVPbk-4Sd6VrON0guAGGOcxp55N0O7DCImpfDt7r7dO2Yiqg0yh7h2R1sHSqXfjSEoyg2hn3kyLwLD2doewX6zbhL9YNPIrExkUNXNHYiU_CwIO-pWjnlKVZvA_gXs2CACVo8W3rCoa0rxfa7DmEkC0nJdIXrREn6Mo-y7sGcJpvwgu-u4WzvWaOV7guQmqizbukN2Bbh7kNO9YTz32sf1ArI2fNNdNyU-xXguUZzgnC8jvTrAcZz6mbyi85WJcMsi_hWdXQE14OFUnwGw&sai=AMfl-YT46RmxN2jpvJS2BL681v6PP0VG_dFvDfARkFYrgpYiLPiR4pIV6Cq-7TCUeGwv3OxaGMMdtphY6CQ5Dx92OsG8G2T4iMhmDHkNYtMALPiR6GZsxK5upjVJqbs3aeI&sig=Cg0ArKJSzIo4nbaRAI_rEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 17 May 2021 09:49:05 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame A196 1 KB
2 KB 21ms
21ms Script
application/javascript 99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:36:45 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: M5p9MP4DPHr4pb8c7Ul29T44q87wSd-7mw74XI1RBwg-hQjecqrkKg==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/ Frame A196
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
4 KB

22ms
21ms

Script
application/javascript

99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:46:16 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
etag: "5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 170
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3690
x-amz-cf-id: 1immvYExV5yID38rnOAzYxB9wydN_GGwRNQ6EPb9r_qFgOARLv0KYw==

Redirect headers

date: Mon, 17 May 2021 09:49:05 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: tfPh8zHEEUEIM7Sto8OQZcLdi41IoZU9h3SPYX9IYZr5m9cpBJjB4g==

GET
DATA 200
OK truncated
/ Frame A196 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8df80529839a80a2bc7ddeddcb0e9f8dbba03cf986c00f07c7e06b4b3fd69cca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 b
sb.scorecardresearch.com/ Frame A196 0
337 B 22ms
22ms Image
text/plain 99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=6036356&c3=1&ns__t=1621244945053&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:05 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: fgSHXAfb39o14xWlDMsHdDOR23Gf-xPvnsnWGLEWQ1ZLerT96MuRWw==
x-cache: Miss from cloudfront

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 7695 28 KB
14 KB 87ms
45ms XHR
text/xml 142.251.5.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A8D_zMgv9V86B71iANt88gf4s_gICQVpwqjxuW45k2VfieYvXSOHxruzbP9yp4F3QsY6TdlNbsTu3uu6_KYNGJcESfRA&dbm_d=AKAmf-AbBEOTSrB14-RtbmbCOKtOSUKgrFcJVwq_0i2OYB7o8Cx_CKeZcYcmnCI0Mp7Bs_CY6d_5qNm7vPWkPliSQI4NkLweCylTQ3hM_4oZ2n1cU28rqOIQgk4ZFGCbYu_QQu-l3SYy0YqdP1bpRI7kWZs1lfuPr-qstwoLkDCjQAm1rEHZNffKAgoCAu1iSOWmS55eVliKNs9wqKNK7Wf1blAGF_F0Qn4MqCTQKwXyPFSHDk4J-vnUS8pp3ARMzB-TYVY56uB3gEWdJ4yQP7tfJokY3xjZM4UVCgJfPuYln8YHj3aGS5KiOqOX22z0_jZOqiPFZAgLqnzfRQVzib_98TG-UGRYP2dlQon7-tbwPHGihYzZOWilI3vp0Omc8y1XI4rzTeQ46F7RE4g5md1j6Vz9cyoFtB_yVu0FVs_ac_HGBjy222kaOAespkb-7PtUQtwPmBKN-NYcfM96mSZa9PffrkLvWlDOWhVwhIMn4UkeGBVAvmzNoaAHbb8FHPq2NSH2v9zx3RqqZfKpZ__ZYQMDeNJZooWWne1Rxl1OiGVN5SIRHj4y31Km8O2fV-ACuHg0dO6gc17_GuKLpGk4JQ-anJgbuz7MHW8Gsa6FreS5d5uUxBM8f3opQO5AKQbFXYLwVcPeLP9q65lPmg8bW77Z5pPzbsqQyUXdjjjwnHq161tvk9dyM9HQDwCzuLXidqp8yFS7SLEzn2YgsEvddb3cj1zMzsy4licO5vvw2b-0LZr4AuqGV7AsiW35ykgeGWLK2e95ACJIe7xBFm6KkvjGr0_udbK-R53kgII1LRL9oXo7ActgDdmADofeP2fzSqev8yNFjeRi9tpDkTjtsbzsywV5CodYDkB_lczRhIXswbgpqz-sGLQhCA13R_UTd02Oon8s4kEDHpj4dED5FWf5j58VhgbuYWbVSMpGoERb7xvfMKAS8neYk5aXULfeqNgkzHWz3jk3DU8AilhLLgZ8cDX1qcM0XshWgC2tFu7tcJl-B0OjZjESM1Y2BOUUwawLMNv32JeSHC0cDWmcY_gyQI9CP3wmxSx1A55oHsjZ5q9EMkDp4MEaijuYM7On3sXDjIhArOzYCoQjqSfOxAgVfPFgS_UM2A1P3etG8tiv15rOmaYn0dvx-Fo8o_pqJb--uP2gq5JaC7L8vyT49Hm2C1IH399a1nfGTVhvADj9mWKu-Prs4BJfgaXoZ6aczy4w9zDCF_raaUP6SEgdn5eUywmdZbXDH7R7dPlNN_wIYtIU5jhJM7VRnj_kV462s_wHzh4D4jWAk_0ZiJOIN0M-xmPWg2wrLrMiJab2Ji83m7sadmykx7omuBbk_T9QskRCERJa_xIZhwP8vZGhAfN3JfHI3JWuWeF2vpJCtBQE4CHgRlrlfBDF2wLifKZC0M_dxnu6chNM2HLP0xZ5GShK01ummPurTeaz88KGa1q2u0hYUWu_O4C8yDjdymAVlyk2hhMsraQi-hNGkJHW4Mo2thaZL3Jk8grq64MYVYAzvSMjCzwfjLlQUeTvxY6_KkfuMY831uMYC5uic_PmKo2uKen_7qA541ZuC97UrL6CxBGvsHoM4ryPHwZnWssnSDNaV3ZBOTPUGF5ZoEsuUXO3TmsxJgntqlbsG_LcNCJFGS-mUKd8zJb0VmeknAoIRfShP19HLguTQSHOdEVCxqlM0IacsmMXCya_M69ACmUzwKr_mkSUNK7tjciPhayEc6n5SmRQzWdq4nMqnd5s0ClZNvKSFIEEj2KISWSiXtyWwDhsGpIbs9YSaAYT-tR6OplO-MgOiIq0xCW-oG4OnRtU797DI3_9VQ2bb2P9Cu35Vb5BNlBMr5Of5D7RDnrWXzPiNH7pC6TJmeTH6E37aro2cQEZhrp0nbblc1D5HKf0dICXSobGQJcYQvAmv7HHIgRLpQlED2OjnksMneqHb2bPw8zD1n5IQj8RrpdqFJwl537f5O8Hq-ttYQzpONSwCwMP-FF0NRRRr_eXxAoei1fbAFhMa_4tRxLGRCC01PL3Q7CMtU7wzTdMesiWHJ_YuO33OyiOgiSMKb8ZjRgwTj-JZzH18gghfLAwR4XSckG5Cnl1VITYHPag2dAHX4iov__skX5OZ0xays9ebkBiUl4wgKDVVwuI139MP-JTWQ0Qr3cKszGULuI_4YSU1Q86AgqLw-Oq4gY5jgTb9elRwsxZE1g20nLL01SGUj5wTJQms7iMZMFpgh3NWy8DXMZW9K-wyniscMqkjzNdDDDb3BwHNIUjlCP2ZOAM5SLyyDSRH9bGWcIxEVEs7jPZexqz2v6dABSclMU5CkLz0JF0EB2HyzZK7ooJ-gli7BVfsOezlKeuk4eYBY8f7VRXupM25aNOGBC4qsAjsApA4Yz3TFl_v1BofSFggxKsxbZoua0QZi9MbkxpaS3LFdqAxJJj_2VNzcliDBjhdTJ3p6qPpU4f9AzfwfkL9R2ylWSDEnCOQpenWd39lGnNOKvjrgUQc4BY6dpxqtTCMukbNrcdOuGjNqPliLQKmlQcXdCISCDyuylSjjUW98K-cB7G09iqc3-M1bfj-GhXQebzVhHhDayJnHM8533ZKY3J_oSG8tv83izd1nI_WCa1Qg170wEy6KAggeuJSNe4pjptFrmrLUM9ZGCfz1Fpl78D9_LqiBW9DbRJBlLMwZpFgGgjh5_6t-VwXHkwIJFdVbHzUwwVvd04GNUqL34Oz3Cp3NndK7rkiuKtXi5z0UE_uzBUVAmnQuwncicG_yrBLpPd35wPP6JXt2oiw1WH7df84Ce7Z_SCxF7FrKG4QiaLDReZh4naRrK1jyHTyF-zYElVs0GiL1V6m6wZuizqx_6W1ClaVrw5yguB5E3PhWQHC53tk2oQv-7a-mw8m1KgX_DuZVhOmFrq97hFslc6IwZtEObeQltn5W0g7Pxg438JKp1s1iRmN5336n1wXMBbw9dHQR7WMUyextT9AwO4qeRRyFXS0cZ4QgCRP0a3vkbdUfkj4OlQoauFoRghUpgZR_BX_-CeV8cvTnup4m4ydzVHZTH27afZYij65hRCmi-yZmcxkJ7XNJpYrfyz6T7HlGiOCL75LYk6rXN1UAoO4owagsecdnIOovKFzLH51idWEqaaAkwoi9xtwajyUc3mZZMoiy4OWIzH_oObpIIZpa2vyitqnQ-2_5NGvVFgv-tbo4H2z_ypjOwZOmHCfuGv-HAPnZg3miYGVYM96xrxy1bYFNXQK1TjGSoVk5NcLewon7AM0hCdPXzB2foO6AXv_-p-ky-VuiGWHm76bg051b17jb2UJ88Co2AYQJ5T9MVrCdZauSrPBRCEtwysEw5eAGIzWllsWLnjVuhWz8G5yEFz75eegWWjrfUVJS7XC9jsgq3RaV_1BICcojBI0D8nT7AOyq3YLQ0-OKUhAB5Shs-UZW7It3L5Ti_1o4p1SXjHTsdO4BqV076OCKyy1ieYByvzUh5fUEoxTvktlkXQizXfmiW6Oe4ITTqLgZPU_CYl48-80bexmhFTyClIxgY1_tJXhcKl9DXLFXOdUH4DXaZ8aYeFXizQhhzni6sXHE0x72AIjFMR6xsquh8HXX4GZkNvkkDhgDcm3nODu2aFBqkw8TzI53WntOgkeCs8LWSqWVd4wpOKBD3QOqLF8PK2PU8V1WLz46r6Pdv4psjVMuOZJPxBu-vQSCsL2nbr2Ad54-yH7nqQ3wiuV7nuFUDlM4gG0Ajy59QR4tl-qhZMEbMtrEZs3wY7UuCQySYQdJHWdaQrfvzE31OAfDt1F_ynPBaxiqesTfbK5DO296xMmGZezS7883Cmi4z7TfuNGalNXYZitNND74nqljAZSQG3lbUshNbMlePL2ZTuXhyayOfm3zTAvfhzyrPUQmuUl1-SQd3e9lRSzlCTRKMFmQ7LXM10tEwbbI1ZVDbG_1sjd-W-NVrW7-0hOCgDtMu3l3h6Em8P53DTKEuaQ5pVcJNUPFQQ6HlZneZvilA53uXrWtT5jLTNWucdbUdpZihQsyJ7l7IbjB_7hHRtaOY-JPIkEwDOYJohUuwAPyVbuNb4q5Bd4oxN7YuIxQMcMvnTD5SgwQ_ODQGw-vwIWYRoDRUVFwKdt0qFK8Ttsqiu86QkxOrdROSEBMWo-X_HHnvP7au7g-zqy8gglAERpa39eEG5OQjs1UsR5hZW-aNma4bmv0bWcS5pKrTQx1g0VMSxJwxZ_bubJo7VPYxWwUlDGxl-mCfuRYODPgPYt3HhLUQknaSORfUlvwMhbQ08SDc&cid=CAASEuRo1sQZwFmNdbgbQ7f2Ngj2Mw&xfc=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvNdEkXxortIIXhmrgnLVS9B1rjJX1gbrrYP9kNEz_7--hnBlHm0te_JVF9mwAYDiPQFftm22DSiI9qbn53zQtp9M7PWabM-pyZFl0Cnw-vEPhAFkHdaz4v9zjp5uGFzOO20xcqCAahO6mKlr-kN839pqkB_6TKcFrB94rk2vP-TLzU1cG2BqVTMYIApfMQuCiSqdslgk2t5iOJ6Ej2yGPmEiNWG0QAbAfz_a1PpfmHMSVWb2EkCfKzpjl_KfAy4goLKiT1SD4sFvip1phizPVDxwX6KD51eCQR6FOOmfoHlEOQEkEAQl75FgNl6xgona-LgiyHlHUqMdbn27bX1ARCqIg%26sig%3DCg0ArKJSzOfcxhnqxsq4EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26adurl%3D&vpa=auto&vpmute=1&sdkv=h.3.458.0&osd=2&frm=2&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2829802952&sdk_apis=2%2C8&sid=3D5C3ADD-1749-428A-885E-D8B7D924443A&eid=44725355%2C44742277&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dt=1621244945195&ged=ve4_td1_tt0_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_ts0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9d40cc506dab9881a28af0070109f7b36ddfbb1c3ae81c0d4be51292d68160b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13553
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7695 0
331 B 44ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kosfdpi0&c=587360239819&slotId=293680119909.5&qqid=CNHEn4i40PACFdj1dwodpBYGAg&gqid=EDyiYLihMqiBjuwPndmmiAk&fb=ima-html5&sdkv=h.3.458.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44725355%2C44742277&vmfc=18&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7695 0
24 B 57ms
56ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyoJ5OkTP9Wg8yQWOs11fLtsg1FczxuagHSNjgJ1BwOCVvrO1m966nIyzybC08F5hvTjbi7kOdrUkpsDGunhSdKgF6xjZgVyinW_3WMAVvUI4IDk2xjgQAR2wyI9aQlolROl2Az0OCC2LOdThxORMQLEBVziGygOlPmwei2ynXrorSYrE7f3YBg3xK4A8Q5k1KcgKJStutsiWgdWC9XRBmePjcwAfAQZIAn0XpSZ5S9fYjYWpCGpXNpmKyGd2i6dTE4ELObnguWNwtzxuF3AkW5R7Imn2qzrcryKVYOBoR5JUvwXnlGv3QKesxFDl8bWWza2JBF2qiSuvqbp3Kxs5yYuDILoCSziSm9dFeD9vMlZkyKt2wz5kqRk7PlXbvERaFJxnwH8F3LIVUXYxsSE6WwQtI6z6XCiFdL-T71IoZ7dhJwfsjPnD5aIF_i6ZhEvpzjKYMQF_BTK3Oe-VHMEQPXIZzxd80lqTGxElUyrTRse_1F7I4OR0vFZU0jnpXYb-URNO4Yb87qlku_lj_daNFDwQzoZfWimOkADuxNJc0VNNrAGKh8TF-qsq6H3NzVxrGQTurRGrLfu3KAfLsM2s610b5fEX8QEW_MZ_yrk1sOKqBAzP4tT5x2V8QxPjR64JYFA1OPPJgfDwL3d1GfB83c1a67sKHS9dFru9O7v8LdmBrDElDy9FoZ3EFN1dgnstSPLYVbRAYHjfIdVZ3VMIlpRkXt0axbQ4rUEvsUo3-bJFLgKT5hqHA3_Ic9XdLzN2HIWtjkP9fLFuLzHK8-ArUYkh5dv-GFoJA9fjHl0x6lqcrzdxNDjaZ5XeffnfaTsvFKSuh1wTrPmZraGIKiSC267QQcbD-R5NG5ku-JK_8vFE48_R8WjwWugHPpNMKwC3QAUvUZsVdLggaW3I8pt5QHgmNQB9i3WZYAoA_RsfxNLypHSICykQCGvX_gl1g9a-gYF1gfkRjM5MvCYrGUaevEvukDYOhqRGXW91bijDEY0kvyUH7NMedoA5TTU-seHZEKDkC_Ij0nxRPp4t3tjCLaQDwjWAFBdGtVrzWqvEkn99A_n8YJY-CLlVvpNx44_rBXlxgOkRsTmw6O2Tvd2TjoQoyV4wqQ5_CkxSO-qo1GUig4PS4lV2pobX1ySTlsFo_vXXEAizjlakU3goBjWr96xD6NzZBcKv7C_e9qinGE1arE3LmS9ufA0RsslKFAsdOm9AXUszU28WG0n1OipeOsfFuFP6bD5nAm10JUrPGqs04caAcQHFfPKoSOZNesIjhfvVSEargfYKTNkKMLo_pDa2KqSXHaGT_W-sjv0hdzFY_GWVnhOZ20NX4WR8HwtZwfBJcy8EX&sai=AMfl-YQBvIRLTMTGn6BAJ5D3WWzkpsJqgLdfEQw64nL80pFCSHAMOTsptsnylpDC_wQxRubGYwHsI4RqeMthHqs_eX6pQEaXd84zm2IrC6sR4T6NaMBESMu7b6a4pmW-R1AGLmpiwgJnTD78rDBNMwoUzFCjCfm2HWKUCvBzd85gm9_QCjW5eu9XCUefHVdXPjmx96urjb0yDfjG0w&sig=Cg0ArKJSzDp44AhNqmTpEAE&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCm0IARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFIzCOUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 17 May 2021 09:49:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame EA24 0
54 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kosfdpbg&c=587360239819&slotId=293680119909.5&eee=missing-element&bi=missing-id&ulv=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
t.dynad.net/pc/ 70 B
423 B 193ms
193ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003220;ord=1621244945333
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE1 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
server: D3-FE1
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Mon, 17 May 2021 09:49:05 GMT

GET
H/1.1

206
Partial Content

47
r1---sn-4g5edns7.c.2mdn.net/videoplayback/id/05825b4e28c92ec1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765470038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame EA24
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/05825b4e28c92ec1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765470038/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r1---sn-4g5edns7.c.2mdn.net/videoplayback/id/05825b4e28c92ec1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765470038/sparams/acao,ctier,expire,id,ip,ipbits,i...

2 MB
2 MB

47ms
7ms

Media
video/mp4

2a00:1450:4001:68::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5edns7.c.2mdn.net/videoplayback/id/05825b4e28c92ec1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765470038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7EA25CE151C9DF4265F5B4DF07DE3B60396C4F41.34A2329B85ABA5406F604684B2AFC58B441F8CE4/key/cms1/cms_redirect/yes/mh/6N/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edns7/ms/onc/mt/1621244668/mv/m/mvi/1/pl/47?cpn=pcXlmceGZwK5fBdk&file=file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:68::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1beb2f5b568f6631e40890de5c170730f4e9fc7d7145d27dc4f05c166e5cb938

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 17 May 2021 09:49:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 14 May 2021 19:53:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2241272/2241273
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2241273
Expires: Mon, 17 May 2021 09:49:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5edns7.c.2mdn.net/videoplayback/id/05825b4e28c92ec1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765470038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7EA25CE151C9DF4265F5B4DF07DE3B60396C4F41.34A2329B85ABA5406F604684B2AFC58B441F8CE4/key/cms1/cms_redirect/yes/mh/6N/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5edns7/ms/onc/mt/1621244668/mv/m/mvi/1/pl/47?cpn=pcXlmceGZwK5fBdk&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 677
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
443 B 22ms
21ms Image
image/gif 99.86.2.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621244945346&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621244945346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-29.fra6.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 09:49:05 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 61c63YwV3P-bfQqS_qR08w3Vbb064uS0TjCWcj0GsRqpjZbK5vsqaw==

GET
H2 200 /
t.dynad.net/pc/ 70 B
423 B 193ms
193ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003219;ord=1621244945347
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE1 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
server: D3-FE1
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Mon, 17 May 2021 09:49:05 GMT

GET
DATA 200
OK truncated
/ 873 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 csi
csi.gstatic.com/ Frame EA24 0
17 B 39ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kosfdpyo&c=587360239819&slotId=293680119909.5&ps=0x0&met.4=hvd_lc.kosfdpyn~hvd_src.kosfdpyn&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fsdkloader%252Fima3.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame EA24 0
17 B 38ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~kosfdq29&c=587360239819&slotId=293680119909.5&ps=0x0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fimasdk.googleapis.com%252Fjs%252Fcore%252Fbridge3.458.0_pt_br.html%2523goog_54191628&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame EA24 0
17 B 38ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~kosfdq29&c=587360239819&slotId=293680119909.5&ps=0x0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs0.2mdn.net%252Finstream%252Fvideo%252Fclient.js&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 31ms
31ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 7695 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 16:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63963
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 16:03:02 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7695 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7695 0
24 B 70ms
69ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIdSccB7XHiVapm-XieOOqGQC2j3khvCDB0zuhuVVwzZpsthTTWGc7sObjflA_kAwf9qI1ywOckU98QMVqVbdFX-Bo59xwGmeCFUXXEL8zbefPFakOwTmBSlQk8A87Ponb7jYuZJAWFe-3DezxUupCGy0q9wOdXMl8HBjQy5WdzlLcFXr3Ml_5cfjTsLFnMFL3VkL4pRxJ7YVlwXm0ioYBzBlQ_ID8ujK1Hf7tnUXdQYe6N-7hAICqKEVxVZkpwho1d9sgA9DNI-NjXs6Pfiup0Ogi-v_EayxUpYAcw0o__uj5K0wN5luIy256FG6PfhzAchENeGYS97XoHn7w4x_WvBvll1Y2PrKfWHIPI5xm5dtK5IStisvxN8UEi_lOUgJ0gTw0Thypvj5xFX5dy_amgWE9qJRKWeFBihi9XGnhI2OPnsv-772l67f-4gqxirgRXNyTEsnTvh63UoXHvav_XBYAVtBI2YcKDFwzlfyhJJ_XyW7n9ujj_hhpjdQgTIJIyJBd1ojfU0ZGjfXdyZm6lFQq4dhoGgr0yYi5NTCvbR6qtjG0TsPRfcDMFVxaIz8akVdrgdJvThxNRBqcZA69TIqIf00wXmULfbr7f7M_snE_G3wv_27pR8V-p9AzUIGM6MpY_erIa8zCQJHPJFKVFEL3H2ubfQWUPyZ3a04TExHVdbQPfa0BjwhsKUMuBGXX3yQilb-R1NlJoNPK44__LNrknIJ8QgHIT8TA17SLttypgJKREAnhmaU3PtfM_1yLJ7eAfUJRB4LhQ1VGH3METTJA2vVbF559X4bWb0MxWa0t9zEcnaxShe6cC5FKzBkbypTKgrdPMhNyAVXGEQL8kINom1OdCVbFWcPNZFqu1E5-ruxqliCaLUEMKODKQUej3ke9m3JUo5K5_RnydwCVRtzxuvlIpBf96u0GInZ3OH4theyOnCM29ifxLbiBqmSRftT0J3OUNHvWhxKYzO6uVgAvhg0jKFFiAUQoitjxTbGswA70-z00Qg2iipWeSOz9UpBetTYzyznsC9Dp82YPX1mhleC1p9DEfq33f6DpryPd4viVouUQh1tuWyoAenEfeeWm3-O-fpEpAqP_t2pzDay3N3C8q8lkPJdYwuX1-CREk5K6KlR1vbs3hF8gssW0qIaqCBcpSsaC_qfCgos4J1z7gvhlUTNbLRBsbp1uE9HtxteVjQR3vuxrT6PNFkH1Y-MzSbw1rDDNYGD_OA4qo7fZU9_fStsR40PrLyGBb0sW6JJGu548jiAZpIzUtqdyxoUxvEFzRXRuANx3Os1d-0UO5EXjdIlIB4I91lfhdIwjXnKyxR2_y3y5how2_FcL6CFtZTVAXW58rcl9NRkOGmxfoil9vkm6oLsmX64CwOYr6XJY3SL8u2rKjCEro31UZnowX-_m_0c7rJvh2AzPYJIFGYWRKz1CAcI0gF4xW8inW-3hf2HhdK2H-oGFEo8I3qU&sai=AMfl-YQ-ZyRPSejazEexM-oJaoFi5pKFh9hKJlDJ_Ge0qOWuLC3l3JEb2fzur2mbuambMsUTrIVnnW4cajKdsCeTjwayJ-4fztm2wYaV5ki6rb1hfMRhk2QpmQ7xzokVQNhcePpSxIb3OBVQuyqNdZ1BOgZ0oDpMq4nt9uSPBnWkH8BRoxBxnK2XvJ-GH4Z6yBq4x9a3oZsa9UpGo3Xk3UhEsrCw5wvukdIDNNMhQlMu36nEggfFHZvGg6F7wRQe73mB4WlGGti1QVlfEDr1VENsBCSQP5qOLbMM0KU0OlRpvsXmRxIGVc-FdCX4REv-3-Cpo8Iz&sig=Cg0ArKJSzKSFwkVhnQa3EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.458.0&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 17 May 2021 09:49:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 7695 0
0 17ms
16ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCbqioYACABMAE&v=APEucNWwx4xqonSPQGGoaFZLZBha8IFbEbvJmNtxEonoAv0VlHiRwiWu28xmcJkA-n1a6cEqPDQlOufZ1E371OCMZGhl0ELZFA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 20ms
17ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI0DkEDyiYPKYPNjr3wOkrZgQ6a-m5GK7mKq_7g2c7fOi6yQQASDSoakfYJGEgID8F6ABpcXxwgPIAQWpAhx7bYdpdIk-qAMByAMTmAQAqgTjAU_QFrOzTMdZ7__AexOQPDO2bWkOoRNykwAEsn-Fi5fMcfURTBdLUHHsw0oHSf85NUmAT1_ni738Cpqbq4KsETiyyA4Swj8RJhc96by3V_vrlQs7YshG4xM_tjly-lDKk3MrJUbmfCAwDJ5vFv-GrjAW6GcwwRdFGM0PnnQ3sz03evKpVV_dFWfv_GwU6RFNmUcSiBaDKRupFtSxiGjphDZD3eg1UZSDEhTzr979Elo0Nmr44LDERs2cKjLktyxaWnAoL1QUVudXkNhmvE6MXXYogxAadnO_VILGYYqKoAzzjFh0wATS3cfAtQPgBAOQBgGgBk6AB8O6jj2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE5aCxwvQEwDYEwOIFBvYFAHQFQGAFwE&sigh=-i90vxJgdCI&label=vast_creativeview&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945467%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1621244945332&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCnAIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFI2COUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTUibAVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 34ms
30ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bz3WpEDyiYNH8Mtjr3wOkrZgQ4JrH_kUAAAAQASCO6K4hOABY_4SdsoMEYJGEgID8F7IBF3d3dy5nYXpldGFkb3Bvdm8uY29tLmJyugELNDgweDM2MF94bWzIAQXaASBodHRwczovL3d3dy5nYXpldGFkb3Bvdm8uY29tLmJyL5gCoJwBqQIce22HaXSJPsACAuACAOoCKS84ODA0L3BhcmNlaXJvcy9nYXpldGFfZG9fcG92by9pbi1hcnRpY2xl-AKD0h6QA8gGmAOcBKgDAcgDE-AEAdIFBhCS2ryaFZAGAaAGO6gH7NUbqAfz0RuoB5bYG9gHAeAHD_IHAiAB0ggJCIDhgBAQARgd2AgCgAoFmAsB0BUBgBcB&sigh=-pafmzA0jSA&label=vast_creativeview&acvw=sv%3D895%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945467%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1621244945332&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCnAIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFI2COUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTUibAVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26am...
ade.googlesyndication.com/ddm/activity/ Frame 7695 42 B
107 B 138ms
65ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945469%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621244945332;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7695 42 B
64 B 46ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4YicIShMbrKpu7EnBs5yHosHPgiU5uf6WAQN_i56FpvQ_PE1mM9Ayi_-o7xCr6xfnpXwxacUHzO8wFTPRHms5JTA3gaj3QxQz9r9gFel_tESJhxdqaC2HJI5VEmkl8W-c87TSgWmWKpyUFgA6eBjdbjf2DrU379u5tLoJE1QEgp8_dgcxH-t48OLKWZAyA3VHFbeASmsYtfYX7D_Ergbf_iQ&sai=AMfl-YSp-EAeUXiLIZnhc-FBP9tQozkfYf9apxzzLyJx7nqM2TMgya0y3fjm6W3nQ2G5cCuW0HYoPCLPEshOsdpvxsazPSt86cRGEzQ&sig=Cg0ArKJSzMEj0tnix_MIEAE&cid=CAASEuRo1sQZwFmNdbgbQ7f2Ngj2Mw&id=lidarv&acvw=sv%3D895%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945469%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621244945332&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amt...
ade.googlesyndication.com/ddm/activity/ Frame 7695 42 B
107 B 138ms
65ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945471%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621244945332;dc_rfl=1,https%253A%252F%252Fwww.gazetadopovo.com.br%252F%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 23ms
19ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI0DkEDyiYPKYPNjr3wOkrZgQ6a-m5GK7mKq_7g2c7fOi6yQQASDSoakfYJGEgID8F6ABpcXxwgPIAQWpAhx7bYdpdIk-qAMByAMTmAQAqgTjAU_QFrOzTMdZ7__AexOQPDO2bWkOoRNykwAEsn-Fi5fMcfURTBdLUHHsw0oHSf85NUmAT1_ni738Cpqbq4KsETiyyA4Swj8RJhc96by3V_vrlQs7YshG4xM_tjly-lDKk3MrJUbmfCAwDJ5vFv-GrjAW6GcwwRdFGM0PnnQ3sz03evKpVV_dFWfv_GwU6RFNmUcSiBaDKRupFtSxiGjphDZD3eg1UZSDEhTzr979Elo0Nmr44LDERs2cKjLktyxaWnAoL1QUVudXkNhmvE6MXXYogxAadnO_VILGYYqKoAzzjFh0wATS3cfAtQPgBAOQBgGgBk6AB8O6jj2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE5aCxwvQEwDYEwOIFBvYFAHQFQGAFwE&sigh=-i90vxJgdCI&label=part2viewed&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945471%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621244945332&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCnAIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFI2COUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTUibAVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 34ms
30ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bz3WpEDyiYNH8Mtjr3wOkrZgQ4JrH_kUAAAAQASCO6K4hOABY_4SdsoMEYJGEgID8F7IBF3d3dy5nYXpldGFkb3Bvdm8uY29tLmJyugELNDgweDM2MF94bWzIAQXaASBodHRwczovL3d3dy5nYXpldGFkb3Bvdm8uY29tLmJyL5gCoJwBqQIce22HaXSJPsACAuACAOoCKS84ODA0L3BhcmNlaXJvcy9nYXpldGFfZG9fcG92by9pbi1hcnRpY2xl-AKD0h6QA8gGmAOcBKgDAcgDE-AEAdIFBhCS2ryaFZAGAaAGO6gH7NUbqAfz0RuoB5bYG9gHAeAHD_IHAiAB0ggJCIDhgBAQARgd2AgCgAoFmAsB0BUBgBcB&sigh=-pafmzA0jSA&label=part2viewed&acvw=sv%3D895%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945471%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621244945332&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCnAIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFI2COUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTUibAVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26am...
ade.googlesyndication.com/ddm/activity/ Frame 7695 42 B
498 B 136ms
65ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D14%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D14%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945476%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621244945332;ecn1=1;etm1=0;eid1=16;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 20ms
17ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI0DkEDyiYPKYPNjr3wOkrZgQ6a-m5GK7mKq_7g2c7fOi6yQQASDSoakfYJGEgID8F6ABpcXxwgPIAQWpAhx7bYdpdIk-qAMByAMTmAQAqgTjAU_QFrOzTMdZ7__AexOQPDO2bWkOoRNykwAEsn-Fi5fMcfURTBdLUHHsw0oHSf85NUmAT1_ni738Cpqbq4KsETiyyA4Swj8RJhc96by3V_vrlQs7YshG4xM_tjly-lDKk3MrJUbmfCAwDJ5vFv-GrjAW6GcwwRdFGM0PnnQ3sz03evKpVV_dFWfv_GwU6RFNmUcSiBaDKRupFtSxiGjphDZD3eg1UZSDEhTzr979Elo0Nmr44LDERs2cKjLktyxaWnAoL1QUVudXkNhmvE6MXXYogxAadnO_VILGYYqKoAzzjFh0wATS3cfAtQPgBAOQBgGgBk6AB8O6jj2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE5aCxwvQEwDYEwOIFBvYFAHQFQGAFwE&sigh=-i90vxJgdCI&label=admute&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D14%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D14%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945476%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621244945332&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCnAIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFI2COUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTUibAVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 33ms
30ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bz3WpEDyiYNH8Mtjr3wOkrZgQ4JrH_kUAAAAQASCO6K4hOABY_4SdsoMEYJGEgID8F7IBF3d3dy5nYXpldGFkb3Bvdm8uY29tLmJyugELNDgweDM2MF94bWzIAQXaASBodHRwczovL3d3dy5nYXpldGFkb3Bvdm8uY29tLmJyL5gCoJwBqQIce22HaXSJPsACAuACAOoCKS84ODA0L3BhcmNlaXJvcy9nYXpldGFfZG9fcG92by9pbi1hcnRpY2xl-AKD0h6QA8gGmAOcBKgDAcgDE-AEAdIFBhCS2ryaFZAGAaAGO6gH7NUbqAfz0RuoB5bYG9gHAeAHD_IHAiAB0ggJCIDhgBAQARgd2AgCgAoFmAsB0BUBgBcB&sigh=-pafmzA0jSA&label=admute&acvw=sv%3D895%26cb%3Dj%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D14%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D14%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D14%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1621244945476%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1621244945332&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCnAIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFI2COUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTUibAVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3FAD 23 KB
9 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Fri, 14 May 2021 12:37:09 GMT
expires: Sat, 14 May 2022 12:37:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 249116
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FAD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 23:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 36038
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Mon, 16 May 2022 23:48:27 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0ADE 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpE1mJ2YTK6gRaeshh0VdOu7_2rMYSu3u3C6gX2lfbDxFfeRbJgM6JB2ywm9gSORJ67Pbi-MBhiu2xS_HDAj7V_DemSvJcHUrjWxSKy1bzLR10Ri2ucT_ME0J0Rg&sai=AMfl-YS2abD8Sidr9tCGXkshUDsiAso31yERea3aspd_Ww7CLaBzu9S_fRZf8NNh2RPPtK5bEXm7pzjvVtoApaHrREtfR_0dZjZafYEi1CZM0dKK2FN6MM1y8WRzVKa2Mzo&sig=Cg0ArKJSzFdR6y35MoUxEAE&cid=CAASFeRoRb_7-eEhtHCSlpLjcXcA_uD3Qg&id=lidar2&mcvt=1012&p=311,436,401,1164&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20210514&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1651446792&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621244944404&dlt=17&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame EA24 0
17 B 25ms
25ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~kosfdq2a&c=587360239819&slotId=293680119909.5&ps=0x0&event_name=first_play&asset_bytes=122&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=4&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.37
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EA24 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6b5bb454f212f0feba2155c93490a4e50a786d634849dc081fb0cfee923300

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FAD 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.458.0&bgai=BEDThETyiYOKsD9asbNfCgrAMAAAAADgB4AQC&bg=!WVqlWh7NAAY59bwoOfU7ACkAdvg8WnOSFXh_6M3gL7LVuiO7dbjiWGMls2ZWDcC5ckYNH9LibzhJAAIAAACLUgAAABFoAQcKACvXgNKVXLhRfZXs9RTu9AkRVnS_qhCqN0xtTCgXVyIGtqLoGuQGNfLvCsuAmQKFO1Ku45P0J89KV7EXJYy0kIenUgQ3SEZYHJP_i29Tieholdr6kYKdM7EZGv0eDRP7JoyuHfWVbN_A6zjojR0JL2iqHSayw-nBfUyYHxjnBANQMc9pBEUepsdcmmqi1lPGCe-9XDxIMCUSqm4zRE3fCxbdfbMsqR4KYXqJIKSng3ksszawwV1MCjMspM7j5C6FkW4gLb-o2NFhXZFzNW8VEVYTozEwXbgcQZtt5lm-NYPtZ9RBDwlSeXP5uxaGmYUaWPgpVWEFmmF6xxwMv8PziP_cfSZl6s-F9_S8IKeywZg1ecDfw2CIe6lqC00BQ6Bw25RSaqYzsyxYtQoiu4wPIzF-UgNXoqJ7Tf1sMOTM7hIxlb_6FDQQNgdYot5H6G-UyJ0H6YwNM84G7r15eeUMtFw35jxpqDJNPZRhNaMHp2Znn_NeJjV0ZQ977Q6m-nWSTs3sMcUY0KrAmJ57eB4xIkl93RSetp7Yxh3HmzIbPbmbpTYBL20bK3nW79H7Q14uOt5TaEz3DkjNM6nt5zzdXOxBzav7kRNIM0f6vkyzYhYSvEkh2lP5qjNHO_4grS8Cxy1nnq1T11J81uy231wQ8SRn1z75iKdUarCIEF3GMvIkYvkR2osS_4fhxUAqvc4d4byKiDnXb-P_HyfNRqOxnBbxk1Ai5dEf0d7BFRBFZsdGM3PreH1MnoGOLJx3GjDSp9QJW5CaxeNMCVQmOBlicFV_gK37U3cbReuxpUesUJn8fsp-0PCdKFipV10ET5Gv6wcN7qyJvrbjOYETbvduJpjAhTrQLCl1eyWCwQUMRzESOQT0vTZWKlPWolMTbC6vmR7-iKH2sH-xeXXzj_8Z2pCdBAcN

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 7695 0
17 B 26ms
26ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kosfdpxt&c=587360239819&slotId=293680119909.5&qqid=CNHEn4i40PACFdj1dwodpBYGAg&gqid=EDyiYLihMqiBjuwPndmmiAk&fb=ima-html5&sdkv=h.3.458.0&mrd=4&aab=0&itv=1&gpm_i=18&gpm_c=18&gpm_a=15&smb=1000&br=997&mt=video%2Fmp4&vs=640x360&webm=4&vp9=0&vamt=video%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Capplication%2Fx-mpegurl&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A196 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudGtFlOavLzDPfsMargUJ0kK5lkBvbWiVO8LGf3i_FwVeQei19Kc8Wvnaxe1L8cLcocf2U2V3uXTEI1WfrPBvWCI_NHMFH-oUqHHDEF9k&sig=Cg0ArKJSzAhYDhcrWjlgEAE&id=lidar2&mcvt=1001&p=1100,305,1190,1295&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210514&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2713759382&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621244944991&dlt=0&rpt=43&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2008,0,0,0,0%26mtos%3D2008,200...
ade.googlesyndication.com/ddm/activity/ Frame 7695 42 B
63 B 112ms
69ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2008,0,0,0,0%26mtos%3D2008,2008,2008,2008,2008%26amtos%3D0,0,0,0,0%26mcvt%3D2008%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2231%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D625%26pst%3D424%26dur%3D15018%26vmtime%3D1956%26dtos%3D2008%26dtoss%3D1%26dvs%3D2008%26dfvs%3D2008%26dvpt%3D2217%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1621244947692%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2008;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1621244945332;ecn1=1;etm1=0;eid1=200000;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7695 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4YicIShMbrKpu7EnBs5yHosHPgiU5uf6WAQN_i56FpvQ_PE1mM9Ayi_-o7xCr6xfnpXwxacUHzO8wFTPRHms5JTA3gaj3QxQz9r9gFel_tESJhxdqaC2HJI5VEmkl8W-c87TSgWmWKpyUFgA6eBjdbjf2DrU379u5tLoJE1QEgp8_dgcxH-t48OLKWZAyA3VHFbeASmsYtfYX7D_Ergbf_iQ&sai=AMfl-YSp-EAeUXiLIZnhc-FBP9tQozkfYf9apxzzLyJx7nqM2TMgya0y3fjm6W3nQ2G5cCuW0HYoPCLPEshOsdpvxsazPSt86cRGEzQ&sig=Cg0ArKJSzMEj0tnix_MIEAE&cid=CAASEuRo1sQZwFmNdbgbQ7f2Ngj2Mw&id=lidarv&acvw=sv%3D895%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2008,0,0,0,0%26mtos%3D2008,2008,2008,2008,2008%26amtos%3D0,0,0,0,0%26mcvt%3D2008%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2231%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D625%26pst%3D424%26dur%3D15018%26vmtime%3D1956%26dtos%3D2008%26dtoss%3D1%26dvs%3D2008%26dfvs%3D2008%26dvpt%3D2217%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483645%26psv%3D3%26psfv%3D3%26psa%3D0%26ptlt%3D1621244947692%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2008&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1621244945332

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 f48ea437bebb2d1c8b251a56206866cf.jpg
s0.2mdn.net/9662254/1620226019207/media/ Frame 98B9 217 KB
217 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9662254/1620226019207/media/f48ea437bebb2d1c8b251a56206866cf.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63939bac7b709016c509ca37bb2bec9d8b858d12ae6a1fd9b6acfc09821b0050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
age: 76389
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 221863
x-xss-protection: 0
expires: Mon, 17 May 2021 12:35:59 GMT

GET
H3-29 200 ca9725c0f1d91b0fb9edefe08978263c.png
s0.2mdn.net/9662254/1620226019207/media/ Frame 98B9 403 B
425 B 7ms
6ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9662254/1620226019207/media/ca9725c0f1d91b0fb9edefe08978263c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d2ce07add99cf98c50711c1a7d4deb91aee9a2decda95ed80b6878b06188f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
age: 76390
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
expires: Mon, 17 May 2021 12:35:58 GMT

GET
H3-29 200 15328cdb17801d10dabf7a34bbe76485.png
s0.2mdn.net/9662254/1620226019207/media/ Frame 98B9 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9662254/1620226019207/media/15328cdb17801d10dabf7a34bbe76485.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9662254/1620226019207/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0f66cfe501acfe6fefb31c72de55ec8b3faa1a3f291621cbc786b57453b686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:35:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
age: 76390
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2729
x-xss-protection: 0
expires: Mon, 17 May 2021 12:35:58 GMT

GET
H3-29 200 b5ad3ade1f1d30a1e82fd3bb26a098e7.jpg
s0.2mdn.net/9662254/1620226019207/media/ Frame 98B9 546 KB
546 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9662254/1620226019207/media/b5ad3ade1f1d30a1e82fd3bb26a098e7.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7055ac787d5cc8baf445c0b5a50284b3ddc8ebc0b43b107a17593e02c7d22975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9662254/1620226019207/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 12:36:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 May 2021 14:46:59 GMT
server: sffe
age: 76385
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 559120
x-xss-protection: 0
expires: Mon, 17 May 2021 12:36:03 GMT

GET
H3-29 200 dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D3772,0,0,0,0%26mtos%3D3772,377...
ade.googlesyndication.com/ddm/activity/ Frame 7695 42 B
63 B 70ms
69ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIovm4iLjQ8AIVVhYbCh1XoQDGEAAYACDLh4VIQhMI8uCoiLjQ8AIV2PV3Ch2kFgYC;met=1;acvw=sv%3D895%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D3772,0,0,0,0%26mtos%3D3772,3772,3772,3772,3772%26amtos%3D0,0,0,0,0%26mcvt%3D3772%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3995%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D830%26pst%3D424%26dur%3D15018%26vmtime%3D3956%26dtos%3D1764%26dtoss%3D2%26dvs%3D1764%26dfvs%3D1764%26dvpt%3D1764%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3772,3772,3772,3772,3772%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1621244949457%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3772;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1621244945332;ecn1=1;etm1=0;eid1=960584;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CI0DkEDyiYPKYPNjr3wOkrZgQ6a-m5GK7mKq_7g2c7fOi6yQQASDSoakfYJGEgID8F6ABpcXxwgPIAQWpAhx7bYdpdIk-qAMByAMTmAQAqgTjAU_QFrOzTMdZ7__AexOQPDO2bWkOoRNykwAEsn-Fi5fMcfURTBdLUHHsw0oHSf85NUmAT1_ni738Cpqbq4KsETiyyA4Swj8RJhc96by3V_vrlQs7YshG4xM_tjly-lDKk3MrJUbmfCAwDJ5vFv-GrjAW6GcwwRdFGM0PnnQ3sz03evKpVV_dFWfv_GwU6RFNmUcSiBaDKRupFtSxiGjphDZD3eg1UZSDEhTzr979Elo0Nmr44LDERs2cKjLktyxaWnAoL1QUVudXkNhmvE6MXXYogxAadnO_VILGYYqKoAzzjFh0wATS3cfAtQPgBAOQBgGgBk6AB8O6jj2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE5aCxwvQEwDYEwOIFBvYFAHQFQGAFwE&sigh=-i90vxJgdCI&label=videoplaytime25&ad_mt=3956&acvw=sv%3D895%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D3772,0,0,0,0%26mtos%3D3772,3772,3772,3772,3772%26amtos%3D0,0,0,0,0%26mcvt%3D3772%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3995%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D830%26pst%3D424%26dur%3D15018%26vmtime%3D3956%26dtos%3D1764%26dtoss%3D2%26dvs%3D1764%26dfvs%3D1764%26dvpt%3D1764%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3772,3772,3772,3772,3772%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1621244949457%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3772&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1621244945332&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCnAIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFI2COUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTUibAVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 7695 42 B
64 B 31ms
30ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=Bz3WpEDyiYNH8Mtjr3wOkrZgQ4JrH_kUAAAAQASCO6K4hOABY_4SdsoMEYJGEgID8F7IBF3d3dy5nYXpldGFkb3Bvdm8uY29tLmJyugELNDgweDM2MF94bWzIAQXaASBodHRwczovL3d3dy5nYXpldGFkb3Bvdm8uY29tLmJyL5gCoJwBqQIce22HaXSJPsACAuACAOoCKS84ODA0L3BhcmNlaXJvcy9nYXpldGFfZG9fcG92by9pbi1hcnRpY2xl-AKD0h6QA8gGmAOcBKgDAcgDE-AEAdIFBhCS2ryaFZAGAaAGO6gH7NUbqAfz0RuoB5bYG9gHAeAHD_IHAiAB0ggJCIDhgBAQARgd2AgCgAoFmAsB0BUBgBcB&sigh=-pafmzA0jSA&label=videoplaytime25&acvw=sv%3D895%26cb%3Dj%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D3772,0,0,0,0%26mtos%3D3772,3772,3772,3772,3772%26amtos%3D0,0,0,0,0%26mcvt%3D3772%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3995%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D830%26pst%3D424%26dur%3D15018%26vmtime%3D3956%26dtos%3D1764%26dtoss%3D2%26dvs%3D1764%26dfvs%3D1764%26dvpt%3D1764%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3772,3772,3772,3772,3772%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26femt%3D607%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D20,0,0,0,0%26avms%3Dexc%26qi%3D124318551%26psm%3D-2147483633%26psv%3D15%26psfv%3D15%26psa%3D0%26ptlt%3D1621244949457%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3772&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1621244945332&sdkv=h.3.458.0&vci=CjoIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgo1NjkyNjY1MTA2QPkCCnAIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gBCoJNDk2MzA2ODQxMgkxNTEwNzc4MzVAXFI2COUHEA8lAABwQSgBOgsxNTEwNzc4MzUtMUIER0RDTUibAVAAWhBwY1hsbWNlR1p3SzVmQmRrGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 09:49:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/bruno-covas-gol-de-alisson-poder-futebol.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/bruno-covas-gol-de-alisson-poder-futebol.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/follador-admite-eliminacao-vergonhosa-do-coritiba-aceita-criticas-e-fala-em-corrigir-rota.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/parana-clube/parana-x-athletico-paranaense-2921-onde-assistir-escalacoes-noticias.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/campeonatos/paranaense/tres-jogos-quartas-paranaense-interior.json

Domain: apps.gazetadopovo.com.br
URL: https://apps.gazetadopovo.com.br/cxense/cxense.json

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 22:44:16	Name: NID Value: 215=jh1enmI143_u6uoDWNfqHj9TClcKl_qMR1Su2DzBhU4UWBc0UmiXgH10aJ0F7PvMw0idb0NRlL4zb7BpZGFoQnjaSHsxne3n7dMa-3dHDBRogeHt0nT1xC1oMhrGlg1IdfObZUm9D5pF9Dq1Azutrz43nuSt7_eykEpi_p6mGcU
.gazetadopovo.com.br/	1970-01-20 11:51:56	Name: xbc Value: %7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv
.gazetadopovo.com.br/	1970-01-19 18:22:11	Name: __pvi Value: %7B%22id%22%3A%22v-2021-05-17-11-48-59-265-Ffvk7q8gjfAJnC5O-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621244939811%7D
.gazetadopovo.com.br/	1970-01-19 20:30:20	Name: _fbp Value: fb.2.1621244939675.696742751
www.gazetadopovo.com.br/	1970-01-19 18:22:11	Name: _pc_onp_anticorrupcao Value: true
.gazetadopovo.com.br/	1970-01-19 18:20:46	Name: _hjFirstSeen Value: 1
.gazetadopovo.com.br/	1970-01-20 03:06:20	Name: _hjid Value: 5e64e548-bc10-4439-ac70-c9f5b6deab1f
.gazetadopovo.com.br/	1970-01-19 19:03:56	Name: __pat Value: -10800000
.gazetadopovo.com.br/	1970-01-19 18:20:44	Name: _gat_trackerInfocoder Value: 1
.gazetadopovo.com.br/	1970-01-19 18:20:44	Name: _gat_UA-23088598-1 Value: 1
.gazetadopovo.com.br/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.gazetadopovo.com.br/	1970-01-20 11:51:56	Name: __tbc Value: %7Bjzx%7DmTYUm08lJyHEWAs9ALXKQkkLvhnMdQtXn7_XmyWyW5W41DsEJ18TmX1UEl1RPSm1hpLnfvXNi-ku-m9ANigciO7urb9o0nEjVok2Mzb7iYzif62e0KiTLnFvluQL5Yoc_ClXXX7wZd7xhwozNxHCCQ
.gazetadopovo.com.br/	1970-01-19 18:22:11	Name: _gid Value: GA1.3.1325827540.1621244939
.gazetadopovo.com.br/	1970-01-19 20:30:20	Name: _gcl_au Value: 1.1.20444655.1621244939
.gazetadopovo.com.br/	1970-01-20 03:06:20	Name: cX_P Value: kosfdl6fgof0zet7
.gazetadopovo.com.br/	1970-01-20 11:51:56	Name: _ga Value: GA1.3.747907946.1621244939
.gazetadopovo.com.br/	1969-12-31 23:59:59	Name: cX_S Value: kosfdl6cvvw43usb
.gazetadopovo.com.br/	1970-01-19 18:20:44	Name: _gat Value: 1

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.190.0(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.002197265625 ms
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/settings/initialAudioVolume=50/containerId=_dynad_c_I5550009734_16212449427931094243254/showPubHeader=false
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/load/https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=/8804/parceiros/gazeta_do_povo/in-article&ciu_szs=300x250&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo%2Dauto%2Dplay&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=72898064784568420&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/active_display/true
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 1 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 2 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 3 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 4 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 5 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 6 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 7 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 8 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 9 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 10 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 11 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 12 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 13 out of 14
console-api	log	URL: https://cdn.flashtalking.com/124929/3111634/index.html(Line 116) Message: loaded 14 out of 14
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/resize/533/299
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/play
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/resize/350/196
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/start-counter

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.nl
analytics.twitter.com
api-v3.tinypass.com
apps.gazetadopovo.com.br
assets.gazetadopovo.com.br
b.t.tailtarget.com
bid.g.doubleclick.net
buy.tinypass.com
cdn.flashtalking.com
cdn.onesignal.com
cdn.privacytools.com.br
cdn.tinypass.com
cm.g.doubleclick.net
code.jquery.com
comments.gazetadopovo.com.br
connect.facebook.net
csi.gstatic.com
d335luupugsy2.cloudfront.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eccef3b152d70a4161a425d396a7d7ca.safeframe.googlesyndication.com
events-api.gazetadopovo.com.br
experience.tinypass.com
fm.flashtalking.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gdp-prd-data.s3.us-east-1.amazonaws.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
img.flashtalking.com
infograficos.gazetadopovo.com.br
json.gazetadopovo.com.br
json.gazetadopovo.com.brhttps
mcasproxy.azureedge.net
me.jsuol.com.br
media.gazetadopovo.com.br
multimidia.gazetadopovo.com.br
news.google.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
play.google.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
r1---sn-4g5edns7.c.2mdn.net
s.dynad.net
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
scdn.cxense.com
scomcluster.cxense.com
script.hotjar.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.dynad.net
t.tailtarget.com
tag.navdmp.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
vars.hotjar.com
www.facebook.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.us3.cas.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.semprefamilia.com.br
www.umdoisesportes.com.br
apps.gazetadopovo.com.br
json.gazetadopovo.com.brhttps
104.244.36.20
104.244.42.197
104.244.42.3
108.174.10.14
116.202.80.167
13.224.95.38
13.224.95.43
13.224.95.54
13.225.74.8
13.32.23.227
142.250.181.226
142.250.185.130
142.250.186.130
142.250.74.194
142.251.5.157
172.217.23.102
172.217.23.98
18.229.193.237
185.33.221.11
199.232.136.157
2.18.232.99
2.18.234.21
200.187.199.64
2001:4860:4802:32::3
2001:4de0:ac18::1:a:1b
209.197.3.19
2600:9000:20eb:4000:6:45ad:3580:93a1
2600:9000:20eb:9200:6:5b96:3f00:93a1
2600:9000:20eb:aa00:4:5c96:9080:93a1
2600:9000:20eb:d800:16:bc5f:3e80:93a1
2600:9000:20eb:e600:6:9eb2:5cc0:93a1
2600:9000:20eb:ee00:1b:3b3:e300:93a1
2600:9000:2156:0:1f:3000:7b80:93a1
2600:9000:2156:a00:13:9bf5:7100:93a1
2600:9000:2156:dc00:1d:7626:ce40:93a1
2600:9000:2190:0:8:7f48:3500:93a1
2600:9000:2190:1200:12:af17:6680:93a1
2606:4700:20::ac43:442e
2606:4700::6810:ef3
2606:4700::6811:b7b1
2606:4700::6811:b8b1
2606:4700::6812:e234
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2804:49c:3102:401:ffff:ffff:ffff:50
2804:49c:3104:401:ffff:ffff:ffff:34
2804:49c:3403:2676:ffff:ffff:ffff:6
2a00:1450:4001:68::6
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9b
2a00:1450:400c:c0c::9a
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:6c00:295::25ea
2a02:26f0:6c00:2bf::268b
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
34.102.185.99
34.235.247.123
34.254.6.162
40.81.121.140
52.18.40.16
52.216.90.14
52.217.72.80
65.9.69.82
99.86.2.29
0071c7a900a92904c5b673d2ae6b025d09a732028ebc2929e089628edbd0c64a
018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461
01cc82274c69853679e37d617b41be6787af4182844278fa717746b8d21aef9e
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
036cd4074bc09f061a7d6a56a3437bf4e7ce8d7b8961eb1a171fa0c1c1082d0b
0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05daf5641860d931d49d2ca3a20ed7783556a7ff7e33ea605d06c90629649d3f
06ee812d66d62bea7e9d3010b38328b61b09520d2674e3a933f044f1b24e1f18
09d4547d75b157fb66cfc8beb73037d1ef4a86b7195441e2f05b0a0acbaeef63
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cbfdf3989b65e46ef5d01459ce6c45aa4a139e8cdcbfac2688e46de0a401607
0d9513f328a32e8228fb91dcfd1aba8668faa83864292fee0c9f8cd0dfe736f1
0f2408d274b2e81505cf5c1b84d9f0d583282490834abfe22710e697342c05e4
10b80e7cd4c70895709c9987f8fc05b10a23ea7d1c310c0aa9cf9a8c4ce8b8b6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10deeddb7a473bec304320194ad81de2e681417c29b86825c59c8ab154e623b4
10ebb3e0760ada317a54cba370a08d133552db2caee5b7e6acf4f52a641eecc1
115d13b428cc1032836410b89fd44b1ce71b16d92d5d741e5f23f4db203c63da
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a050e23eedbb800ab452da997d0d05651f4b0b0829e0031d6ae771fe25f059
13bcb9c65187c5a752d9885939ea73db5bebc90bcbe5e26b1cc6e619b34303a6
14a6bc9fca94f536d24da272cf684e3e900adaf170804cceda99f44c97c710c4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b
175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777
1804ab7f6b042a6d9119277c61a7eaf3b9f3bb557e671327e41f91c877403231
181399d222fa424d3fd45bf1de934d1c59a0c11e8495532df714e65fb2cd48a4
187724f70ee4b0489797a1e57b7851448eb8f44705ae4e27f1877aee681b3294
1a4cc0e434a49a85bef77cf1d345a20b952002eb8704dcddd90301e13d4bd67b
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1beb2f5b568f6631e40890de5c170730f4e9fc7d7145d27dc4f05c166e5cb938
1cfa8ee7bbc328e0f87bcb927046f16b786b9aba3c37d8ce90db6a85d53b1499
1d6fe15fe35d33f37ea9711b85b071960d8aff36e275f19b4c2463143a1715cc
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e94c2cf548a037e03ab1abcba630c88913ea3f30405220d9775f141258da930
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2101046cf9bf0cf72b6b8aca4af7935b48b909d6625f6a9ab10bffed7b5b7a67
2380ab708a75fc7442adfbb8fb830748d0214fd48d127a2802c50275b9885169
24e0a3d76270ee38b9647cf43a51d05a09ac5591d729dee9882bbeae0e7b5b41
259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39
25f39ad5b197e5490c5201a3fb0b32a2b1eae179c44f6b97053745ebcd9fa669
260f5169d3ec2afa29bc51f1347e56b0346aff042efba4ef58f919d1d5010e58
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a
2800e16d65493613d8ace6e0b8ed53877c7ac7d038fd1a78117f3778cdc27d86
29971b6efe59e27dc467ed3da8fb17b1cbd70f7796baf85059ba3bfb9d275cc7
29e8996ff46f852556196235f26661697666d38fc3fc18677c247bb50551e8c5
2a736ce3b9db1f9bc1b320bb5926e7d37cc3bc111d86a9b57f5c4be52d7e1dca
2c4672b907a112004a72d3ba69274c6310e8eaa2e80519c51e16a78635f53913
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cdcc98e07292bea075f6eed777449b97efbd3186d9f87379382f573fdf6536f
2cff5767ddc28b62cdfd27605665e1ccd4c3131507bbeb517c6bb5440e52093e
2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d
2d6d9e3df6c71fd8345ccebc3788e00c56c5c4ef59b4e02f9627f91ba4c487e3
2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de
344b4551d6749a5ff0e884aad752d3284bea21766b258dbebcee9ad62c04f386
347c5341604c5c2b96e3c6b91d76757287437db91bc851f04595f2ef2dd3a9ca
3489882e6e7a900144ea97cc1120e37cfa60af5393fce479d73dfca45409026a
35dcfaf3dd7c34640d28bd57038a4acf771e8e11a3d52a758a126d5e875c3e74
363e6b20c5322db772b08ca4f778297b1a859b43087aab2e735a29a3cf66b3e6
36d0b988fad57022324f75a6441b77cbf9f687684931fb7282314095d4128cb7
372694fc771ab17fa97cee300de1f8a0f6daf776a801c4f06ae247b4a029fa55
37d25577e88f765d4381881685f8439ff40b2dc900012402af750d4c44d1d2d2
37ef970abec9e060cd27738ebb3195713fb367ebcf37702e825c93d990b4c493
389033bda6df04020f9010686fdac3a0232caddadddf2ea2367954c0aeb5be35
3b86b8259535f5ca14aab040c07ec4ad81f71c22b0c75689c53606bd6fafcd77
3c6c115c8cb89663ef2f715c1d5112030c1abe8edc74e379e14b5d10d25da762
3d4022b167d58e09cbaab2c9d307c5d7fb6de024a4e80fb727690ba24f9a518e
3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8
3f2c2bf5043a805ae350621d2ea268629101a40284bfa8da5b85409c9f556124
3fd9fa38f29bbfba03b702b380979d2debbfeddc10943a46e8c10d60f0f00494
40e914138be0a6674e2d011d7afc3446161062269e0887aa12b3f365215a74d9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454d9a238471322bc380398bd2c0f1ee52bcb0846671eb87669db893aa6dccb9
463a5a6c0bc6a400662d90ec684678c4de16cae3936dfd6c9a3f280f72363df8
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47bb2760890a290ad550e791686a1d9648d2e398eb8342869819bbf68c3ae458
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4a3a2e63a4ea476dd546a2a0181ab72826f8706dc39649e7488c8e1bc3cba302
4ae377b8bdf7546bbb874c993d05a03a50732b1bf536977d3e2a4e8ce6ca107e
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbbbb39cbb414d18f93cd2676b61afa7ae2830355de347bcf00e01f0a0eeaf4
4c177e4e7d46fc0cd191cfd21e1d4fb24229e5c03e491cec02b6a4cd1c459ded
4c5523295cd638922f03b71df799e2a5b1989d8ac1c418967557b157436d9694
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f715d42b1bcc1bd6262504abc0c0e808023e0cb929cb2fab2b560b89240d2ab
501e6cb1c4d25a55e36b72d0a7a889e6a382eba2f451ed4cebf763176fd851cc
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5083f67c67f2aa335f8082f499c67fbf573328d328be985ae01decc85a0bb9da
508e115cb5a30e270d26384e41abc243f9295cd13389adc42ddbf99d42c5f39b
5195b5533eaad9e23ee9c1ad9dd017b4f0fca8d54921a3f045858eaf4145689d
51ebbcc0d1032e80874c0b1445b0a5e091e4706b7d2637e0ebbd315e7d90c718
526af9a6706a02a28c7ca8251a09f89c490bae93be46ee7209c2abdca8ca9d1d
5411989b1746e8c4b81729c53524d51809e45aed3582994ffc12a32ade34dab4
54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7
55c20d89f544ecba9fea9b9dda341190f8a9206d80ea17713e0ad0ec30242a81
5996062961b290de6f5e449fbcfdc3df354b36605692d9be7e571b91f978e21b
5a5e3e9baab3ea602b9382fa4aab3b061d77b2604006c72813282b281ae99d2e
5bb5ff84e63393bb298a05213f488e34cfb5ac638a8b381a7a9e45c39e4100b0
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
5d2c2790b50659c620892b87ef24b31d182ca68f466698b3ec703feb7695bd97
5ed736d8aba55248a40a9c801b58dbb586b5083d4be20f53269e8b61d677108f
5f31df2d0e41a6af9881486ffb91a5e68db3b4f45b425e9244193ef9b2203d59
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fe89f2808067c83efad60379d2073b419ebcfdcffe5a87b7738a4530a11694f
6132aae7adcfa32081f9e337d92f92c0b08b6ca7039a344f80d7c921cc872dee
629b25a22e97c61a6a4175da64513feb40f6fc1a8d23e0c1692e0045e96682ca
63939bac7b709016c509ca37bb2bec9d8b858d12ae6a1fd9b6acfc09821b0050
63cdee112c3109a37403c00a61befefcf8bef6da5f1501b34f3e0ea32b0d9b16
6437fefcd5a8ed1fc150bcb0cb5beeea3dc6346a68b2bcb773a6efe0ca95265a
644470874c77fcd30909ba97ae3341d3f3de1ac030cdff5535a75f47a1ac1b80
65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be
67df774b6ae31d9c582628156346f56e7ec884fabe050c748d1ebf9d7426df0f
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6978037564805e46e09300245b5744f44665b03c760731659c4c2941075a37fa
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4dc3ebff73ec456fba2022af98851c463a45f1eb090dd9b02ec234bae39408
6d1d182067308e6c8092d4b4997fca95404ed15ae0a67fe50a779d511649e029
6d30e1f33652b01033d3af46e70f09d77f4fda2cfc400d4cb2f7f3f86fa2413a
6dd0a7080133912381e6d4b76232a90cbd75a694af58fc9c8651d8d948bdf81f
6e3b76bf5d88736c9b9656cf2810230a811e0e3b7a1e0de037f4345a3e971529
6e6d4ec5c164084dadc25d0d1a463d51dac702c7b56dc1fb0c309c8c4bb2336a
6e6ea38b72668f7977a64ff403eb7d185f51228d15749b397ef3ddce7b3b81da
6fa5d27ff3927dafe72c819b5f15d21bbf901671d26c07ac9d32da23e31f83e4
7055ac787d5cc8baf445c0b5a50284b3ddc8ebc0b43b107a17593e02c7d22975
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
717ca5e682d73263363a4cc585bc9fe4766c7c79ed6957bdc78c4e7392c60b4c
7284266f99cabe69bf8a8e32902a89855d67accb833ed6eecbc619eb88a59830
72f7fa735adb621da15971f352ba8705481069dfd2452605e05f4069092b877b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96
75357fd177a0be860b0bae619682348a1b9bde0f8e2ed53fb68f44fdd3a33438
796b7c426168c17fd0cda987277798ded81c6503a920f1fa4a90b946356ccb6b
7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754
7c45936acb85087e8a5ae92fc4ebc184e7d08ed6227541427a3bb62caa9b2922
7d7bc926d5569df29d71239568cca1be8e851e5168220c3a2a69095c2a0fb04a
7f2bb80ae4f890fca4ba3f095baec50fddf02246b0de2829761b5c914757d64c
8081c769c2d9191a1ae2bea8b1409784c0a13d70b83bb2f41d41cc22ef2164e7
80b7bc9ad3b815d7e0ec6011a41bf3c1219fbdb9b59141a5ae03aaf4e8f09b1a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874455da63734b1c14b9573f328c4fd9721727e1e9894e7a6c93a7a0a8bcf3d8
88f16975a74c0610e76af7cbaf98a7361408e1d9f43e8152353ce4996015456d
898e426c0d1434a9d1fb208183fb15a3de3901e461ad8c5703d244882534c7e3
8a4200c823e4f8842f29786426544546e6b40bd7063d3a928c3f34f571b6e565
8cc3fded2bb37d4d0c8bab12ee58438b1535a440240b9a0b174fa7367aafa21a
8df80529839a80a2bc7ddeddcb0e9f8dbba03cf986c00f07c7e06b4b3fd69cca
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
8ed47760d70876001cbfa06fc278db790b9aaca51d41c0ee9082ff7c15952aef
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
92d2253f569e3b7df2978166af2c3da2fd967691a70ce66d52f9cb770782f239
93be8eb291a17f9a1c4b91f57a68c4767f00f37bf9ad75e3c01551cc6d1d4141
93c29356b85925ff806adbda076c942a77335fecee4715df51b86f50ba64082d
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
99193dc864a0fceb3c30d4109e2631b1f7ed836a579c71da956fec107a384b53
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
9a6a43a9769d42ee5aba0c7584e5d5b7e143fa2ccafd4518f64a047e98f3e91a
9b0f66cfe501acfe6fefb31c72de55ec8b3faa1a3f291621cbc786b57453b686
9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2
9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a
9c1ec937fcb9f4980eb54bfe0632d70f469715aa6624914c08b981fdc1e874fd
9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e
9dfcfe62e4dbcae51f08c864bc3f128f1a91b2c1e852b91784f79cc366714cca
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1aa06ae23b06fce6970d6c8806b11dbeaabe036ea40a0df4e285747137be114
a1ec86e80800e0f07b3fab9e773187c49e3f84ddebd25d18f7f815681777b789
a21525f3b01371cf5cd313f733dee7148a4c0d9fe7126384aed6fa3aeb9b0c29
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2fc4ccb49d836c5fc553e1cd0c8ab322763403a621cc41d62c8c49e0629d7aa
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9987dfa1701bd64d5f011b22ea64934c360dd34b93d99dc9ff9a04267e7e45c
ab1a6917c9b92b3a86875a682195a0280e1189878d5515cf89a17fb32931f993
ab4fb83927d5aa2dc72bfa6db518ba125182da8b672dce3468330132389dcdbb
ab94e646b27bb07d81c13336cac2a07f186949a2b85538d32c0acd56090bccb6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd98206b576b8f71d5f658eba383fe662814156290ab60c56f9e63935df618f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed0e3ba07b92f2d5536357cc30382ffcfd2bf3e1dbdb4a8e6b6a98c9008d81f
afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6
afddb6162cf876aa5b7f7824c3815df516b449fe43599a38284a13205b9e9945
afecdc3ffb8aa079db07b521931706c38f9b7cc6847f264d4d839df886f8dc24
b0749e4706a4ed8d4ce6e310fe140f2922370a706119598869e99a89a75364a7
b0d2ce07add99cf98c50711c1a7d4deb91aee9a2decda95ed80b6878b06188f1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19865c2e8366fc6cef8f869b9447b23243e4917d73591e554f1b697a1f8da9a
b29a8f5cd6937592b2aad723385204b0633d519300ef632cf8361d1b47e72553
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b402ea09c47684e968844d25765e75122ceb28a148a918ad8173a4386e457b45
b4217cd168f164b006c464f9f563d9f24c18a700e67b24616aad1d714c0187e7
b44615c2824104d4b0d7ee790e7885b01f358ca4dde5f9cc08368e7ec44dbd8b
b46989efe6f677f60e6910de647de787ea36f57517abf351de67f89f9dc9ba84
b48cd5eb38e1f0cdb006c24936622127a941296716987a568c2c400b7c4305fe
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5f899be7fac4078a0488684439d1224652ca9123fc8adae8d7718933e5dd873
b8e0a46f1a28e4a7adc668158241a0748b4664b5e2fdf5d2e325936a5f09df36
b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
babf9b4d3f19a5f57d8a37149b7367c713f3104c19fa4ed9efb7622652ecd67c
bae9ccc711a13248df1c2c3cd0d748b60b92b9b9eeca51b954b3fcd5c29b9601
bdc090c06f409343babe638f27863b76176043d71e5b3a9075ac19de6e2d58f8
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bee94f92f87881238a9d783523e1d3c6eae7d4f808e261eea83c5c5b585e6a60
bf2624819daa0439f51ad05ba96a11ec909002f283772794f39b003abd2284d6
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
bffa09e2bf4bb3983a321d60fd1b49f787f7957d15d602a4f896ff321d08970f
c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c
c192ba214e94169e6f33b5979f9c04473f6098f9dacdf40b7965a1d2fd685127
c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c
c5313f575dec9396740fb2f38cf2fad8bb8efa4fac5cced906915d541fd2d16f
c616bb9626ceeb878247763ff72103e1ffe8d7c43cf7dc7e7442d3b0d4d0cec4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7369f38f3a5143dd868120b027496802bb4de6fe53e1b5dbff0ab05085c0e71
c7cfa8c6a568aa81068d777cffed520737aaf10a8769a9fa27411675854d22ab
c7eb98f2451da8a6f5f6d31e590dd6c56ea58011363dcc614ada8b49597c227f
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c8ded2cca7625c43f363717d453d9b3e03107134dab8f3aa67744279a8476bb7
c8fdca058abe2b2e3651587a53e0d2e13fe97c47cc99bfefa86f729b985937a9
c901a58d7481ff5e987c9252916274ccd279f180bc157154b6852d63d45cf5b3
ca6b5bb454f212f0feba2155c93490a4e50a786d634849dc081fb0cfee923300
cbb7819eb1a1340b98e4ae2a29524afc8ee1aabb87791f985655298971e0b21b
cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace
cd8c8c0ff19c7335a9b34a9fab5afcbcd2cdbb6d877af2c45f143ae077d33df4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01387522bd0b23d643467eea489a8dca59fca8aa859bef983055d40d2120112
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d312ff5fe45dca44f6c89d2bded8ae952ba441564b31a58d5282ca75cd1cea8b
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d6d5c75ef2890b569b6f795bead913ea2b87ee173cfb7547af76d543b1d46757
d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1
d9c07d356d45c00a73d034be2e878d0ba6bef2074b81497af9b50c61aec138e8
daab4d839ebb17136ea284ef731da4edc5d43196a2426ce0b54993a571829dce
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de42571149eaab9f73801a5fb0df9602885385e4a3e366d9304dbccbb6562cd9
deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d
dee2ffb2b8d6e90bdec1a9f7bafee820de5c930fd8cb508e9e4693b8b4d15a96
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0750c4816a8230fac694d697f8dc196f18cf78cbff36305e79ac26f128589be
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e1c03b86dac8a986d0191cafd690b06986578246e015375d2301261b449611a4
e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4083aa0dd380a5939e813fea913a50fb1d5402cfc89fbd3316799bae34cc5e6
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f
e7f3f11c7dc946d768710ef63ab41344d69f8112d19123c346d3f56fcc95e1b5
e8ce4a0a32c830a6051b2907482e3122be8ad51d495ed58b238c68502b5eb8cf
e9d40cc506dab9881a28af0070109f7b36ddfbb1c3ae81c0d4be51292d68160b
ea5ad9fd3e79d3e5ac60ec7309f35652896c6899197aefc073c5b853fe33730a
ea77d52b0d6e488af5d7465a30408547f6a480668c295e4c9778234fd8534c61
eacb9f14d3c5e2f2ab578097f285eead47da66ff15836beef4d348b127961e8b
eaf473fd0258fa10aaebe997c35f15f9989a4b8ad42acf6ede1731ba26529553
ee32e0d94b88ad325fad827eeeab5da184668ef58a131df17f0edfa8fd146525
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15c359d8e7e5831725c38fd397e6e065fccd867dc06dab8d92ea86ebc145880
f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a
f363bb1263ff140c7a599ac408717e56d801c29238b25bb8506a7a09527408c3
f3bca498f4fa68a5d099135c6b44322e22aa62e509f59fc294d9e53d38475374
f3e6e25d787a95a0d90f41dc93958920a16c6498130914ee14e3bf72b09d34ec
f3f662e23645b1b81aaf6eb5901cc9162dc0316b2b48a735c2761493e8ecf1f3
f4837693f826dc0eced3c87d9684a12ccfb7a3ca55e7d3fa19be0ac1aa7d5cd8
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f4ec649d2dcca2127705338bf4025717185003216687b7d5a9cd6db9024d919b
f59078f7c727d97970da4b14b4afae140bf681b253721299c6240f41c3a96d5e
f711cbed3ae7bcca9b2c00cb5dfb1d53ac4e752166ea6b3aaa00b676935685dd
f73e82a575bf0e93e9ef528b82d917249d479ccf8bc959c4a06490fcd1d8dd56
f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8
f8108128bdee3905d17f3a0530131258b40ff53cf07e80b39a1ca671efe19f9f
f882d78fcd4abed9f2242703a5c35226e6b247fbf30dc4d0d6827e036ac4e11d
fa6deeba5307cb3bd27c29fc2df252922249d38a9239cf74b0118c0add19faf3
fa7c60fca96e114cf9162a26c0eef728783f2dbff06d2b86773535af90de3f8b
fb415a1f2a937acd71359821df2bfc6f9a8fa94b8c6424aba62fc2a5cf5e60fb
fba63ae813d3cba6ec0d3e1c54cccab7c1b3c6e0f227f8d8ed432e852aa0e272
fbb6b936b2c85c019776a06b312e96cb5b11ac07d89250eb1300ad2235564126
fd6d343c560c20611901e4c09e6f4da827fdb5957d2e4e2d3047c2e5804d4e6b
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd
ff9f9aa967fd77537c4a1443d69ea739b66743714b14aceec918d0bd91f35cb2

www.gazetadopovo.com.br Open in urlscan Pro 2600:9000:20eb:4000:6:45ad:3580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

504 Requests

99 %HTTPS

62 %IPv6

43 Domains

89 Subdomains

84 IPs

8 Countries

10103 kBTransfer

19319 kBSize

18 Cookies

79 Outgoing links

Page URL History

Redirected requests

504 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:20eb:4000:6:45ad:3580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

504
Requests

99 %
HTTPS

62 %
IPv6

43
Domains

89
Subdomains

84
IPs

8
Countries

10103 kB
Transfer

19319 kB
Size

18
Cookies

504 HTTP transactions
7 data transactions