www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:20eb:2c00:6:45ad:3580:93a1  Public Scan

Submitted URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Effective URL: https://www.gazetadopovo.com.br/login.php/
Submission Tags: krdprod
Submission: On August 04 via api from JP

Summary

This website contacted 42 IPs in 6 countries across 32 domains to perform 136 HTTP transactions. The main IP is 2600:9000:20eb:2c00:6:45ad:3580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.
This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.105.164.234 8075 (MICROSOFT...)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 20 2600:9000:20e... 16509 (AMAZON-02)
3 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 6 13.224.96.92 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 13.224.89.226 16509 (AMAZON-02)
1 151.101.12.157 54113 (FASTLY)
1 178.63.13.144 24940 (HETZNER-AS)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f10... 32934 (FACEBOOK)
1 104.244.42.133 13414 (TWITTER)
7 2a00:1450:400... 15169 (GOOGLE)
2 13.224.193.86 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 13.225.87.39 16509 (AMAZON-02)
1 104.244.42.195 13414 (TWITTER)
9 2600:9000:20e... 16509 (AMAZON-02)
4 2600:9000:20e... 16509 (AMAZON-02)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2804:49c:3101... 15201 (Universo ...)
1 2804:49c:3104... 15201 (Universo ...)
6 34.102.185.99 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
2 52.5.138.229 14618 (AMAZON-AES)
136 42
Apex Domain
Subdomains
Transfer
24 gazetadopovo.com.br
www.gazetadopovo.com.br
events-api.gazetadopovo.com.br
294 KB
19 google.com
www.google.com
news.google.com
play.google.com
67 KB
10 jsuol.com.br
tm.jsuol.com.br
me.jsuol.com.br
98 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
227 KB
8 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
140 KB
6 tailtarget.com
tt-10162-1.seg.t.tailtarget.com
b.t.tailtarget.com
t.tailtarget.com
2 KB
6 scorecardresearch.com
sb.scorecardresearch.com
7 KB
6 tinypass.com
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
api-v3.tinypass.com
143 KB
6 google-analytics.com
www.google-analytics.com
40 KB
5 google.de
www.google.de
317 B
4 uol.com.br
tm.uol.com.br
tracker.bt.uol.com.br
3 KB
4 semprefamilia.com.br
www.semprefamilia.com.br
2 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
3 facebook.com
www.facebook.com
191 B
3 azureedge.net
mcasproxy.azureedge.net
42 KB
2 igodigital.com
100026685.collect.igodigital.com
nova.collect.igodigital.com
3 KB
2 umdoisesportes.com.br
www.umdoisesportes.com.br
1 KB
2 amazonaws.com
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
879 B
2 facebook.net
connect.facebook.net
97 KB
2 cxense.com
scdn.cxense.com
comcluster.cxense.com
28 KB
1 twitter.com
analytics.twitter.com
658 B
1 t.co
t.co
455 B
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 cloudfront.net
d335luupugsy2.cloudfront.net
404 B
1 licdn.com
snap.licdn.com
2 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 googletagmanager.com
www.googletagmanager.com
66 KB
1 npttech.com
www.npttech.com
3 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 privacytools.com.br
cdn.privacytools.com.br
3 KB
1 googleapis.com
fonts.googleapis.com
959 B
1 admin-mcas.ms
www.gazetadopovo.com.br.admin-mcas.ms
847 B
136 32
Domain Requested by
20 www.gazetadopovo.com.br 1 redirects www.gazetadopovo.com.br
9 tm.jsuol.com.br www.gazetadopovo.com.br
tm.jsuol.com.br
tm.uol.com.br
www.gazetadopovo.com.br.admin-mcas.ms
7 play.google.com www.gstatic.com
7 news.google.com www.gazetadopovo.com.br
news.google.com
www.gstatic.com
6 sb.scorecardresearch.com 2 redirects www.gazetadopovo.com.br.admin-mcas.ms
www.gazetadopovo.com.br
6 fonts.gstatic.com fonts.googleapis.com
news.google.com
6 www.google-analytics.com www.gazetadopovo.com.br
www.google-analytics.com
me.jsuol.com.br
5 www.google.de www.gazetadopovo.com.br
5 www.google.com www.gazetadopovo.com.br
4 www.semprefamilia.com.br www.gazetadopovo.com.br
4 events-api.gazetadopovo.com.br www.gazetadopovo.com.br
4 www.gstatic.com news.google.com
www.gstatic.com
3 tt-10162-1.seg.t.tailtarget.com tm.jsuol.com.br
3 tm.uol.com.br tm.jsuol.com.br
www.gazetadopovo.com.br.admin-mcas.ms
3 www.facebook.com www.gazetadopovo.com.br
connect.facebook.net
3 stats.g.doubleclick.net www.google-analytics.com
3 experience.tinypass.com www.gazetadopovo.com.br
cdn.tinypass.com
3 securepubads.g.doubleclick.net www.gazetadopovo.com.br
securepubads.g.doubleclick.net
3 mcasproxy.azureedge.net www.gazetadopovo.com.br.admin-mcas.ms
mcasproxy.azureedge.net
2 www.umdoisesportes.com.br www.gazetadopovo.com.br
2 b.t.tailtarget.com tm.jsuol.com.br
2 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com www.gazetadopovo.com.br
2 googleads.g.doubleclick.net www.googleadservices.com
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net www.gazetadopovo.com.br.admin-mcas.ms
connect.facebook.net
1 nova.collect.igodigital.com
1 t.tailtarget.com
1 100026685.collect.igodigital.com www.gazetadopovo.com.br
1 tracker.bt.uol.com.br www.gazetadopovo.com.br.admin-mcas.ms
1 me.jsuol.com.br tm.jsuol.com.br
1 analytics.twitter.com static.ads-twitter.com
1 api-v3.tinypass.com cdn.tinypass.com
1 t.co www.gazetadopovo.com.br
1 buy.tinypass.com cdn.tinypass.com
1 px4.ads.linkedin.com www.gazetadopovo.com.br
1 www.linkedin.com 1 redirects
1 cdn.tinypass.com experience.tinypass.com
1 comcluster.cxense.com www.gazetadopovo.com.br
1 static.ads-twitter.com www.gazetadopovo.com.br.admin-mcas.ms
1 d335luupugsy2.cloudfront.net www.gazetadopovo.com.br.admin-mcas.ms
1 snap.licdn.com www.gazetadopovo.com.br.admin-mcas.ms
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.gazetadopovo.com.br
1 scdn.cxense.com www.gazetadopovo.com.br
1 www.npttech.com www.gazetadopovo.com.br
1 cdn.onesignal.com www.gazetadopovo.com.br
1 cdn.privacytools.com.br www.gazetadopovo.com.br
1 fonts.googleapis.com www.gazetadopovo.com.br
1 www.gazetadopovo.com.br.admin-mcas.ms
136 49
Subject Issuer Validity Valid
*.mcas.ms
Microsoft Azure TLS Issuing CA 06
2021-08-04 -
2022-07-30
a year crt.sh
*.azureedge.net
DigiCert SHA2 Secure Server CA
2020-11-21 -
2021-11-30
a year crt.sh
*.gazetadopovo.com.br
Amazon
2020-12-23 -
2022-01-21
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA
2021-05-21 -
2022-05-26
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA
2020-09-17 -
2021-09-17
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-04-30 -
2022-05-11
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
*.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.google.de
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-04-15 -
2021-10-15
6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.news.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon
2021-04-09 -
2022-05-08
a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.jsuol.com.br
Amazon
2020-10-31 -
2021-11-30
a year crt.sh
semprefamilia.com.br
Amazon
2020-11-13 -
2021-12-12
a year crt.sh
*.uol.com.br
Amazon
2020-10-01 -
2021-11-02
a year crt.sh
uol.com
GeoTrust RSA CA 2018
2020-07-30 -
2022-09-28
2 years crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-26 -
2022-06-25
a year crt.sh
*.umdoisesportes.com.br
Amazon
2020-10-19 -
2021-11-17
a year crt.sh
*.collect.igodigital.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-25 -
2022-02-25
a year crt.sh

This page contains 6 frames:

Primary Page: https://www.gazetadopovo.com.br/login.php/
Frame ID: 21F9B2A0C01CA221BF607ECC8A8411DE
Requests: 106 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.2.23/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Frame ID: 6FC694DE0ADB8109AEB8616A5F48BED4
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250
Frame ID: 9025C4A636175AE039375E7C28548723
Requests: 12 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 5040C001B10E4C37BDB4E51AF1F1E2FA
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 85286B8D7F52AEF44C6725A23E45560F
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: ACB64EBE1D19E88249EFDC2EF08A8F25
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.gazetadopovo.com.br.admin-mcas.ms/login.php Page URL
  2. https://www.gazetadopovo.com.br/login.php HTTP 301
    https://www.gazetadopovo.com.br/login.php/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

136
Requests

99 %
HTTPS

67 %
IPv6

32
Domains

49
Subdomains

42
IPs

6
Countries

1293 kB
Transfer

3963 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.gazetadopovo.com.br.admin-mcas.ms/login.php Page URL
  2. https://www.gazetadopovo.com.br/login.php HTTP 301
    https://www.gazetadopovo.com.br/login.php/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100069343&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1628100069343%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br%252Flogin.php%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100069343&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100069343&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true&e_ipv6=AQLFkhL9Uwkx3AAAAXsSU4n1OJDg0AphIKsgHOgbgszkGe14Ku1fZvPAXmmrBgdeU4fRTfZO
Request Chain 54
  • https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100069571&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100069571&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F
Request Chain 119
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js

136 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
login.php
www.gazetadopovo.com.br.admin-mcas.ms/
1 KB
847 B
Document
General
Full URL
https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.164.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
cadc02d747f502c27492970fcaafd9d404fa55442d67442d4ed878ffa700a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.gazetadopovo.com.br.admin-mcas.ms
:scheme
https
:path
/login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
server
openresty
date
Wed, 04 Aug 2021 18:01:08 GMT
x-mcas-request-id
adbf21f1c14129d38b7d38bd759933ba
expires
Mon, 01-Jan-1990 00:00:00 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-mcas-upstream-time
n/a
x-mcas-processing-time
2
content-encoding
gzip
x-mcas-cache-status
MISS
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.2.23/js/
5 KB
5 KB
Script
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.2.23/js/session-context-store-helper.min.js
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Referer
https://www.gazetadopovo.com.br.admin-mcas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Aug 2021 18:01:08 GMT
last-modified
Wed, 14 Jul 2021 06:00:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
PLOXavfa2pddds7xHBr81w==
etag
0x8D9468CB1C8B49D
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
40467a2f-601e-0123-7fe7-7b7d4a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30056956
x-ms-version
2009-09-19
content-length
5084
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.2.23/html/ Frame 6FC6
281 B
730 B
Document
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.2.23/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.2.23/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

:method
GET
:authority
mcasproxy.azureedge.net
:scheme
https
:path
/proxyweb/1.2.23/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gazetadopovo.com.br.admin-mcas.ms/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gazetadopovo.com.br.admin-mcas.ms/

Response headers

content-length
281
content-type
text/html
content-md5
vDuuGHIdcY/gQtnraxH9qw==
last-modified
Wed, 14 Jul 2021 06:01:15 GMT
etag
0x8D9468CCA3F85E9
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
0c5e2138-d01e-00db-4fe7-7bf002000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cache-control
public, max-age=30057004
date
Wed, 04 Aug 2021 18:01:08 GMT
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.2.23/js/ Frame 6FC6
36 KB
36 KB
Script
General
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.2.23/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.2.23/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://mcasproxy.azureedge.net/proxyweb/1.2.23/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 04 Aug 2021 18:01:08 GMT
last-modified
Wed, 14 Jul 2021 06:00:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
d0ja3c44qO7D3vm2nqObfQ==
etag
0x8D9468CB1E605ED
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e2dd4923-501e-0120-30e7-7b7e4d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30057012
x-ms-version
2009-09-19
content-length
36521
Primary Request /
www.gazetadopovo.com.br/login.php/
Redirect Chain
  • https://www.gazetadopovo.com.br/login.php?
  • https://www.gazetadopovo.com.br/login.php/
188 KB
33 KB
Document
General
Full URL
https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
9c57b4195a9511416da7d06f703db7696145bfb9acb4904383f3725dd6208457

Request headers

:method
GET
:authority
www.gazetadopovo.com.br
:scheme
https
:path
/login.php/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.gazetadopovo.com.br.admin-mcas.ms/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gazetadopovo.com.br.admin-mcas.ms/

Response headers

content-type
text/html;charset=UTF-8
date
Wed, 04 Aug 2021 18:01:04 GMT
x-amzn-requestid
e7d3688b-3147-4ad9-8aa2-7d7c4cbb6625
x-amzn-remapped-connection
close
x-amz-apigw-id
DjZbIFZ8IAMFZyw=
cache-control
max-age=600
x-powered-by
Express
x-amzn-trace-id
Root=1-610ad5e0-33bf58c10a75f74338dc3589;Sampled=1
x-amzn-remapped-date
Wed, 04 Aug 2021 18:01:04 GMT
via
1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront), 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1 FRA2-C1
content-encoding
gzip
vary
Accept-Encoding
x-cache
Error from cloudfront
x-amz-cf-id
aev9EZ2kYYOFHbx90FkugEPJeKWh4lfvT2luS9dLHQgbmzMaApd57A==
age
4

Redirect headers

content-length
0
server
CloudFront
date
Wed, 04 Aug 2021 18:01:04 GMT
location
/login.php/
x-cache
Hit from cloudfront
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
yJLg0Mg0aBINSNl6rigVI8M1rjd5GXhnc7meMndwd3GoiDgtYLNRAA==
age
4
gpt.js
securepubads.g.doubleclick.net/tag/js/
70 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
1218fea9cbb0de1cf0da72808fb659cf98de4e16b79a25dde782cb525993fc0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"949 / 789 of 1000 / last-modified: 1628076948"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24818
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:01:08 GMT
css2
fonts.googleapis.com/
10 KB
959 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 18:01:08 GMT
server
ESF
date
Wed, 04 Aug 2021 18:01:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Aug 2021 18:01:08 GMT
e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/
8 KB
3 KB
Stylesheet
General
Full URL
https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1044893
cf-polished
status=cannot_optimize
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FC9ssXuJYSJiqeUXCwRISLmOIwmvzPgO3i0of2DK5GRz9TqXCsnDjahZozelg99lhxooWAmDrOQ8Dx8OUBX%2Bdm0eUddGB7klwe3Hi37MP7%2FLSw%2Fl3ngp2rJ2qThwNf333bUobr9A%2B4%2Fid48zDMKJFJABgy7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2678400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6799b07649e75373-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
www.gazetadopovo.com.br/assets2/
145 KB
19 KB
Stylesheet
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7749a7cd38d6c818181e5ec08c8d90b099454ff1cf8a43e056eff4f343c8a348

Request headers

:path
/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:54:13 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:35 GMT
server
AmazonS3
age
83216
etag
W/"639e72473d2d53390e1ef688247c4daf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
text/css
x-amz-cf-id
Lw1TT8OFKL2n8txZ9QrOWWyvs7VAnyKe1Mld1NnZIe-ASfsMdoDRgA==
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:08 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1987
etag
W/"96fc99e13be87550fcfc4474d30d43d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6799b0765d783260-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Sat, 07 Aug 2021 18:01:08 GMT
gazeta-fallback.svg
www.gazetadopovo.com.br/assets2/images/svg/
167 B
530 B
Image
General
Full URL
https://www.gazetadopovo.com.br/assets2/images/svg/gazeta-fallback.svg
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e275872784212de73a7a1b0385a96c63311aa5f67cbad7b654b813fa18f5408

Request headers

:path
/assets2/images/svg/gazeta-fallback.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 19:31:53 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jul 2021 13:33:22 GMT
server
AmazonS3
age
2413756
etag
"4d2a859dcd5d33e2c902077c53a4d468"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/svg+xml
content-length
167
x-amz-cf-id
nBOT2VhcDvKlLhNss_SN0wnTwdLxcU5jdshJd0Nehdyi_e8kJGGvZw==
google-3.2.2.js
www.gazetadopovo.com.br/assets/legacy/swg/
114 KB
38 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

:path
/assets/legacy/swg/google-3.2.2.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 01:00:07 GMT
content-encoding
gzip
last-modified
Mon, 13 Apr 2020 20:50:04 GMT
server
AmazonS3
age
6973262
etag
W/"9c302f91fb353b7f558cbda7922e6da1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
text/javascript; charset=UTF-8
x-amz-cf-id
NeY-jv1Ea-t6cjJLkbXZngwubXib5-usMRPe9wBS8ACrSFulBHB6gg==
initial-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
279 KB
92 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/initial-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84c30a59a914fdcdbbe927861e998a8015ac565e2df0cbff708bccea1ac80347

Request headers

:path
/assets2/initial-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:08 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:59 GMT
server
AmazonS3
age
83401
etag
W/"df4171c9f678d83648a280efa8651c9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
hGxxivuu8VN0kj0kkDV_B7B9cZ1l6g2mQ5UQideOylqgZBK7aZz7zQ==
gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
4 KB
2 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
740fbabd0511aa9be95dea5dccbc3bb04325f5cf98b849a3586038a3a654c9be

Request headers

:path
/assets2/gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:08 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:30 GMT
server
AmazonS3
age
83400
etag
W/"aea3e719028a48e482baa2d5d32f1f2f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
wLD2g9TsVmBK5Cj5jCAyQgq9gtuh3DHLZxMdvZRpnOTDOdCEFpUlKg==
gazetadopovo-statistics-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
15 KB
5 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-statistics-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f3f434e7a8458ef0f1e9ebbb6d18c6c42a36c86073ea1fc3ec7347b663dcd95

Request headers

:path
/assets2/gazetadopovo-statistics-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:08 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:37 GMT
server
AmazonS3
age
83400
etag
W/"4310df519d15a036960760b05e068922"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
HZcJhE5wb-Hxi3KIDfxlWZQjNXsCznEYmQOT99dadBXJo9Ul3ZJVqw==
advertising.js
www.npttech.com/
7 KB
3 KB
Script
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c0b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5485
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
MY9S0PJDNWKA0N4N
x-amz-id-2
u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YF%2B%2BL5wXLhyaRQ5%2B4R%2B2wV4mHUQs7LJqxH6DNp6z7QJoRn6CHyJCUx%2BJf%2BX8LEYxhvKxMJgCggTvrUgQP3CYPgVsJzOouy8o2CYb7dWCMX1nRyU4qOt%2BfRVceTU0xHJDHlQZgyqqaFgemJgEnkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6799b0768a8e4414-FRA
cx.js
scdn.cxense.com/
115 KB
27 KB
Script
General
Full URL
https://scdn.cxense.com/cx.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
489031b4b49cd663c247a5f37663db2cf4e30eb88d605c03d18a022cf9c06f8c

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 18:01:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 08:31:30 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27719
Expires
Wed, 04 Aug 2021 19:01:08 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2847
date
Wed, 04 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 04 Aug 2021 19:13:41 GMT
gtm.js
www.googletagmanager.com/
213 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2589a61487c9b0a58090f2dd5705126dc2158a7d9ab2e183bd1d484560f1b957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67902
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:01:08 GMT
bg-ads.png
www.gazetadopovo.com.br/assets2/images/
89 B
447 B
Image
General
Full URL
https://www.gazetadopovo.com.br/assets2/images/bg-ads.png
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

:path
/assets2/images/bg-ads.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/assets2/gazetadopovo-notfound-fbb8faf49a90cf57193d97978a255a4d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 22:42:33 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Wed, 26 May 2021 17:36:20 GMT
server
AmazonS3
age
5685516
etag
"53f9ae1eb3e782752565fa2c5d00ea37"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/png
content-length
89
x-amz-cf-id
L-OkSm9a-73PXcazelUjW7zyhnQvl9A9hu7jrrkglEaf-pFPRllCdQ==
qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gazetadopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 23:51:51 GMT
x-content-type-options
nosniff
age
151757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20196
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:08:51 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 23:51:51 GMT
qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gazetadopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 12:23:25 GMT
x-content-type-options
nosniff
age
106663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20252
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:09:41 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 12:23:25 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gazetadopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 08:34:22 GMT
x-content-type-options
nosniff
age
120406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19300
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:09:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 08:34:22 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gazetadopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 20:01:36 GMT
x-content-type-options
nosniff
age
165572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18924
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:08:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Aug 2022 20:01:36 GMT
qFdB35WCmI96Ajtm81GgY9nqxw.woff2
fonts.gstatic.com/s/overpass/v5/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/overpass/v5/qFdB35WCmI96Ajtm81GgY9nqxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,400;0,700;1,400;1,700&family=Overpass:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19e011d9a556628501b1557416b8af87442f7baf56cd957a1561d3075c6404c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gazetadopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 03:14:00 GMT
x-content-type-options
nosniff
age
139629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21248
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 03:14:00 GMT
load
experience.tinypass.com/xbuilder/experience/
4 KB
2 KB
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
711
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id
C6itbxq7F5I
wn
prod-exp-10-0-89-244
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
6799b077efb84e0e-FRA
expires
Wed, 04 Aug 2021 18:31:09 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1012146468&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2003367374&gjid=1930960751&cid=40474134.1628100069&tid=UA-23088598-1&_gid=742759855.1628100069&_r=1&_slc=1&z=1044635965
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gazetadopovo-abstracts-core-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
5 KB
2 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-core-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53443a132e6c72c07912a625b851218496e1d9ba9a4d410863e56fa3d53d6c65

Request headers

:path
/assets2/gazetadopovo-abstracts-core-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:09 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:30 GMT
server
AmazonS3
age
83401
etag
W/"5f2db9ccbcb95f7e09d56f4ce05de9b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
sE_BGFm_VSC0a4nWTMRlgDx9tjsnLLDDf0yS8x2Uqo1lavNsYlGi8A==
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-23088598-1&cid=40474134.1628100069&jid=2003367374&gjid=1930960751&_gid=742759855.1628100069&_u=IEBAAEAAAAAAAC~&z=1461703846
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 04 Aug 2021 18:01:09 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
243
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:57:06 GMT
conversion_async.js
www.googleadservices.com/pagead/
36 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13910
x-xss-protection
0
server
cafe
etag
8154934153164151798
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 04 Aug 2021 18:01:09 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25944
x-xss-protection
0
pragma
public
x-fb-debug
0aEtzP2Rk2S0wg7cq6R4udh8Q8mqKEkn5adrXuWTpzbQ2N/l0p6fwjCRFihoM82W/z/KjkMCOFk4VHicCo1FEw==
x-frame-options
DENY
date
Wed, 04 Aug 2021 18:01:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:53:48 GMT
via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
441
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
W-QlQCEg0SWSAh3OgBECNkmOiNly8HmlKW1S22CMMGKJNcAPo93KxA==
insight.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 18:01:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Jun 2021 01:25:13 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=44617
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2079
c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/
13 B
404 B
Script
General
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.89.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-89-226.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 00:14:18 GMT
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
last-modified
Thu, 05 Sep 2019 14:23:06 GMT
server
AmazonS3
age
668812
etag
"8e742d11d6b24c401e35f3b516726584"
x-cache
Hit from cloudfront
x-amz-version-id
HcQ7eDLpUO0rOnZ5z49wWPmZsoIBXyGt
cache-control
max-age=2592000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
13
x-amz-cf-id
FWf_SUovQqJNYYgv0GcfA_nJbYBJaafp5vZrp3JvhUdux6WxzZWLIQ==
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
via
1.1 varnish
last-modified
Mon, 12 Jul 2021 21:25:31 GMT
age
64437
etag
"65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1958
x-timer
S1628100069.389904,VS0,VE0
x-served-by
cache-fra19146-FRA
rep.gif
comcluster.cxense.com/Repo/
43 B
468 B
Image
General
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=krxsqtd17spxq8il&sid=1138596144857280556&loc=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&new=1&arf=0&ltm=1628100069157&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=krxsqtgx9gqhr0ac&ckp=krxsqth0f3s2752m&glb=&wsz=1600x1200
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.13.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
de717.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 18:01:09 GMT
Server
Jetty(9.4.28.v20200408)
P3P
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23088598-1&cid=40474134.1628100069&jid=2003367374&_u=IEBAAEAAAAAAAC~&z=188555614
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23088598-1&cid=40474134.1628100069&jid=2003367374&_u=IEBAAEAAAAAAAC~&z=188555614
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tinypass.min.js
cdn.tinypass.com/api/
411 KB
136 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0eea4b0b726448ca0ddb42aa528b40d85174cdc9ac8ea3343dfb6d49ecc64f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
34
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn
prod-dash-10-200-67-209
last-modified
Tue, 03 Aug 2021 13:22:06 GMT
server
cloudflare
etag
W/"420676-1627996926000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.001
cache-control
public, max-age=300
cf-ray
6799b0795b5c4e0e-FRA
expires
Wed, 04 Aug 2021 18:06:09 GMT
gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
32 KB
8 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-core-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e1e24adeade69ad4a3db19f2e628bfd9d6f7e865fc849bfad4e51e4366c0f8b

Request headers

:path
/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:09 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:30 GMT
server
AmazonS3
age
83401
etag
W/"2269c81d791a2aacba33f22ffbec5c13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
vtPWyldJf4wURemkU90pe5mU_RPc8H_OppYVFjwHKfHcZ_k1gtsx9g==
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1012146468&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&_u=aGDAAEALAAAAAC~&jid=90522334&gjid=819190177&cid=40474134.1628100069&uid=&tid=UA-23088598-1&_gid=742759855.1628100069&_r=1&gtm=2wg820WSPVJF&cd1=n%C3%A3o%20logado&cd2=&z=930834660
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100069343&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1628100069343%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100069343&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100069343&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true&e_ipv6=AQLFkhL9Uwkx3AAAAXsSU4n1OJDg0AphIKsgHOgbgsz...
0
156 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100069343&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true&e_ipv6=AQLFkhL9Uwkx3AAAAXsSU4n1OJDg0AphIKsgHOgbgszkGe14Ku1fZvPAXmmrBgdeU4fRTfZO
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
X7R0TWMsmBZAjCqHSisAAA==

Redirect headers

date
Wed, 04 Aug 2021 18:01:09 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1628100069343&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&liSync=true&e_ipv6=AQLFkhL9Uwkx3AAAAXsSU4n1OJDg0AphIKsgHOgbgszkGe14Ku1fZvPAXmmrBgdeU4fRTfZO
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
zZytMmMsmBawgCGAdisAAA==
343122172743779
connect.facebook.net/signals/config/
253 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/343122172743779?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e832a4ca2c09796fe68c689b22da0ce79be7aeb29f64d4a7494a5c13b3027e58
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
73554
x-xss-protection
0
pragma
public
x-fb-debug
4BxrxTQqn3S5BbJLQyb3Jihm89SDgh3lCcHup1yLfXFUsEIYdesydDQgS0YxD4qZ9L4zNJpVNikEOVOTQkonXw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 04 Aug 2021 18:01:09 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-23088598-1&cid=40474134.1628100069&jid=90522334&gjid=819190177&_gid=742759855.1628100069&_u=aGDAAEALAAAAAC~&z=1040518679
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 04 Aug 2021 18:01:09 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23088598-1&cid=40474134.1628100069&jid=90522334&_u=aGDAAEALAAAAAC~&z=1427446967
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-23088598-1&cid=40474134.1628100069&jid=90522334&_u=aGDAAEALAAAAAC~&z=1427446967
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
113 KB
38 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6afb18adf5ce274139b890ad6a6dd0534af062e38e830f77e1d8d6ad553d58b9

Request headers

:path
/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:10 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:49:11 GMT
server
AmazonS3
age
83400
etag
W/"0a4283fd5572f813b29f8ee433d096a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
0sFPxT1kffDosVWVkV7pv236UyMuhtYt42B-nlZV_iOO3bcZCokh2w==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/?random=1628100069419&cv=9&fst=1628100069419&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e0d406146e37613057f819e1cf25b1ee22a743732398e053b6fe5c9de9ac277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1031
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/?random=1628100069423&cv=9&fst=1628100069423&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
508613ddd8b10a0c45d7172abcb8ad1b72e4514a7abed6a8e06826dad6b2ed16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1032
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=343122172743779&ev=PageView&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&if=false&ts=1628100069474&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.2.1628100069469.1561521051&it=1628100069352&coo=false&rqm=GET
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 04 Aug 2021 18:01:09 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=343122172743779&ev=ViewContent&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&if=false&ts=1628100069477&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.2.1628100069469.1561521051&it=1628100069352&coo=false&rqm=GET
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 04 Aug 2021 18:01:09 GMT
execute
experience.tinypass.com/xbuilder/experience/
3 KB
2 KB
XHR
General
Full URL
https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def57da143d991e7582ff0ca95445268578466cf655e94971219f0da37bd5734
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id
Cx1ubxqOicE
pragma
no-cache
wn
prod-exp-10-0-90-138
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6799b07aea3cc286-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
get.js
buy.tinypass.com/api/v3/anon/captcha/
153 B
275 B
Script
General
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=izBe3CQ7pu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84a73b8ec48a895519c31a1ad6767190283e0a238e58aa1be81a8a0dd70467c5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
291
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id
CuttbxqAbUD
pragma
wn
prod-dash-10-200-143-145
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.001
cache-control
public, max-age=1200
cf-ray
6799b07abee94e0e-FRA
expires
Wed, 04 Aug 2021 18:21:09 GMT
adsct
t.co/i/
43 B
455 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 04 Aug 2021 18:01:09 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c9b38d09795173532425e6812ff79921bd4bd21695aa918d8f692593161b2862
x-transaction
00fb7bde1f76dd14
expires
Tue, 31 Mar 1981 05:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100069571&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100069571&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c...
64 B
329 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100069571&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-92.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
gKwkQiDwIyBgRreNQ01nAmmzs5kuCFk0xx0Lto-IkKigQ2_j9diphg==

Redirect headers

date
Wed, 04 Aug 2021 18:01:09 GMT
via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1628100069571&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F
content-length
275
x-amz-cf-id
D2EiY85HOA7V7X-5FC2Ry4sAmKHfGdx6in9kE5hGuzPP_cuvIK10bg==
/
www.google.com/pagead/1p-user-list/854244571/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/854244571/?random=1628100069419&cv=9&fst=1628100000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&async=1&fmt=3&is_vtc=1&random=1670465998&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/854244571/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/854244571/?random=1628100069419&cv=9&fst=1628100000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&async=1&fmt=3&is_vtc=1&random=1670465998&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/961891575/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/961891575/?random=1628100069423&cv=9&fst=1628100000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&async=1&fmt=3&is_vtc=1&random=670452933&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/961891575/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/961891575/?random=1628100069423&cv=9&fst=1628100000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg820&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&tiba=P%C3%A1gina%20n%C3%A3o%20encontrada&async=1&fmt=3&is_vtc=1&random=670452933&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/login.php/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gazetadopovo-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
8 KB
2 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e4a1bd31cc8508c37950ec2e3589143f0aa57f0910f7631920da3436f7899a5

Request headers

:path
/assets2/gazetadopovo-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1; _fbp=fb.2.1628100069469.1561521051; __adblocker=false; __pnahc=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:11 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:30 GMT
server
AmazonS3
age
83399
etag
W/"fef951f38e050457ed2af1cee9aa278b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
3FDefMcocp4pKgolkCWP2Q4dvJ7qaOOlvjz71LCQI7UicCwBEBNpPw==
gazetadopovo-abstracts-ui-tools-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
9 KB
3 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-ui-tools-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a4cc6b7b190718c96fb85d84e2dffb840959d15c1d208cb50f2926441c4ec44

Request headers

:path
/assets2/gazetadopovo-abstracts-ui-tools-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1; _fbp=fb.2.1628100069469.1561521051; __adblocker=false; __pnahc=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:11 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:30 GMT
server
AmazonS3
age
83399
etag
W/"b8af44dcbddc7b7a755028ce75d3b27b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
R2M1y2tJNCAyIQuGbo_e3vAnK1FXoembktAn3LUoRqR0q89Mai1sHQ==
gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
80 KB
17 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f334464f79e9cc43c4033c5db75613289e84f8d63bc4b67ea0e4a94edd2c3e3b

Request headers

:path
/assets2/gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1; _fbp=fb.2.1628100069469.1561521051; __adblocker=false; __pnahc=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:11 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:30 GMT
server
AmazonS3
age
83399
etag
W/"334b8f7b148d8fc88422393269986c27"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
LSR32p8KrFsmbwY3sc8XFSTK25x7JrTDOSHgLNlUTP-Cuuma09b98Q==
swg.js
news.google.com/swg/js/v1/
150 KB
45 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f4727f91ecc6b3c13c28d39675aaf9b82d846c20d72b8c35209b975d037d52f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45575
x-xss-protection
0
last-modified
Wed, 28 Jul 2021 20:26:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Aug 2021 18:05:42 GMT
flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame
0
0
Preflight
General
Full URL
https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol
H2
Server
13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-86.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetadopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 04 Aug 2021 18:01:09 GMT
x-amzn-requestid
3c800ba1-85a9-40d6-81cd-ad034eeec458
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id
DjZb8G2goAMFunA=
access-control-allow-methods
OPTIONS,POST
x-cache
Miss from cloudfront
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
CTJeoviwbM2rqJ4s-1U2bcT0eyeWpaFViEuNQSAdJw1c8YZenMhIYg==
flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/
513 B
879 B
XHR
General
Full URL
https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-86.fra2.r.cloudfront.net
Software
/
Resource Hash
add8052b0424bb3b4c5fae0502733d9a9f4ee6d11258e68aaca91357415692dd

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
6bd17f45-5741-4435-99ec-eb7f993d426e
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-610ad5e6-15430db933f22fed3bcdf429;Sampled=1
x-amz-apigw-id
DjZcAHVjIAMFsew=
content-length
513
x-amz-cf-id
fkiYThKnAdXo59YW3DTusW31re1_vGBlE94vkpQyteicf4W3cxA5Sw==
swg-button.css
news.google.com/swg/js/v1/
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:42:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6428
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 18:22:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Aug 2021 18:32:44 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame 9025
23 KB
7 KB
Document
General
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31f25864f6f5a98e9c546484b6dab9288a6f5eeb136c193fc670cd90904f06e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IHczzn/+TJROtt8lLm9Ghg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-IHczzn/+TJROtt8lLm9Ghg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
news.google.com
:scheme
https
:path
/swg/_/ui/v1/serviceiframe?_=452250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gazetadopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gazetadopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 04 Aug 2021 18:01:09 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-IHczzn/+TJROtt8lLm9Ghg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-IHczzn/+TJROtt8lLm9Ghg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
set-cookie
NID=220=g9lqnKa1XExWcwDtG__eeAuDcP1_gTx6PiKuhNOv5QBAjOvkVnAwWwIh4u2rbgkjCJnb_oVOtBtsX6jUz_ccrZKz8OiR9eojF202jw2X3Z6WoNmQNje1aDqXTiOqmLOsx8_5QIkUwFT7BiCQwlZDVaxJRzUDGm492Nmiy6BxdcI; expires=Thu, 03-Feb-2022 18:01:09 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
loader.svg
news.google.com/swg/js/v1/
0
1 KB
Other
General
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:29:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Aug 2021 18:19:41 GMT
entitlements
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/
2 B
58 B
Fetch
General
Full URL
https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 9025
21 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:42:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6428
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 18:22:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Aug 2021 18:32:44 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5m... Frame 9025
155 KB
54 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3199ef85204442ae5b8e3c54d29219fbb17ccd70d3e7d94f62a2750c587ab8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55752
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 01:54:19 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Jul 2022 22:13:53 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 9025
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452250
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://news.google.com
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 04:42:04 GMT
x-content-type-options
nosniff
age
134345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21464
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:42:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 04:42:04 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame 9025
36 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L.B1.O/am=BQII/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5xfgG6OneDf3VOLIqC5dYMosE7Vw/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5611e6db97c3e4e3652ec5ca7e4e4bad163d8956ccff61353fd884ee8256935d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13311
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 05:51:15 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Jul 2022 22:13:53 GMT
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame 9025
99 KB
34 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L.B1.O/am=BQII/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5xfgG6OneDf3VOLIqC5dYMosE7Vw/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c06e14fbbce575d2ff577427ee9cfc81e3f3facd531ab0cd51a0c89d0e6eb5b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34391
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 05:51:15 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Jul 2022 22:13:53 GMT
batchexecute
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 9025
285 B
233 B
XHR
General
Full URL
https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=7308887032932347121&bl=boq_subscribewithgoogleclientserver_20210729.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=72070&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5914b59f5d3f2a930b318550fe4135b897296b7cb3b35e6cdd4768c7d5492f3a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,_latency,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame 9025
17 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L.B1.O/am=BQII/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5xfgG6OneDf3VOLIqC5dYMosE7Vw/m=Wt6vjf,_latency,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d72714ff5d9fd247eb1d6ae5aa6bb5d0fdd931225f31b43a7bd0fe08f22ae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Jul 2021 22:13:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7298
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 05:51:15 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Jul 2022 22:13:53 GMT
log
play.google.com/ Frame 9025
131 B
313 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:09 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:01:09 GMT
/
www.facebook.com/tr/
0
15 B
Ping
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarytulC7W95BNMGvXvg

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 04 Aug 2021 18:01:09 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
log
play.google.com/ Frame 9025
131 B
154 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:01:10 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 04 Aug 2021 18:01:10 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 04 Aug 2021 18:01:10 GMT
cache-control
private
log
play.google.com/ Frame 9025
131 B
154 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:01:10 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 04 Aug 2021 18:01:10 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 04 Aug 2021 18:01:10 GMT
cache-control
private
log
play.google.com/ Frame 9025
131 B
154 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:01:10 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://news.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://news.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 04 Aug 2021 18:01:10 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 04 Aug 2021 18:01:10 GMT
cache-control
private
/
events-api.gazetadopovo.com.br/register/
1 KB
2 KB
XHR
General
Full URL
https://events-api.gazetadopovo.com.br/register/
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-39.fra2.r.cloudfront.net
Software
/ Express
Resource Hash
5b0befca6b1f09321d1f662516c6e01c65c1aa3b97bfde29493f8a5a52137d9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
etag
W/"4ba-zitQX9yfBvXMcAhXPNrPGKNVj1k"
x-amzn-remapped-content-length
1210
x-amzn-remapped-date
Wed, 04 Aug 2021 18:01:11 GMT
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
DjZcJGj7oAMFfRw=
content-length
1210
x-amzn-requestid
5be00aae-e1e8-495c-a990-56a7c792c9ac
x-amzn-trace-id
Root=1-610ad5e7-5875ba80180e5bf237121b45;Sampled=0
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
GfX6hI4A5_yxkfb4Cjwz8VdttLpydARlZlHPjdu6wompzToisoXCEQ==
x-amzn-remapped-connection
close
/
events-api.gazetadopovo.com.br/register/ Frame
0
0
Preflight
General
Full URL
https://events-api.gazetadopovo.com.br/register/
Protocol
H2
Server
13.225.87.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-39.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetadopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 04 Aug 2021 18:01:10 GMT
x-amzn-requestid
a68ace69-34ff-431a-b52a-1e7670aa7552
access-control-allow-origin
*
access-control-allow-headers
Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id
DjZcFFw4IAMFXBA=
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Lgkl1v5x2W1AW7A6KlDwTNSdHLHyAkUhiobU_01Maur4qVgPc9X_IQ==
44-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
9 KB
3 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/44-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd3784364ad5522e5e796e06bb7fbae3812e49246bab7d41873a85e4e41c5494

Request headers

:path
/assets2/44-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1; _fbp=fb.2.1628100069469.1561521051; __adblocker=false; __pnahc=0; GPSDK_SESID=; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQgzZ3Tv5vBEP6j0Ap7SNe9Y0lXEs4-9WOf1GmQF2ITJ61WoXDpdjmmK5wcp9MkMPocO273SMINZ_bMC_W5xVaiG23FgrpGCQKHSt7RQz5kN-_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; __pvi=%7B%22id%22%3A%22v-2021-08-04-20-01-09-537-9xU4FILrkdGUqSmx-330ea30e72119ebbd43761c5de6ac6b9%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1628100069731%7D; xbc=%7Bjzx%7Dp11O0pbV_k9ixtS1kGyLH8nXoNs7Mkxo9wTf1JnEb6C_au5WJJDev6uG7PypaNAoKOGev8J1a4aGn3ZgXXqz9cRdDbyzoOenA2XwjQ-GBrJ76HiEn0V2cXIOfONCncvRx3eue7xf5sx2mU3ab07ZcR_5omp888PT09Ce1NkNy3x_T446lHZGyL3zeJ0EQlzYnQoZiKzxOhyXjzSY6qjlI7fCzb_DPbs_KAXnLi8knmpCBfHUsij7Jn_abfnIYnmfEBUN0yhjQsICwkmLn21yICSMtzY52ukcPv9FeA7BjxteomoJ3b7k8wzQejHdkrtRgYeEnEso_OW3vor7h1OSjA; GPSDK_TKTID=us-east-1_21b8d282-e952-401f-9c18-5b935252978f
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:54 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:25 GMT
server
AmazonS3
age
83357
etag
W/"454dd586dbf20623f05394ac4a101394"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
chWmj4vU2Xsi8lDO2Ypm2ouzaANuHpBDHKuaT5Jz1ajDvthGM_LGzw==
unload
api-v3.tinypass.com/api/v3/page/
0
0
Ping
General
Full URL
https://api-v3.tinypass.com/api/v3/page/unload?aid=izBe3CQ7pu&tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQgzZ3Tv5vBEP6j0Ap7SNe9Y0lXEs4-9WOf1GmQF2ITJ61WoXDpdjmmK5wcp9MkMPocO273SMINZ_bMC_W5xVaiG23FgrpGCQKHSt7RQz5kN-_ClXXX7wZd7xhwozNxHCCQ&time_spent=%7B%22active%22%3A0%2C%22total%22%3A0%7D&scroll=%7B%22max_page_height%22%3A1584%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&pageview_id=2021-08-04-20-01-09-535-Ae7zKeSRzoXtTHjZ-330ea30e72119ebbd43761c5de6ac6b9&visit_id=v-2021-08-04-20-01-09-537-9xU4FILrkdGUqSmx-330ea30e72119ebbd43761c5de6ac6b9
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gazetadopovo.com.br
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
execute
experience.tinypass.com/xbuilder/experience/
6 KB
3 KB
XHR
General
Full URL
https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9441dc156cf1f79d8c0b6fe0a055646ca9bb8e0a4f9ba670e52453627f0ceb6d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id
Cy1ubxqop3w
pragma
no-cache
wn
prod-exp-10-0-121-29
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6799b07fdad0c286-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsct
analytics.twitter.com/i/
31 B
658 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 04 Aug 2021 18:01:10 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b98c401c19124eb510059c7774b5640c607a6cb362a1f0ccdaba1dcdfbb3dc2d
x-transaction
eab9fdb0216df67c
expires
Tue, 31 Mar 1981 05:00:00 GMT
gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
92 KB
17 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab5d63b413f24a29f71f927e08dc2fe273d8c030f950fc86d688ea6581c40ea5

Request headers

:path
/assets2/gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1; _fbp=fb.2.1628100069469.1561521051; __adblocker=false; __pnahc=0; GPSDK_SESID=; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQgzZ3Tv5vBEP6j0Ap7SNe9Y0lXEs4-9WOf1GmQF2ITJ61WoXDpdjmmK5wcp9MkMPocO273SMINZ_bMC_W5xVaiG23FgrpGCQKHSt7RQz5kN-_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; xbc=%7Bjzx%7Dp11O0pbV_k9ixtS1kGyLH8nXoNs7Mkxo9wTf1JnEb6C_au5WJJDev6uG7PypaNAoKOGev8J1a4aGn3ZgXXqz9cRdDbyzoOenA2XwjQ-GBrJ76HiEn0V2cXIOfONCncvRx3eue7xf5sx2mU3ab07ZcR_5omp888PT09Ce1NkNy3x_T446lHZGyL3zeJ0EQlzYnQoZiKzxOhyXjzSY6qjlI7fCzb_DPbs_KAXnLi8knmpCBfHUsij7Jn_abfnIYnmfEBUN0yhjQsICwkmLn21yICSMtzY52ukcPv9FeA7BjxteomoJ3b7k8wzQejHdkrtRgYeEnEso_OW3vor7h1OSjA; GPSDK_TKTID=us-east-1_21b8d282-e952-401f-9c18-5b935252978f; __pvi=%7B%22id%22%3A%22v-2021-08-04-20-01-09-537-9xU4FILrkdGUqSmx-330ea30e72119ebbd43761c5de6ac6b9%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1628100070379%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:54:14 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:30 GMT
server
AmazonS3
age
83217
etag
W/"86c3788a7d1cbdff7e7449f4b7ef7c25"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
K2HdVsDSclXHBDWWCUz8JJRFTzEXJK1eH0Bc3GOH_p_iWrcfBr2Fnw==
48-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
6 KB
3 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/48-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72d63bb117f888da85cb08b700f022e15fe6b95939fd004206d22fcafcf86d53

Request headers

:path
/assets2/48-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1; _fbp=fb.2.1628100069469.1561521051; __adblocker=false; __pnahc=0; GPSDK_SESID=; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQgzZ3Tv5vBEP6j0Ap7SNe9Y0lXEs4-9WOf1GmQF2ITJ61WoXDpdjmmK5wcp9MkMPocO273SMINZ_bMC_W5xVaiG23FgrpGCQKHSt7RQz5kN-_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; xbc=%7Bjzx%7Dp11O0pbV_k9ixtS1kGyLH8nXoNs7Mkxo9wTf1JnEb6C_au5WJJDev6uG7PypaNAoKOGev8J1a4aGn3ZgXXqz9cRdDbyzoOenA2XwjQ-GBrJ76HiEn0V2cXIOfONCncvRx3eue7xf5sx2mU3ab07ZcR_5omp888PT09Ce1NkNy3x_T446lHZGyL3zeJ0EQlzYnQoZiKzxOhyXjzSY6qjlI7fCzb_DPbs_KAXnLi8knmpCBfHUsij7Jn_abfnIYnmfEBUN0yhjQsICwkmLn21yICSMtzY52ukcPv9FeA7BjxteomoJ3b7k8wzQejHdkrtRgYeEnEso_OW3vor7h1OSjA; GPSDK_TKTID=us-east-1_21b8d282-e952-401f-9c18-5b935252978f; __pvi=%7B%22id%22%3A%22v-2021-08-04-20-01-09-537-9xU4FILrkdGUqSmx-330ea30e72119ebbd43761c5de6ac6b9%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1628100070379%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:12 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:26 GMT
server
AmazonS3
age
83399
etag
W/"680ab336258d81906e426f0d57629032"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
5vVctODLhzccpt1bkKoAoL2z7tczeN3sHTTOpm8aEr1Lqr43ke67Bg==
/
events-api.gazetadopovo.com.br/register/ Frame
0
0
Preflight
General
Full URL
https://events-api.gazetadopovo.com.br/register/
Protocol
H2
Server
13.225.87.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-39.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetadopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 04 Aug 2021 18:01:10 GMT
x-amzn-requestid
c0372246-f715-4cd0-bb77-21800be5a238
access-control-allow-origin
*
access-control-allow-headers
Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id
DjZcFFlxoAMF7Ow=
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
mk-n8BtrH_YpJCizHASX7BBJG76xDsQHQlUdIQ7KUxrGfTy5nVqBQA==
/
events-api.gazetadopovo.com.br/register/
1 KB
2 KB
XHR
General
Full URL
https://events-api.gazetadopovo.com.br/register/
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-39.fra2.r.cloudfront.net
Software
/ Express
Resource Hash
9af4571612dfaffb9f440e11be06fadc849c92b580b913f28ff2b5d1eda71c33

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
etag
W/"5b8-19kICDT7DJU0fDiOqVMCojiK7iM"
x-amzn-remapped-content-length
1464
x-amzn-remapped-date
Wed, 04 Aug 2021 18:01:11 GMT
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
DjZcJHpmoAMFgXQ=
content-length
1464
x-amzn-requestid
55275cd4-41be-46fc-bf89-c739f95b1ed5
x-amzn-trace-id
Root=1-610ad5e7-19b8c7b036096b61598dbebe;Sampled=0
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
OMayj2xUM-mW0o7avTDIIcmx0YmRqfNgV4aMtxyDx8uLW55hi_5GTg==
x-amzn-remapped-connection
close
45-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
24 KB
5 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/45-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-app-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3262a5735cbb61a4137ddb4781a55189be1f1bad2f091411986f426f508453b3

Request headers

:path
/assets2/45-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1; _fbp=fb.2.1628100069469.1561521051; __adblocker=false; __pnahc=0; GPSDK_SESID=; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQgzZ3Tv5vBEP6j0Ap7SNe9Y0lXEs4-9WOf1GmQF2ITJ61WoXDpdjmmK5wcp9MkMPocO273SMINZ_bMC_W5xVaiG23FgrpGCQKHSt7RQz5kN-_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; GPSDK_TKTID=us-east-1_21b8d282-e952-401f-9c18-5b935252978f; __pvi=%7B%22id%22%3A%22v-2021-08-04-20-01-09-537-9xU4FILrkdGUqSmx-330ea30e72119ebbd43761c5de6ac6b9%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1628100070379%7D; xbc=%7Bjzx%7Dp11O0pbV_k9ixtS1kGyLH0PnnaLbSQQSPgQbYOJ4qke_au5WJJDev6uG7PypaNAoIEkiB-5g61RxSW0PjDGWT8RdDbyzoOenA2XwjQ-GBrKakHT00O-Se02047Fp81ZPgoOgutWczPmtGTx0Z4zlmzc9OWz-XjbrS69_tPRxneCklUdM0P8bYI1A3zvr7KDtK5dYSwBW2L9AIzRdLLOmI3MnP39UxJ0vkXpkUCGYs_XMUa7MavQhoOZfUwkuPnrT-4K-Jbaq7Rz0BpbTjPye44h5nBAyqUj9D3cbIW9yaK7Hwnz-EKi8WwP4Z1A2IQzNB7wUrbeXSLJHR7_39BR08A
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:54 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:26 GMT
server
AmazonS3
age
83357
etag
W/"867649086964d639f8e0654c61d422c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
UafeFJECpa_lSJ1eg6A9bykyrQC3Gl4YqBVl5kq59BI273zlQZMmtA==
uoltm.js
tm.jsuol.com.br/
164 KB
30 KB
Script
General
Full URL
https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
3d7e425a0f28d5e070d757bb01547a42ca1217a7f0ccd84fdecd852c189bb028

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:57:22 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 19:44:11 GMT
server
marrakesh 1.16.6
age
228
etag
7d7a54f8c4b8e909e88af7bea859b0d1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA2-C1
content-length
30271
x-amz-cf-id
tTPMslW_SXZdyro5dgm6CaS5Evef3kp5Ym89xI2YlnugGIZnk337Kg==
expires
Wed, 04 Aug 2021 18:57:22 GMT
3-gaz-fbb8faf49a90cf57193d97978a255a4d.js
www.gazetadopovo.com.br/assets2/
3 KB
2 KB
Script
General
Full URL
https://www.gazetadopovo.com.br/assets2/3-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-_back-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2c00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36ce2f56a0234145bce79d270a65b4727b7552d35fa55b368396a67a446d3544

Request headers

:path
/assets2/3-gaz-fbb8faf49a90cf57193d97978a255a4d.js
pragma
no-cache
cookie
_ga=GA1.3.40474134.1628100069; _gid=GA1.3.742759855.1628100069; _gat=1; _gcl_au=1.1.32042663.1628100069; cX_S=krxsqtgx9gqhr0ac; cX_P=krxsqth0f3s2752m; _gat_UA-23088598-1=1; _fbp=fb.2.1628100069469.1561521051; __adblocker=false; __pnahc=0; GPSDK_SESID=; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQgzZ3Tv5vBEP6j0Ap7SNe9Y0lXEs4-9WOf1GmQF2ITJ61WoXDpdjmmK5wcp9MkMPocO273SMINZ_bMC_W5xVaiG23FgrpGCQKHSt7RQz5kN-_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; GPSDK_TKTID=us-east-1_21b8d282-e952-401f-9c18-5b935252978f; __pvi=%7B%22id%22%3A%22v-2021-08-04-20-01-09-537-9xU4FILrkdGUqSmx-330ea30e72119ebbd43761c5de6ac6b9%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1628100070379%7D; xbc=%7Bjzx%7Dp11O0pbV_k9ixtS1kGyLH0PnnaLbSQQSPgQbYOJ4qke_au5WJJDev6uG7PypaNAoIEkiB-5g61RxSW0PjDGWT8RdDbyzoOenA2XwjQ-GBrKakHT00O-Se02047Fp81ZPgoOgutWczPmtGTx0Z4zlmzc9OWz-XjbrS69_tPRxneCklUdM0P8bYI1A3zvr7KDtK5dYSwBW2L9AIzRdLLOmI3MnP39UxJ0vkXpkUCGYs_XMUa7MavQhoOZfUwkuPnrT-4K-Jbaq7Rz0BpbTjPye44h5nBAyqUj9D3cbIW9yaK7Hwnz-EKi8WwP4Z1A2IQzNB7wUrbeXSLJHR7_39BR08A
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.gazetadopovo.com.br
referer
https://www.gazetadopovo.com.br/login.php/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gazetadopovo.com.br/login.php/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 18:51:54 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:48:23 GMT
server
AmazonS3
age
83357
etag
W/"8789f89477348694faff59a4e4c94855"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
nT4tZLIwdtyH4ZCFCnLjnJeMyH1zAq3pXkI0M9mQH3AIRaWxE2PqMg==
/
www.semprefamilia.com.br/cookie-exchanger/
4 B
1 KB
XHR
General
Full URL
https://www.semprefamilia.com.br/cookie-exchanger/
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7c00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront), 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
etag
W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length
4
x-amzn-remapped-date
Wed, 04 Aug 2021 18:01:11 GMT
x-amz-cf-pop
FRA2-C2, FRA2-C1
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
DjZcKFZ-IAMFh8Q=
content-length
4
x-amzn-requestid
d2f47a8e-185e-4b68-af3e-e6794e018b9b
x-amzn-trace-id
Root=1-610ad5e7-4d75a98b52f9de6e5b1c340f;Sampled=0
vary
Origin
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetadopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id
BP_EeQKgAczNxWhruNKeN_Xz3BtMFZzuPJgT5X_7-bSdMaWlYr8XIg==
x-amzn-remapped-connection
close
/
www.semprefamilia.com.br/cookie-exchanger/ Frame
0
0
Preflight
General
Full URL
https://www.semprefamilia.com.br/cookie-exchanger/
Protocol
H2
Server
2600:9000:20eb:7c00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetadopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
1
date
Wed, 04 Aug 2021 18:01:10 GMT
x-amzn-requestid
4064ab45-adc5-405e-a889-24d69e6787de
access-control-allow-origin
https://www.gazetadopovo.com.br
access-control-allow-headers
Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id
DjZcGE6yoAMFXvw=
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials
true
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront), 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2 FRA2-C1
x-cache
Miss from cloudfront
x-amz-cf-id
l8XwVREsdirSSzv6OVGSe0yE19pM6In3NzTGfZIxjI3YOmbwLEfzcQ==
mercurio.html
tm.uol.com.br/ Frame 5040
197 B
690 B
Document
General
Full URL
https://tm.uol.com.br/mercurio.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f600:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

:method
GET
:authority
tm.uol.com.br
:scheme
https
:path
/mercurio.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gazetadopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gazetadopovo.com.br/

Response headers

content-type
text/html;charset=UTF-8
content-length
173
server
marrakesh 1.16.6
last-modified
Fri, 07 May 2021 13:45:52 GMT
content-encoding
gzip
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date
Wed, 04 Aug 2021 18:00:07 GMT
expires
Wed, 04 Aug 2021 18:05:17 GMT
cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag
ba5203ce522cc70a434e9a70452ca145
x-cache
Hit from cloudfront
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
KDz1sJPNzBkrxDaclHVOcOY8iqSg7nYbmvJxDUHQ_sqlbnG2_CUAhQ==
age
353
profiles.js
tm.jsuol.com.br/modules/external/tailtarget/
13 KB
6 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:03:19 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 13:45:52 GMT
server
marrakesh 1.16.6
age
3471
etag
ecbae16720fa9548b931f719328b1c88
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA2-C1
content-length
5277
x-amz-cf-id
2nrvjCla_NoWxvBAKPEieLpXnDLAsO8OOhyha0LIIJttbGrHbcwM0g==
expires
Wed, 04 Aug 2021 18:03:19 GMT
CT-10.js
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/
133 KB
18 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
edd3570d096045162b2cb8c3e96ff6f75bd558fae92e2364cc77a9e376ebba8c

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:11:17 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 01:20:09 GMT
server
marrakesh 1.16.6
age
2993
etag
7a1ccc3ccf3c2ed3ab92cc7d00c51bfb
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA2-C1
content-length
17436
x-amz-cf-id
clQGGnFsMHrV3Ez2xR77d1T53BiWyZ3g0t2W-3FOLz5MSYcjflc5MQ==
expires
Wed, 04 Aug 2021 18:11:17 GMT
gazetadopovo.js
me.jsuol.com.br/aud/
15 KB
6 KB
Script
General
Full URL
https://me.jsuol.com.br/aud/gazetadopovo.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3101:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 17:08:10 GMT
server
marrakesh 1.16.6
etag
3259e7f0de5880d1a62dfaa532afdb24
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length
6355
expires
Wed, 04 Aug 2021 19:01:11 GMT
dmp-uol-sync-p.js
tm.jsuol.com.br/modules/
6 KB
3 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
0f13d6175409de52247fc375266b327b62589b54f0353554063fd5976bcdd0a9

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:43:25 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 15:08:12 GMT
server
marrakesh 1.16.6
age
1065
etag
218546c9e00fe71b00820ac0a2312baf
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA2-C1
content-length
2146
x-amz-cf-id
SxzOWCdEQd4xvD7GNJB_aq_-jxEk0OQCQxthdXTPFXJHsCihUWsM0g==
expires
Wed, 04 Aug 2021 18:43:25 GMT
partner
tracker.bt.uol.com.br/
0
546 B
Script
General
Full URL
https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3104:401:ffff:ffff:ffff:34 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 18:01:11 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control
no-cache
Connection
close
Content-Type
application/javascript;charset=utf-8
Expires
Wed, 04 Aug 2021 18:01:10 GMT
purge-clients.html
tm.uol.com.br/ Frame 8528
213 B
701 B
Document
General
Full URL
https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f600:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method
GET
:authority
tm.uol.com.br
:scheme
https
:path
/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gazetadopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gazetadopovo.com.br/

Response headers

content-type
text/html;charset=UTF-8
content-length
182
server
marrakesh 1.16.6
last-modified
Wed, 28 Jul 2021 19:15:09 GMT
content-encoding
gzip
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date
Wed, 04 Aug 2021 18:00:07 GMT
expires
Wed, 04 Aug 2021 18:05:17 GMT
cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag
8b30191927f0982283d45c76292da712
x-cache
Hit from cloudfront
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
g8IZPhjg0vDN0zLOjz8r43tasd_dblmKnZ84GHXbukTD_eVVWVyxyQ==
age
353
purge-clients.html
tm.uol.com.br/ Frame ACB6
213 B
701 B
Document
General
Full URL
https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f600:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method
GET
:authority
tm.uol.com.br
:scheme
https
:path
/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gazetadopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gazetadopovo.com.br/

Response headers

content-type
text/html;charset=UTF-8
content-length
182
server
marrakesh 1.16.6
last-modified
Wed, 28 Jul 2021 19:15:12 GMT
content-encoding
gzip
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date
Wed, 04 Aug 2021 18:00:07 GMT
expires
Wed, 04 Aug 2021 18:05:17 GMT
cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag
8b30191927f0982283d45c76292da712
x-cache
Hit from cloudfront
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
2zlv0FAPKvfgSN-b7q2upJjjq9VfG3UHMmDbgu-XOBPsWrGhCRX9Ng==
age
353
pubads_impl_2021072901.js
securepubads.g.doubleclick.net/gpt/
325 KB
113 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 08:44:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116135
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:01:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
104 B
120 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gazetadopovo.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
6d73194a3f163e6f775e14e6610b974828e46d1f30cb4ebe2cb0a9f2083615b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 Aug 2021 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Wed, 04 Aug 2021 18:01:10 GMT
profile
tt-10162-1.seg.t.tailtarget.com/
92 B
499 B
Script
General
Full URL
https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via
1.1 google
cache-control
private, proxy-revalidate
content-type
application/x-javascript
alt-svc
clear
mercurio.js
tm.jsuol.com.br/modules/ Frame 5040
4 KB
2 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/mercurio.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:19:54 GMT
content-encoding
gzip
age
2476
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
1065
access-control-allow-origin
*
last-modified
Fri, 07 May 2021 13:45:52 GMT
server
marrakesh 1.16.6
etag
bed0a7a707f166936e5aaac09879d050
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
9BflvQ55RD8Vt1HjDCPtGv1uiVIg6DSD4ISCo7C5RctPSKZKayjLdQ==
expires
Wed, 04 Aug 2021 18:19:54 GMT
client-purge.js
tm.jsuol.com.br/modules/ Frame 8528
42 KB
9 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/client-purge.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:45:35 GMT
content-encoding
gzip
age
935
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
8899
access-control-allow-origin
*
last-modified
Fri, 07 May 2021 05:04:13 GMT
server
marrakesh 1.16.6
etag
7f26a4519ac2b1604a29daf81d3f336f
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
5pUc61HR5Fop0d-HzTJUr2gGlYjDvOmQ8oT6puJ_U5gN8pET30V4qQ==
expires
Wed, 04 Aug 2021 18:45:35 GMT
conversion.js
tm.jsuol.com.br/modules/external/tailtarget/libs/
15 KB
6 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by
Host: www.gazetadopovo.com.br.admin-mcas.ms
URL: https://www.gazetadopovo.com.br.admin-mcas.ms/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:57:23 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 19:15:10 GMT
server
marrakesh 1.16.6
age
227
etag
f7a535aa8ca1d0acd1bff039eb80acff
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA2-C1
content-length
6125
x-amz-cf-id
DkcU8XmeCHeP7maa9xTeyx4hzI-LsNJLfk1zoW0f0McRdsr3hBSU7w==
expires
Wed, 04 Aug 2021 18:57:23 GMT
client-purge.js
tm.jsuol.com.br/modules/ Frame ACB6
42 KB
9 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/client-purge.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:45:35 GMT
content-encoding
gzip
age
935
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
8899
access-control-allow-origin
*
last-modified
Fri, 07 May 2021 05:04:13 GMT
server
marrakesh 1.16.6
etag
7f26a4519ac2b1604a29daf81d3f336f
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
J0UJrWCmDS5RI3QGLybnXHQ7YCoAsUHa-Z9DvuJLjc72smVLb6vifA==
expires
Wed, 04 Aug 2021 18:45:35 GMT
base.js
tm.jsuol.com.br/modules/external/tailtarget/libs/
21 KB
9 KB
Script
General
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:57:24 GMT
content-encoding
gzip
last-modified
Fri, 07 May 2021 00:30:40 GMT
server
marrakesh 1.16.6
age
226
etag
aeb8806857f0c1b9f7f6b8d4ff48230f
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA2-C1
content-length
8357
x-amz-cf-id
sm0Fj5taLc4is57yMNH0F5C_bCOdDIeE2W40r9HZjFrfZxP0nrGVFQ==
expires
Wed, 04 Aug 2021 18:57:24 GMT
trk
tt-10162-1.seg.t.tailtarget.com/
70 B
477 B
Image
General
Full URL
https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:gazetadopovo:1|_channel:gazetadopovogeral:1&tK=1628100071&tM=referral&tL=referral&tN=referral&tY=3&tZ=620277972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
content-type
image/png
alt-svc
clear
content-length
70
u
b.t.tailtarget.com/
71 B
319 B
Script
General
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
ba382c5e9706c31fa2cc09e76d9ba7c1fb37aaa47a5c77a6d672b2b8078823e5

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:10 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
b
b.t.tailtarget.com/
139 B
572 B
Script
General
Full URL
https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=4&tU=0100007FE6D50A618A0682790281E718&tX=b.52&tZ=312877015&env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
275de29f7df9f827a557a5cef399f60e07bd3e1de8fbef467c198d710670dfd6

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gazetadopovo.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
2850
date
Wed, 04 Aug 2021 17:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 04 Aug 2021 19:13:41 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
4 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-92.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 17:31:32 GMT
via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
etag
"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
1780
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
3690
x-amz-cf-id
1chB17I9j4oVkUcksGqnQziy6IPyH5vkfn20X35DxUOD7hsyJ13dsA==

Redirect headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-cs/default/beacon.js
content-length
52
x-amz-cf-id
nRicwMZOm5xhRQTac0MRuT2r1OKkFHjbdtmKQXwNZI0tciT0vx2ozw==
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1012146468&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAEALAAAAAC~&jid=2089265244&gjid=1897460588&cid=40474134.1628100069&tid=UA-97689914-251&_gid=742759855.1628100069&_r=1&_slc=1&cd1=Parceiros&cd2=Gazeta%20do%20Povo&cd3=Gazeta%20do%20Povo&cd11=normal&cd4=40474134.1628100069&cd66=1628100071343.kk8j044v&cd85=none&cd87=none&cd88=none&z=818826316
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
25 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-97689914-251&cid=40474134.1628100069&jid=2089265244&gjid=1897460588&_gid=742759855.1628100069&_u=6GDAAEALAAAAAC~&z=17929241
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 04 Aug 2021 18:01:11 GMT
content-type
text/plain
access-control-allow-origin
https://www.gazetadopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-97689914-251&cid=40474134.1628100069&jid=2089265244&_u=6GDAAEALAAAAAC~&z=610087336
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-97689914-251&cid=40474134.1628100069&jid=2089265244&_u=6GDAAEALAAAAAC~&z=610087336
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Aug 2021 18:01:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
tt-10162-1.seg.t.tailtarget.com/
78 B
337 B
Script
General
Full URL
https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=231147629&env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
2e987d6882bb10fcd1184236bc6c36a084e0e721a555aa3459abcbc8a9673130

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
b
sb.scorecardresearch.com/
0
337 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1628100071453&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F&c8=P%C3%A1gina%20n%C3%A3o%20encontrada&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-92.zrh50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
N2Zpf8vgRoPaA-UXm3GqtJ9OOGRgoCpvYmv5yMFVjgADmQK37GyLdw==
x-cache
Miss from cloudfront
/
www.semprefamilia.com.br/cookie-exchanger/ Frame
0
0
Preflight
General
Full URL
https://www.semprefamilia.com.br/cookie-exchanger/
Protocol
H2
Server
2600:9000:20eb:7c00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetadopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
1
date
Wed, 04 Aug 2021 18:01:11 GMT
x-amzn-requestid
90703b59-3d32-4fde-a3c0-168fe47b5a94
access-control-allow-origin
https://www.gazetadopovo.com.br
access-control-allow-headers
Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id
DjZcQEZdIAMFyyg=
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials
true
via
1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront), 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2 FRA2-C1
x-cache
Miss from cloudfront
x-amz-cf-id
2EXbR9P02jkU-1n8dQTy03mE15vIhAu3vIb9d5koH1OvqZYBHBbmXw==
/
www.umdoisesportes.com.br/cookie-exchanger/ Frame
0
0
Preflight
General
Full URL
https://www.umdoisesportes.com.br/cookie-exchanger/
Protocol
H2
Server
2600:9000:20eb:e200:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.gazetadopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
1
date
Wed, 04 Aug 2021 18:01:11 GMT
x-amzn-requestid
096d8b88-1276-48b4-a92e-9f64cd197231
access-control-allow-origin
https://www.gazetadopovo.com.br
access-control-allow-headers
Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id
DjZcOGYkIAMFWEQ=
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials
true
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront), 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2 FRA2-C1
x-cache
Miss from cloudfront
x-amz-cf-id
0syEuPejppBl8Z7E6e8CTr4RU1w38jRJnTw69EZOfOn8bVUFYouc3A==
/
www.semprefamilia.com.br/cookie-exchanger/
4 B
1 KB
XHR
General
Full URL
https://www.semprefamilia.com.br/cookie-exchanger/
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7c00:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:12 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront), 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
etag
W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length
4
x-amzn-remapped-date
Wed, 04 Aug 2021 18:01:12 GMT
x-amz-cf-pop
FRA2-C2, FRA2-C1
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
DjZcTGJyIAMFoSQ=
content-length
4
x-amzn-requestid
5d35a421-29cc-4d30-822a-04f2743d9a9b
x-amzn-trace-id
Root=1-610ad5e8-5803481147a3aa410ce787a9;Sampled=0
vary
Origin
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetadopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id
fG_Hyq21C_5br7zCEVCCL9I6UE9ArmjL8abaOtA4h2W07U5yEkY-CQ==
x-amzn-remapped-connection
close
/
www.umdoisesportes.com.br/cookie-exchanger/
4 B
1 KB
XHR
General
Full URL
https://www.umdoisesportes.com.br/cookie-exchanger/
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/vendor-gazetadopovo-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e200:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront), 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
etag
W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length
4
x-amzn-remapped-date
Wed, 04 Aug 2021 18:01:11 GMT
x-amz-cf-pop
FRA2-C2, FRA2-C1
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
DjZcQHuOoAMFbwA=
content-length
4
x-amzn-requestid
fb3f925c-1b39-481b-8731-552011c5cc3d
x-amzn-trace-id
Root=1-610ad5e7-2070c74861a76aef55e9e514;Sampled=0
vary
Origin
access-control-allow-methods
OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gazetadopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id
ZZJOJKKkqjnwEV29ioszGWGS-0JzbTcB3GdSCIqMJCA4ffj6_ln5VQ==
x-amzn-remapped-connection
close
collect.js
100026685.collect.igodigital.com/
9 KB
2 KB
Script
General
Full URL
https://100026685.collect.igodigital.com/collect.js
Requested by
Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-modules-gaz-fbb8faf49a90cf57193d97978a255a4d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.138.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-138-229.compute-1.amazonaws.com
Software
/
Resource Hash
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 17:13:28 GMT
vary
Accept-Encoding
content-type
application/javascript
__tt.gif
t.tailtarget.com/
43 B
298 B
Image
General
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_warsaw_mazovia_pl_1628100071243_3649753420&tJ=&tQ=gazetadopovo,gazetadopovogeral&tU=0100007FE6D50A618A0682790281E718&tX=b.52&tY=1&tZ=984892095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 18:01:11 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
track_page_view
nova.collect.igodigital.com/c2/100026685/
43 B
723 B
Image
General
Full URL
https://nova.collect.igodigital.com/c2/100026685/track_page_view?payload=%7B%22title%22%3A%22P%C3%A1gina%20n%C3%A3o%20encontrada%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br%2Flogin.php%2F%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.gazetadopovo.com.br.admin-mcas.ms%2F%22%2C%22user_info%22%3A%7B%22user_id%22%3A%22us-east-1_21b8d282-e952-401f-9c18-5b935252978f%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.138.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-138-229.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gazetadopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime
0.012707
date
Wed, 04 Aug 2021 18:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
ed1eec8e-9d82-4707-82a3-77d984815433
/
events-api.gazetadopovo.com.br/register/
0
0

/
events-api.gazetadopovo.com.br/register/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
events-api.gazetadopovo.com.br
URL
https://events-api.gazetadopovo.com.br/register/
Domain
events-api.gazetadopovo.com.br
URL
https://events-api.gazetadopovo.com.br/register/

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| setNptTechAdblockerCookie object| script object| cX string| GoogleAnalyticsObject function| ga object| dataLayer object| fbpixel object| GPSWGState object| OneSignal string| pageType string| idBlocoAnuncio string| uolBlocoAnuncio string| assetsURL object| GPExternalFunctions object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage function| BlockAdBlock object| blockAdBlock object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| webpackJsonp function| fbq function| _fbq object| _comscore string| _linkedin_partner_id object| _linkedin_data_partner_ids function| twq object| tp object| GPCORE64d9d3 function| lintrk boolean| _already_called_lintrk object| Backbone object| GPAbstractModules function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO number| pnInitPerformance function| ___tp object| localCookieStorage object| sessionCookieStorage object| twttr string| __tpVersion object| jQuery112406493111615494467 object| googletag object| SWG function| udm_ object| ns_p object| COMSCORE object| picturefillCFG function| picturefill function| jQuery function| $ function| trackerSendEvent object| PianoESPConfig object| UrlCache object| SUBSCRIPTIONS function| onYouTubeIframeAPIReady object| UOLPD function| triggerUOLTM object| uolads object| __configuredDFPTags object| __dfpAsyncRenderingCallbacks object| _ttprofiles object| ggeac object| google_js_reporting_queue string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder object| TTTagManager function| TTTagManagerError object| _ttq_tt_uol undefined| _ttconversion string| n string| nq object| cmds object| _tt_uol object| ttcNamespace string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| uolAnalytics function| hitOmniturePhoto function| hitOmniture object| universal_variable object| _etmc object| _etmc_temp string| func_name object| args string| collect_url

17 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 220=mbvupF7sb1obHMXxUPEraWDwebo89tyxD3kW3f-7O9KtLKqxhXrupR62-0T1NX0O7Pm-GqALbCrGiACvTi0Pk3OW1Ttw-o5cGoSK-wOdZK0lRxwzSI3UD0tKSJzS5_xaQMv1ngQSg9w5rMul5N70PFQZ2dylyw35Co9gJ-dxSt0
.gazetadopovo.com.br/ Name: __pvi
Value: %7B%22id%22%3A%22v-2021-08-04-20-01-09-537-9xU4FILrkdGUqSmx-330ea30e72119ebbd43761c5de6ac6b9%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1628100070379%7D
.gazetadopovo.com.br/ Name: xbc
Value: %7Bjzx%7Dp11O0pbV_k9ixtS1kGyLH8nXoNs7Mkxo9wTf1JnEb6C_au5WJJDev6uG7PypaNAoKOGev8J1a4aGn3ZgXXqz9cRdDbyzoOenA2XwjQ-GBrJ76HiEn0V2cXIOfONCncvRx3eue7xf5sx2mU3ab07ZcR_5omp888PT09Ce1NkNy3x_T446lHZGyL3zeJ0EQlzYnQoZiKzxOhyXjzSY6qjlI7fCzb_DPbs_KAXnLi8knmpCBfHUsij7Jn_abfnIYnmfEBUN0yhjQsICwkmLn21yICSMtzY52ukcPv9FeA7BjxteomoJ3b7k8wzQejHdkrtRgYeEnEso_OW3vor7h1OSjA
.gazetadopovo.com.br/ Name: __pat
Value: -10800000
.gazetadopovo.com.br/ Name: _ga
Value: GA1.3.40474134.1628100069
.gazetadopovo.com.br/ Name: cX_P
Value: krxsqth0f3s2752m
.gazetadopovo.com.br/ Name: GPSDK_SESID
Value:
www.gazetadopovo.com.br/ Name: __adblocker
Value: false
.gazetadopovo.com.br/ Name: _fbp
Value: fb.2.1628100069469.1561521051
www.gazetadopovo.com.br/ Name: __pnahc
Value: 0
.gazetadopovo.com.br/ Name: __tbc
Value: %7Bjzx%7DmTYUm08lJyHEWAs9ALXKQgzZ3Tv5vBEP6j0Ap7SNe9Y0lXEs4-9WOf1GmQF2ITJ61WoXDpdjmmK5wcp9MkMPocO273SMINZ_bMC_W5xVaiG23FgrpGCQKHSt7RQz5kN-_ClXXX7wZd7xhwozNxHCCQ
.gazetadopovo.com.br/ Name: _gid
Value: GA1.3.742759855.1628100069
.gazetadopovo.com.br/ Name: _gcl_au
Value: 1.1.32042663.1628100069
.gazetadopovo.com.br/ Name: _gat_UA-23088598-1
Value: 1
.gazetadopovo.com.br/ Name: GPSDK_TKTID
Value: us-east-1_21b8d282-e952-401f-9c18-5b935252978f
.gazetadopovo.com.br/ Name: cX_S
Value: krxsqtgx9gqhr0ac
.gazetadopovo.com.br/ Name: _gat
Value: 1

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.gazetadopovo.com.br/login.php/(Line 26)
Message:
[object Object]
console-api log URL: https://www.gazetadopovo.com.br/login.php/(Line 69)
Message:
adad
console-api log URL: https://www.gazetadopovo.com.br/login.php/(Line 70)
Message:
null
console-api log URL: https://www.gazetadopovo.com.br/login.php/(Line 72)
Message:
alterou state
console-api log URL: https://www.gazetadopovo.com.br/login.php/(Line 73)
Message:
interactive
console-api log URL: https://www.gazetadopovo.com.br/login.php/(Line 75)
Message:
PAGE-STATUS interactive 20 1 9
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://www.gazetadopovo.com.br/assets2/gazetadopovo-abstracts-_init-gaz-fbb8faf49a90cf57193d97978a255a4d.js(Line 1)
Message:
abstracts gazetadopovo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100026685.collect.igodigital.com
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
analytics.twitter.com
api-v3.tinypass.com
b.t.tailtarget.com
buy.tinypass.com
cdn.onesignal.com
cdn.privacytools.com.br
cdn.tinypass.com
comcluster.cxense.com
connect.facebook.net
d335luupugsy2.cloudfront.net
events-api.gazetadopovo.com.br
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mcasproxy.azureedge.net
me.jsuol.com.br
news.google.com
nova.collect.igodigital.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
sb.scorecardresearch.com
scdn.cxense.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.tailtarget.com
tm.jsuol.com.br
tm.uol.com.br
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
www.facebook.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.admin-mcas.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.npttech.com
www.semprefamilia.com.br
www.umdoisesportes.com.br
events-api.gazetadopovo.com.br
104.244.42.133
104.244.42.195
108.174.10.14
13.224.193.86
13.224.89.226
13.224.96.92
13.225.87.39
151.101.12.157
172.217.18.98
178.63.13.144
216.58.212.162
2600:9000:20eb:2c00:6:45ad:3580:93a1
2600:9000:20eb:7c00:13:9bf5:7100:93a1
2600:9000:20eb:e200:1d:7626:ce40:93a1
2600:9000:20eb:e800:6:9eb2:5cc0:93a1
2600:9000:20eb:f600:6:5b96:3f00:93a1
2606:4700:20::ac43:442e
2606:4700:3032::ac43:c0b6
2606:4700::6811:b8b1
2606:4700::6812:e234
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2804:49c:3101:401:ffff:ffff:ffff:50
2804:49c:3104:401:ffff:ffff:ffff:34
2a00:1450:4001:801::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9c
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2bf::268b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.102.185.99
51.105.164.234
52.5.138.229
018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a4cc6b7b190718c96fb85d84e2dffb840959d15c1d208cb50f2926441c4ec44
0e275872784212de73a7a1b0385a96c63311aa5f67cbad7b654b813fa18f5408
0f13d6175409de52247fc375266b327b62589b54f0353554063fd5976bcdd0a9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1218fea9cbb0de1cf0da72808fb659cf98de4e16b79a25dde782cb525993fc0c
19e011d9a556628501b1557416b8af87442f7baf56cd957a1561d3075c6404c7
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
2589a61487c9b0a58090f2dd5705126dc2158a7d9ab2e183bd1d484560f1b957
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a
275de29f7df9f827a557a5cef399f60e07bd3e1de8fbef467c198d710670dfd6
2e987d6882bb10fcd1184236bc6c36a084e0e721a555aa3459abcbc8a9673130
2f4727f91ecc6b3c13c28d39675aaf9b82d846c20d72b8c35209b975d037d52f
3199ef85204442ae5b8e3c54d29219fbb17ccd70d3e7d94f62a2750c587ab8d2
31f25864f6f5a98e9c546484b6dab9288a6f5eeb136c193fc670cd90904f06e0
3262a5735cbb61a4137ddb4781a55189be1f1bad2f091411986f426f508453b3
36ce2f56a0234145bce79d270a65b4727b7552d35fa55b368396a67a446d3544
3d72714ff5d9fd247eb1d6ae5aa6bb5d0fdd931225f31b43a7bd0fe08f22ae9c
3d7e425a0f28d5e070d757bb01547a42ca1217a7f0ccd84fdecd852c189bb028
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
489031b4b49cd663c247a5f37663db2cf4e30eb88d605c03d18a022cf9c06f8c
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
508613ddd8b10a0c45d7172abcb8ad1b72e4514a7abed6a8e06826dad6b2ed16
53443a132e6c72c07912a625b851218496e1d9ba9a4d410863e56fa3d53d6c65
5611e6db97c3e4e3652ec5ca7e4e4bad163d8956ccff61353fd884ee8256935d
5914b59f5d3f2a930b318550fe4135b897296b7cb3b35e6cdd4768c7d5492f3a
5b0befca6b1f09321d1f662516c6e01c65c1aa3b97bfde29493f8a5a52137d9e
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
5e0eea4b0b726448ca0ddb42aa528b40d85174cdc9ac8ea3343dfb6d49ecc64f
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6afb18adf5ce274139b890ad6a6dd0534af062e38e830f77e1d8d6ad553d58b9
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
6d73194a3f163e6f775e14e6610b974828e46d1f30cb4ebe2cb0a9f2083615b5
6e4a1bd31cc8508c37950ec2e3589143f0aa57f0910f7631920da3436f7899a5
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
72d63bb117f888da85cb08b700f022e15fe6b95939fd004206d22fcafcf86d53
740fbabd0511aa9be95dea5dccbc3bb04325f5cf98b849a3586038a3a654c9be
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7749a7cd38d6c818181e5ec08c8d90b099454ff1cf8a43e056eff4f343c8a348
7f3f434e7a8458ef0f1e9ebbb6d18c6c42a36c86073ea1fc3ec7347b663dcd95
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
84a73b8ec48a895519c31a1ad6767190283e0a238e58aa1be81a8a0dd70467c5
84c30a59a914fdcdbbe927861e998a8015ac565e2df0cbff708bccea1ac80347
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e0d406146e37613057f819e1cf25b1ee22a743732398e053b6fe5c9de9ac277
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
9441dc156cf1f79d8c0b6fe0a055646ca9bb8e0a4f9ba670e52453627f0ceb6d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9af4571612dfaffb9f440e11be06fadc849c92b580b913f28ff2b5d1eda71c33
9c57b4195a9511416da7d06f703db7696145bfb9acb4904383f3725dd6208457
9e1e24adeade69ad4a3db19f2e628bfd9d6f7e865fc849bfad4e51e4366c0f8b
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
ab5d63b413f24a29f71f927e08dc2fe273d8c030f950fc86d688ea6581c40ea5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
add8052b0424bb3b4c5fae0502733d9a9f4ee6d11258e68aaca91357415692dd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
ba382c5e9706c31fa2cc09e76d9ba7c1fb37aaa47a5c77a6d672b2b8078823e5
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c06e14fbbce575d2ff577427ee9cfc81e3f3facd531ab0cd51a0c89d0e6eb5b1
c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
cadc02d747f502c27492970fcaafd9d404fa55442d67442d4ed878ffa700a7d4
cd3784364ad5522e5e796e06bb7fbae3812e49246bab7d41873a85e4e41c5494
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def57da143d991e7582ff0ca95445268578466cf655e94971219f0da37bd5734
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e832a4ca2c09796fe68c689b22da0ce79be7aeb29f64d4a7494a5c13b3027e58
edd3570d096045162b2cb8c3e96ff6f75bd558fae92e2364cc77a9e376ebba8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b
f334464f79e9cc43c4033c5db75613289e84f8d63bc4b67ea0e4a94edd2c3e3b
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd