urlscan.io logo urlscan.io
SecurityTrails logo

0.bluefiretobind.com Open in urlscan Pro
172.67.206.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dronews.com.br/
Effective URL: https://0.bluefiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=clers&sub3=carlos
Submission: On July 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 46 HTTP transactions. The main IP is 172.67.206.124, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0.bluefiretobind.com.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.
This is the only time 0.bluefiretobind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 172.67.152.244 13335 (CLOUDFLAR...)
6 216.58.206.34 15169 (GOOGLE)
1 172.67.209.227 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 193.163.7.113 204601 (ON-LINE-D...)
1 172.67.172.18 13335 (CLOUDFLAR...)
4 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.67.192.6 13335 (CLOUDFLAR...)
3 45.9.149.210 49447 (NICEIT)
1 2001:4860:480... 15169 (GOOGLE)
4 172.67.206.124 13335 (CLOUDFLAR...)
46 13
14    172.67.152.244 (United States)

ASN13335 (CLOUDFLARENET, US)
dronews.com.br
6    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.209.227 (United States)

ASN13335 (CLOUDFLARENET, US)
js.cdntoswitchspirit.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    193.163.7.113 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm76183.vps.client-server.site
bind.bestresulttostart.com
1    172.67.172.18 (United States)

ASN13335 (CLOUDFLARENET, US)
background.apistatexperience.com
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
jquery.restartyourchoices.com
ready.followtosfinishline.com
go.followtosfinishline.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    172.67.192.6 (United States)

ASN13335 (CLOUDFLARENET, US)
starts.readytocheckline.com
point.readytocheckline.com
3    45.9.149.210 (Amsterdam, Netherlands)

ASN49447 (NICEIT, DM)
cdn.rdntocdns.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    172.67.206.124 (United States)

ASN13335 (CLOUDFLARENET, US)
bluefiretobind.com
0.bluefiretobind.com
Domain Requested by
14 dronews.com.br dronews.com.br
6 pagead2.googlesyndication.com dronews.com.br
pagead2.googlesyndication.com
4 fonts.gstatic.com dronews.com.br
3 cdn.rdntocdns.com dronews.com.br
2 0.bluefiretobind.com dronews.com.br
2 bluefiretobind.com
2 go.followtosfinishline.com ready.followtosfinishline.com
go.followtosfinishline.com
2 bind.bestresulttostart.com dronews.com.br
1 ready.followtosfinishline.com point.readytocheckline.com
1 region1.google-analytics.com www.googletagmanager.com
1 point.readytocheckline.com starts.readytocheckline.com
1 starts.readytocheckline.com background.apistatexperience.com
1 www.googletagmanager.com dronews.com.br
1 jquery.restartyourchoices.com js.cdntoswitchspirit.com
1 background.apistatexperience.com dronews.com.br
1 js.cdntoswitchspirit.com dronews.com.br
0 rest1.rdntocdns.com Failed dronews.com.br
46 17

This site contains no links.

Subject Issuer Validity Valid
dronews.com.br
E1		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cdntoswitchspirit.com
WE1		 2024-06-27 -
2024-09-25		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
bestresulttostart.com
R10		 2024-06-07 -
2024-09-05		 3 months crt.sh
apistatexperience.com
WE1		 2024-06-17 -
2024-09-15		 3 months crt.sh
restartyourchoices.com
WE1		 2024-06-30 -
2024-09-28		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
readytocheckline.com
WE1		 2024-06-20 -
2024-09-18		 3 months crt.sh
cdn.rdntocdns.com
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
followtosfinishline.com
WE1		 2024-06-20 -
2024-09-18		 3 months crt.sh
bluefiretobind.com
WE1		 2024-06-18 -
2024-09-16		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://0.bluefiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=clers&sub3=carlos
Frame ID: 557A926E9AC935D36D440D8D68B82871
Requests: 60 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: C261770E8F65718D52B13245B1880DAE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3583330823019854&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720229901&plat=1%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x540_r&format=0x0&url=https%3A%2F%2Fdronews.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~31_2~27_14~29_18~30_19&aiixl=32_9~31_8~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720229899752&bpp=2&bdt=589&idt=1784&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1635406928710&frm=20&pv=2&ga_vid=2036147939.1720229902&ga_sid=1720229902&ga_hid=227510747&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44798934%2C95334509%2C95334529%2C95334565%2C95334829%2C31084927%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1162447996612937&tmod=740765050&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1810
Frame ID: 9492D58ECA082216C68B74FD6809810F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Проверка браузера

Page URL History Show full URLs

  1. https://dronews.com.br/ Page URL
  2. https://ready.followtosfinishline.com/Z5cmPh Page URL
  3. https://go.followtosfinishline.com/HRT532se Page URL
  4. https://go.followtosfinishline.com/7MjvR5 Page URL
  5. https://bluefiretobind.com/go/gmzdkzdfmq5dcobygyza?sub1=clers&sub3=carlos Page URL
  6. https://0.bluefiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=clers&sub3=carlos Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

93 %
HTTPS

25 %
IPv6

13
Domains

17
Subdomains

13
IPs

3
Countries

715 kB
Transfer

2089 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dronews.com.br/ Page URL
  2. https://ready.followtosfinishline.com/Z5cmPh Page URL
  3. https://go.followtosfinishline.com/HRT532se Page URL
  4. https://go.followtosfinishline.com/7MjvR5 Page URL
  5. https://bluefiretobind.com/go/gmzdkzdfmq5dcobygyza?sub1=clers&sub3=carlos Page URL
  6. https://0.bluefiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=clers&sub3=carlos Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dronews.com.br/ 		188 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eed0e804f042e5e1c2027002302df094ffd833880d55d9bd7b1164d2aa47d5f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89ebdfe458cb3803-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 01:38:19 GMT
link
<https://dronews.com.br/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwAc7TVkH9h5SLFcxtn%2BrZLtXVf4sYZmbPQiE7NxCTj3bKGXQI8mIPBwbniEkiK7f1lKnNYI2B%2FQ%2BwC4rOf%2FaGnEuV5F4efKkk%2F3dGO5DidrbZWsOZkFr30%2FE40gTz652A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
x-ua-compatible
IE=edge
5245b5c914736efd41751e9b8c680464.css
dronews.com.br/wp-content/litespeed/css/ 		1 KB
958 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/css/5245b5c914736efd41751e9b8c680464.css?ver=0120f
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1494699bba8d17dab8ff58a2912ef07896eabe6de57e6602b5a575affbe95202

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Jul 2024 00:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"531-66888f32-9f165;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E33qArV7QrZQ3a2EXmlYiRfeQnVy0cWm6TCyA94Q8qhzfBtKYdNy8MFBMzW2P4IiXCPhskO3waj87Mf%2FRn%2B6OYbbzAaw6jZJf2dLr6vPZNk7AcplgZk3T79CE6xT8VjRRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89ebdfe5e99a3803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
f938fb2c5b90511933c10c802f758f7e.css
dronews.com.br/wp-content/litespeed/css/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/css/f938fb2c5b90511933c10c802f758f7e.css?ver=4212d
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3596a59a851ddd0cc4d04d008ca35e42ad54c7d946ccac1810aa40caeb98f9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Jul 2024 00:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1b9de-66888f32-9f18f;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqgUvwTHSFExlWSYvQI2hw983GCPS5PrAId55pLRuaROLM4SdTiymXEuTGx0gnKPgNsk4gnNK3zFG0HON%2FUkeA%2Fr0C0%2FRAAOczShEVkNxPPdDcYnipoB0RrUCV6QGzlOjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89ebdfe5e99c3803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
335b0aaaac0f8991d113092ac34fb5df.css
dronews.com.br/wp-content/litespeed/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/css/335b0aaaac0f8991d113092ac34fb5df.css?ver=090b6
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
580339a5023d14e35e629e1ab91af56a7fbde7b1a3bc68d100caaf055d4bae7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Jul 2024 00:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"aaf-66888f32-9f190;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9DuVjM50k9eh%2BePyV6RV%2FcgLutODlxNj48fnA24hMVl33phVVnJjC3CpgWkDeXq420Z6acqp2nyOKCF2%2FXIqAWafw9l9rQKK%2BvOF7sNgIO3c1b9b8SSzTHQhKZ21ngHM9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89ebdfe5e99d3803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
6e782a09e5cae8b09461b936803b299e.css
dronews.com.br/wp-content/litespeed/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/css/6e782a09e5cae8b09461b936803b299e.css?ver=1c0e9
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b5ebb7b001ee9db0ec562fb9e0324e04c0bb75c2c0456131906cff29ce96cfc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Jul 2024 00:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4c5c-66888f32-9f191;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qe38QRauOHsLtoMPImddSxVYiQKacW7%2BHTbC%2FGuhtpysjJ%2Fh5UTUqw83oknMs6R1LP%2FN7nXq%2FweWj4nymhg74R5R3oVZfrdIN%2BSaJNfPShT%2FL1AmW4xRy4ONvujlJl1qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89ebdfe5e99f3803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
3c7e83cfba0eb3d57b65950c028a1fe2.css
dronews.com.br/wp-content/litespeed/css/ 		3 KB
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/css/3c7e83cfba0eb3d57b65950c028a1fe2.css?ver=a1fe2
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b1f4ba8f5605d023f3a55e85945b294b85dcfcb35dbc1109fa9bcc1ed9e0d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jul 2024 22:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11460
etag
W/"a79-66887344-9f1ba;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzE%2BDFDs9xoyxmaA14ywMZvTb3tq8%2B%2Bm%2ByaasRX%2FpOCGFGrjeLy7vIdiUN1s0Dghi0CNQMPJ%2FRLGONJk3rlwQHjfG5%2FlaDlPfjHClgFyxR%2BHlhlvN0zlPWWbhgO6aF%2BjLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89ebdfe5e9a13803-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jul 2024 22:27:19 GMT
544080f80336fc634326273e42fd0487.css
dronews.com.br/wp-content/litespeed/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/css/544080f80336fc634326273e42fd0487.css?ver=73316
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39150455bcd9d2ceec6b4c50aa037be949227eef7ee9c5406f4179b69e252fce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jul 2024 22:27:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11471
etag
W/"20b5-6688733b-9f1bb;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXyip%2F7Px5c5cJlLMKSS%2FuKjjHCVlEVbTMhvkXIO9jRDlFAh2KRQ59IN9Yxz0fYgYH7v3ocQWYmM%2Bn9%2FYCNAcuCupgkVTL6zoYcFivQIYzkZZ94eGQUCK0RuAERSx3qEUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89ebdfe5e9a23803-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jul 2024 22:27:08 GMT
jquery.min.js
dronews.com.br/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e084c571b35fee4cb905a5ff524933add24aec09b974ead209f17efcfa357dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Apr 2024 18:32:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15c42-662fe7c1-a239b;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XD7lUV5UZG8byu7flF1hwOsoqgk7unuEyrvLBbFYSYtrWAGWD5pHPg7a%2BhUMa6jur81w0Nlx1V1ZLIo2%2FMx0taX0kdpNVCD0T863nxzvkz6wVaJOB0QUnMWpzUb%2BV6zhbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
89ebdfe5e9a33803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
54f6dc96f1325ba193792cf18f25623a.js
dronews.com.br/wp-content/litespeed/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/js/54f6dc96f1325ba193792cf18f25623a.js?ver=dbca5
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef5d80234fe3be41ccf54dd7b3758b8492718d6bebcc04de1de7117383ee13ae

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Jul 2024 00:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"36cc-66888f32-a040b;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4h8ubsYjdt87U8F%2Bq%2FtycpRGrwz41mN0t4rNMj9tTYJg0%2BTmzZD7g31OJvXz4fEEcpm1Gw5KcmuAQjaA9uc91eevGcbaKFnfo4DamShU2As%2Ff3ZNXS%2F3Ncu4zfjcow%2FsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
89ebdfe77afb3803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3583330823019854
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
35214613a346ccc1c80f823dddc8afd3830727828ae1f075fcf0be89dfa4be74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Origin
https://dronews.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52912
x-xss-protection
0
server
cafe
etag
14662769172023556178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 06 Jul 2024 01:38:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3583330823019854&host=ca-host-pub-2644536267352236
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
9f9340dd5c2c995cee2b5739c8f7441f066e46bd28365468874915ccd6c18985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Origin
https://dronews.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52843
x-xss-protection
0
server
cafe
etag
17291577455286990732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 06 Jul 2024 01:38:19 GMT
c50618d11588829def86ef84dca7cb98.js
dronews.com.br/wp-content/litespeed/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/js/c50618d11588829def86ef84dca7cb98.js?ver=a2cb1
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
922dc9ef63f75ada4d0656863e3e52bf6fa5c67a1b6bd5bbf331567bae19c4b1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Jul 2024 00:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2046-66888f32-a0411;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnWJGlw6PuD4ZaaH%2F8P9QZQbzN61d%2FD6RhDfUQMv1lbf5Z6QZnsfqWebgi82Gx4Xxqt0lZWbgx1MjQ24bLDaf3WRoUCZTNK5qAD6b2QgCIGTXF7%2BudPUnEsfI3DEIvNjSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
89ebdfe81b3f3803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
7153d9ce73272c933507d87af565de4a.js
dronews.com.br/wp-content/litespeed/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/js/7153d9ce73272c933507d87af565de4a.js?ver=fc8ef
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b360a6f60eec9de7258186ddb546f22b6ad064cc5997fea635b8feb32072f60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jul 2024 22:27:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11467
etag
W/"1b40-6688733d-a0414;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1uq%2F6TzlNgYRpEg72hqoz2kaP7CknR7kPMcfuay53Av5vOFoF%2BZ3C%2FDdz2F69eLLLFZk7PLblOIY8fqmDjNOH9nXvcMaIoQaH%2FMvLfsbnnkBVqgWFaIoXGHOOy5OWBLqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
89ebdfe81b403803-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jul 2024 22:27:12 GMT
6e46ea14a5c5be1222dcddbf42b32f84.js
dronews.com.br/wp-content/litespeed/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/js/6e46ea14a5c5be1222dcddbf42b32f84.js?ver=96c7e
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6c0d11444b2045907172c4626b39a00160e2af97cf0c8f0c77111018e27c1b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Jul 2024 22:27:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11474
etag
W/"12e4-66887336-a18a1;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CEscE8n3VUCuqTh52Cyj1s%2BH75UOKIdvj7yeEStyouQr%2Fk7ZZycOCVL245CujpKLLVJLdyd7kEi1n9Lab3G4ZmAbNCCWtJPIMATD%2BhN%2F0lOkcEAKomLwV%2Bpn2fFyk9QAzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
89ebdfe81b413803-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jul 2024 22:27:04 GMT
789351b98b3fe879049ede4adfe9207a.js
dronews.com.br/wp-content/litespeed/js/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/litespeed/js/789351b98b3fe879049ede4adfe9207a.js?ver=f3f4e
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be71b90ade22d4f290da34f81e48703efeb814e83444e5a399b8820e76f6317b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 06 Jul 2024 00:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9f5f-66888f32-a1aa4;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NteN51q6kClnDuc5BvnQ7oowLhO%2FxrpguZ2zKxoIcPOlhriH%2FqDo1pJ%2F07vkwE9vnuti09laKxjktFEU0pN47CHj5abFboMvVUJ0e7%2BfXFZWYm95pWVd3GXsa%2FtWxFOW0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
89ebdfe81b433803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
split.js
js.cdntoswitchspirit.com/source/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cdntoswitchspirit.com/source/split.js
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 May 2024 08:18:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4467168
etag
W/"66446fc3-ab1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uIcPnna5aogzaPR8tMamDHpNLnzxnv1nVQLokMXxZ4KyvqSDloWoaFnmVOpDo9iX%2BEtXBfivlvn4sRMrJjnw21nGtplLemDHVabFOlM5IkVLePEU7IEvEHq4SBd3LqS6Gfvu9duXkErnJRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
89ebdfe87b151b36-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dd2ea6dab356ce9301e7efb2dc064517cc08292e23a0a6c6fe881b04defd558

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		7 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d36a2ddcf87a1461d630e493f1f23427f8fb666d6456f9f30813dc1014d88ac1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		132 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
197aa901d1d24cfb27bc66ad06164487f59f68cded9acf56b2289922936c5f1b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aeebb05a48f9c1345febfcb4344948394502d6fde9fa9828dc36460f4c28085c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		277 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5160d0bdfc4e94134f4d9bf52c28344b9d885aa38fdf17924c14e79230e789ac

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5f31179c7fb59b414083f34ecbcefd303a88549db2db9512ce10d4936b565d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11f6adc8420c076b1f26873f0f5e17813dd01a59b3ad45930f5b33a839db765c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
397fd7354ae21616d8f9f710c0f06a3c19bb24ac6491041629c00f0487353388

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		167 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4ef74e558a3c588222b02270e9d47f1152b38a399d1f357f9dce36f4bf2a517

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		259 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2909117400dcc95f99cbcc62930bce751a820266f346a6e676aa573f71e922c0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c76000fe3a0be63156e6baca2565608fe2fa4f981e02cbbdef3ccf2f9ccd51a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		122 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17b767f85a14d9d6e5ec49c39498113f8453bbcf4abf90153034a0704f20faa0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c00129122802888e9fd70af54be5704bc8ef7b631ba20096b6d4be8cee7706f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		69 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03b92ab0f87dd4934b1ba677082c26a0e8eb7fe2e308c3f369a9546e562221d3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0Uw.ttf
fonts.gstatic.com/s/rubik/v28/ 		46 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0Uw.ttf
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/wp-content/litespeed/css/3c7e83cfba0eb3d57b65950c028a1fe2.css?ver=a1fe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f45a8b4842d523fa15f7f6cd70bf340a958e8563ec00cc517d08111153726d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Origin
https://dronews.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 19:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25541
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:30:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jul 2025 19:59:55 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0Uw.ttf
fonts.gstatic.com/s/rubik/v28/ 		47 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0Uw.ttf
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/wp-content/litespeed/css/3c7e83cfba0eb3d57b65950c028a1fe2.css?ver=a1fe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd824ca47370640d99212636ddd97cbe07c530e398ee7806fef090abbdb8b433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Origin
https://dronews.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 19:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25871
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:07:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jul 2025 19:42:16 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0Uw.ttf
fonts.gstatic.com/s/rubik/v28/ 		47 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0Uw.ttf
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/wp-content/litespeed/css/3c7e83cfba0eb3d57b65950c028a1fe2.css?ver=a1fe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6a9b68e9b97b74a37f666220820afd77d3a80a50241dbd9118cf768b55a3c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Origin
https://dronews.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 19:41:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25809
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jul 2025 19:41:44 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-2Y-FV0Uw.ttf
fonts.gstatic.com/s/rubik/v28/ 		47 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-2Y-FV0Uw.ttf
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/wp-content/litespeed/css/3c7e83cfba0eb3d57b65950c028a1fe2.css?ver=a1fe2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7571acec28a82364e641aaf589494a666afcfeb4ec8bd6b8ee5767729dc2160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Origin
https://dronews.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 20:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25842
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:11:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jul 2025 20:00:57 GMT
statistics.js
bind.bestresulttostart.com/scripts/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bind.bestresulttostart.com/scripts/statistics.js
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.163.7.113 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm76183.vps.client-server.site
Software
nginx /
Resource Hash
f0045fac6f511f58f5aa2600ddcecc0e60bc47cda0851d856e648270b658fa61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
14956
see.js
background.apistatexperience.com/starts/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://background.apistatexperience.com/starts/see.js
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47e354111c8b6c28ccd7c3e42df20c2879bf39918fff3ff45c882f8c46512f55

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 20 Jun 2024 10:08:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
918681
etag
W/"6673ff86-7df9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dw0IEi3d7ks3dp15FXH3nUWGi4%2BWJFTOLK4L0VCKjgLyuoDn1kcrvOR%2Fj1kUM87LTeEVq7gwc7xGdlnppxGpdRzJa2%2B%2BUDRJNaCvBAeG6F6NMVFWv9n%2BzgyxpjXuv5B4U1O%2BnDkbgbbxuecWfTFNzKBoRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
89ebdfe96cbc1cb5-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
xf4mKQ
bind.bestresulttostart.com/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bind.bestresulttostart.com/xf4mKQ
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.163.7.113 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm76183.vps.client-server.site
Software
nginx /
Resource Hash
f0045fac6f511f58f5aa2600ddcecc0e60bc47cda0851d856e648270b658fa61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
14956
cdncollect
jquery.restartyourchoices.com/ 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jquery.restartyourchoices.com/cdncollect?r1=dronews.com.br
Requested by
Host: js.cdntoswitchspirit.com
URL: https://js.cdntoswitchspirit.com/source/split.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
fe30861da85d115554998af885f30fbd5ca3a91492878c88f65680353edfc683

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*, *
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5gRzSA%2BoNHj2uLozY4b0p2gxGwbky%2Fga%2BuKCTpgkEa5d0opFVHb64YWLqD3zMlerJXqTiQ5qejKO3uGgtAC4qNTKvx77vaC0d9gaI5Djqf%2FV7SPaDL7GC5hy4lNVURcf%2BY1TqNkF3L5aM0xA5OFzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
cf-ray
89ebdfe97836199b-FRA
access-control-allow-headers
X-Requested-With
expires
Sat, 06 Jul 2024 01:38:19 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/ 		425 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3583330823019854&plah=dronews.com.br&aplac=true&bust=31084927
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3583330823019854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
5ff1096fd68c12183562551a7ea93b063196d831c8880e443c7f0d3bedd9b37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146862
x-xss-protection
0
server
cafe
etag
12924060798524044809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 01:38:19 GMT
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XLJPT18C3J
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/wp-content/litespeed/js/789351b98b3fe879049ede4adfe9207a.js?ver=f3f4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5acbd4b161dbfa5ad08cf105cb6888a7a0176ddb434e5ccdd593f35dbf0aca33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104178
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 01:38:19 GMT
banner-1-optin.css
dronews.com.br/wp-content/uploads/complianz/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dronews.com.br/wp-content/uploads/complianz/css/banner-1-optin.css?v=15
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/wp-content/litespeed/js/789351b98b3fe879049ede4adfe9207a.js?ver=f3f4e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13118e2c95fbcb4ce06ff7a9454792a41c7ed82d433ccd7aa3572a22742e3e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Mar 2024 17:21:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3be3-65fdbe11-a0ed4;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6NAkx%2FU3%2FPc6wKXv5i%2FJ7B9G5stpQmWECHI77GOSSK%2FCienJN1qaXdzHWhe29unP6PIyRrj2Z02j7GF%2BMadUTwHBMIxYD2mZBxKY9G7q6W3QP5hHUUkPBKyEuYnMID8Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
89ebdfe9ccc13803-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 01:38:19 GMT
tKWSNy
starts.readytocheckline.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://starts.readytocheckline.com/tKWSNy?q=dronews.com.br
Requested by
Host: background.apistatexperience.com
URL: https://background.apistatexperience.com/starts/see.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
fefffdc83ddb8215aaaa7ac87cde85b3a18a297fb59e94f1411cfc18b6099373

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhuCA5ewmyfEVm08IW8MJ7F%2BjtGntjQtroUT%2ByD6DvXTCbSAH0aeajDbmDFJibmdHfUOe%2FijKx3br09nER7MiW2qsDkm4PScNLscirAtiOJwFY4yclXFDb27YuhiPevFV%2F9sgkjvE%2BzzzFqM3SI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
89ebdfea991165cd-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 01:38:19 GMT
rthrttu.php
cdn.rdntocdns.com/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.rdntocdns.com/rthrttu.php
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.9.149.210 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
99c8d8e412d2f42c88eb77204937bb8e92aad289d959618e507dee5dcb7bfea6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jul 2024 01:38:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
6026
DGC4PH
rest1.rdntocdns.com/ 		0
0
SZm1tX
point.readytocheckline.com/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://point.readytocheckline.com/SZm1tX
Requested by
Host: starts.readytocheckline.com
URL: https://starts.readytocheckline.com/tKWSNy?q=dronews.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eh4xhPXx%2BcFuShsMKEQM1oV3su%2B9edMpcnEoJgUNuIZZyCGzC702f59xy4M5t2uzB0qeqqTaMjXA%2FSo5IH3eTTg51yZUqEi077lrl1IORceHBo4XEUxipk6b4RSsH3ROTWMj125JmUqapZcVmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
89ebdff3be8e65cd-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jul 2024 01:38:21 GMT
rthrttu.php
cdn.rdntocdns.com/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.rdntocdns.com/rthrttu.php
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.9.149.210 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
99c8d8e412d2f42c88eb77204937bb8e92aad289d959618e507dee5dcb7bfea6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jul 2024 01:38:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
6026
rthrttu.php
cdn.rdntocdns.com/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.rdntocdns.com/rthrttu.php
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.9.149.210 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
99c8d8e412d2f42c88eb77204937bb8e92aad289d959618e507dee5dcb7bfea6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jul 2024 01:38:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
6026
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/ Frame C261 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3583330823019854&plah=dronews.com.br&aplac=true&bust=31084927
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dronews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
43873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jul 2024 13:27:08 GMT
etag
2738592464165616
expires
Fri, 19 Jul 2024 13:27:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=ht-ctc-chat&cls=ht-ctc%20ht-ctc-chat%20ctc-analytics%20ctc_wp_desktop%20style-2%20ht_ctc_animation%20no-animations&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:38:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 9492 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3583330823019854&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720229901&plat=1%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x540_r&format=0x0&url=https%3A%2F%2Fdronews.com.br%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~31_2~27_14~29_18~30_19&aiixl=32_9~31_8~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720229899752&bpp=2&bdt=589&idt=1784&shv=r20240702&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1635406928710&frm=20&pv=2&ga_vid=2036147939.1720229902&ga_sid=1720229902&ga_hid=227510747&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44798934%2C95334509%2C95334529%2C95334565%2C95334829%2C31084927%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1162447996612937&tmod=740765050&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1810
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3583330823019854&plah=dronews.com.br&aplac=true&bust=31084927
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dronews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 01:38:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XLJPT18C3J&gtm=45je4730v9178469346za200&_p=1720229899664&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2036147939.1720229902&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720229901&sct=1&seg=0&dl=https%3A%2F%2Fdronews.com.br%2F&dt=Dronews%20-%20Aqui%20voc%C3%AA%20encontra%20tudo%20sobre%20Drones%20Pulverizadores%20e%20Tecnologia%20e%20equipamentos%20Agro%20Tech!&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2877&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XLJPT18C3J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://dronews.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 01:38:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dronews.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Z5cmPh
ready.followtosfinishline.com/ 		0
0
Z5cmPh
ready.followtosfinishline.com/ 		0
0
Z5cmPh
ready.followtosfinishline.com/ 		656 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ready.followtosfinishline.com/Z5cmPh
Requested by
Host: point.readytocheckline.com
URL: https://point.readytocheckline.com/SZm1tX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dronews.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89ebdff5deda2c4f-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 01:38:21 GMT
expires
Sat, 06 Jul 2024 01:38:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHGJ4poSGg1qfcwPzCuaU%2F0Ip4CUtw%2BR%2Bl9r%2BO9%2FPSChcUVZK5MBekh7vm3pq74JGEBzeL59TdI6jzl7K5GSPT5UtwMCVBbNgxya0yJpZcU072YRity%2BJCi6GYNonWbIx9Zmbm3rXwLLIWzBHZUG5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
HRT532se
go.followtosfinishline.com/ 		650 B
693 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.followtosfinishline.com/HRT532se
Requested by
Host: ready.followtosfinishline.com
URL: https://ready.followtosfinishline.com/Z5cmPh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ready.followtosfinishline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89ebdff798472c4f-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 01:38:22 GMT
expires
Sat, 06 Jul 2024 01:38:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I78Tr2RK8n5iMfoYA7mcWApn2i79tcFRa7hGnn0LvNAqOvMiyD6y454UG14daVjOmiQHRb0wmkfJ9%2FIjI%2BW5s08KXm6qz4nOGFU8ZG%2BEDlZVm6paB8utuXkvMOSDGivHBLC5ectNRMQxe05X%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
7MjvR5
go.followtosfinishline.com/ 		237 B
637 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.followtosfinishline.com/7MjvR5
Requested by
Host: go.followtosfinishline.com
URL: https://go.followtosfinishline.com/HRT532se
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://go.followtosfinishline.com/HRT532se
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89ebdff8a9462c4f-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 01:38:22 GMT
expires
Sat, 06 Jul 2024 01:38:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPHDtgMYAW%2B4O%2FwQaxpyXi88exBZmsmUJkPNCadcOj8bnLyS%2Ff9GSQfSA6e2obcRfIrbg1GsK%2Fsl45WnBb2pENE5PVvOBfr%2B9WX3VHp%2FeyjjANFoAlpdYrKdVH%2BwTfuVnmzW0bXOJiL1jWkCDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gmzdkzdfmq5dcobygyza
bluefiretobind.com/go/ 		10 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bluefiretobind.com/go/gmzdkzdfmq5dcobygyza?sub1=clers&sub3=carlos
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac0c72f6d303691088b597ad346ea4c48d9372db9ce3cdecc0ab193223ff68be

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89ebdffadcc83829-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 01:38:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OWXzxCQp5mzZUMJtbaT10fRnRwdvmQsoJBR1a7qSy2zawnK%2BxZD%2BqM9FsRWKGJgYlCDEm%2FI353E4BKuPeTEUXOAhnyTzSXQqJSutJzl1eyR22SWgi74mBlKjGg6r27y7XsuPAk0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon.ico
bluefiretobind.com/ 		0
407 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bluefiretobind.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bluefiretobind.com/go/gmzdkzdfmq5dcobygyza?sub1=clers&sub3=carlos
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5200
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q86oEcBbFCkRdlWow5%2FOwGy5Byk0RDRDIqm4g%2BjepqmN8hCjM0wd49WEnxt3VqRheDxS%2BPMCH8eGrAvStqNj2kf%2Byv2gxvr9TvRig8gmOjMheJq19D2m1MKDAYm4seMLq31pN48%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
89ebdffe48753829-FRA
alt-svc
h3=":443"; ma=86400
Primary Request index.php
0.bluefiretobind.com/ 		10 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.bluefiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=clers&sub3=carlos
Requested by
Host: dronews.com.br
URL: https://dronews.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf4e09f43abdddbb881b3243d7d407ba26f8701cb2ee2e93e41976f734c4640

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bluefiretobind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89ebe009fa4d3829-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 01:38:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1iyk5rCdeyaUUXzZSPnAebpFuTrUtlKtfXxOuasLipcXw5U6k%2BVMuPeX4tRnbfWulP2Cq7CDooo6dnvMlmHB43ARXuH%2BhaJ8BDHDJ6mrWFqO%2BjS8RgLTHefAapGW%2F82fySnWm4NMxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
0.bluefiretobind.com/ 		0
416 B 		Other
General
Check archive.org
Download Go to
Full URL
https://0.bluefiretobind.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://0.bluefiretobind.com/index.php?p=gmzdkzdfmq5dcobygyza&sub1=clers&sub3=carlos
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 01:38:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1895
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rx3FsiF1n6mgiq%2BmfY%2FArEIwNo1lJI3%2FpXS02gCsNXvXgzIQmc27nADMo0oVYdP9WkOnKg0%2ByYUzmko0vxlmNULIi9hG3hluG%2F98y34giFTFceyC%2FfGYKz2Sp7Zz%2Fna8AsIg9O%2FKkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
89ebe00aaacd3829-FRA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rest1.rdntocdns.com
URL
https://rest1.rdntocdns.com/DGC4PH?r1=dronews.com.br
Domain
ready.followtosfinishline.com
URL
https://ready.followtosfinishline.com/Z5cmPh
Domain
ready.followtosfinishline.com
URL
https://ready.followtosfinishline.com/Z5cmPh

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| urlB64ToUint8Array

6 Cookies

Domain/Path Name / Value
dronews.com.br/ Name: cmplz_policy_id
Value: 16
dronews.com.br/ Name: cmplz_statistics
Value: allow
.dronews.com.br/ Name: _ga_XLJPT18C3J
Value: GS1.1.1720229901.1.0.1720229901.0.0.0
.dronews.com.br/ Name: _ga
Value: GA1.1.2036147939.1720229902
.bluefiretobind.com/ Name: uuid
Value: a0c0f84e-5eba-4eea-9712-915b7d642d5f
.0.bluefiretobind.com/ Name: uuid
Value: a0c0f84e-5eba-4eea-9712-915b7d642d5f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.bluefiretobind.com
background.apistatexperience.com
bind.bestresulttostart.com
bluefiretobind.com
cdn.rdntocdns.com
dronews.com.br
fonts.gstatic.com
go.followtosfinishline.com
jquery.restartyourchoices.com
js.cdntoswitchspirit.com
pagead2.googlesyndication.com
point.readytocheckline.com
ready.followtosfinishline.com
region1.google-analytics.com
rest1.rdntocdns.com
starts.readytocheckline.com
www.googletagmanager.com
ready.followtosfinishline.com
rest1.rdntocdns.com
172.67.152.244
172.67.172.18
172.67.192.6
172.67.206.124
172.67.209.227
188.114.96.3
193.163.7.113
2001:4860:4802:32::36
216.58.206.34
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2008
45.9.149.210
03b92ab0f87dd4934b1ba677082c26a0e8eb7fe2e308c3f369a9546e562221d3
0dd2ea6dab356ce9301e7efb2dc064517cc08292e23a0a6c6fe881b04defd558
11f6adc8420c076b1f26873f0f5e17813dd01a59b3ad45930f5b33a839db765c
1494699bba8d17dab8ff58a2912ef07896eabe6de57e6602b5a575affbe95202
17b767f85a14d9d6e5ec49c39498113f8453bbcf4abf90153034a0704f20faa0
197aa901d1d24cfb27bc66ad06164487f59f68cded9acf56b2289922936c5f1b
1b360a6f60eec9de7258186ddb546f22b6ad064cc5997fea635b8feb32072f60
2909117400dcc95f99cbcc62930bce751a820266f346a6e676aa573f71e922c0
35214613a346ccc1c80f823dddc8afd3830727828ae1f075fcf0be89dfa4be74
39150455bcd9d2ceec6b4c50aa037be949227eef7ee9c5406f4179b69e252fce
397fd7354ae21616d8f9f710c0f06a3c19bb24ac6491041629c00f0487353388
3c00129122802888e9fd70af54be5704bc8ef7b631ba20096b6d4be8cee7706f
3c76000fe3a0be63156e6baca2565608fe2fa4f981e02cbbdef3ccf2f9ccd51a
3eed0e804f042e5e1c2027002302df094ffd833880d55d9bd7b1164d2aa47d5f
47e354111c8b6c28ccd7c3e42df20c2879bf39918fff3ff45c882f8c46512f55
5160d0bdfc4e94134f4d9bf52c28344b9d885aa38fdf17924c14e79230e789ac
580339a5023d14e35e629e1ab91af56a7fbde7b1a3bc68d100caaf055d4bae7a
5acbd4b161dbfa5ad08cf105cb6888a7a0176ddb434e5ccdd593f35dbf0aca33
5b5ebb7b001ee9db0ec562fb9e0324e04c0bb75c2c0456131906cff29ce96cfc
5ff1096fd68c12183562551a7ea93b063196d831c8880e443c7f0d3bedd9b37b
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
7e084c571b35fee4cb905a5ff524933add24aec09b974ead209f17efcfa357dd
922dc9ef63f75ada4d0656863e3e52bf6fa5c67a1b6bd5bbf331567bae19c4b1
99c8d8e412d2f42c88eb77204937bb8e92aad289d959618e507dee5dcb7bfea6
9f9340dd5c2c995cee2b5739c8f7441f066e46bd28365468874915ccd6c18985
a4ef74e558a3c588222b02270e9d47f1152b38a399d1f357f9dce36f4bf2a517
ac0c72f6d303691088b597ad346ea4c48d9372db9ce3cdecc0ab193223ff68be
aeebb05a48f9c1345febfcb4344948394502d6fde9fa9828dc36460f4c28085c
b3596a59a851ddd0cc4d04d008ca35e42ad54c7d946ccac1810aa40caeb98f9e
b6a9b68e9b97b74a37f666220820afd77d3a80a50241dbd9118cf768b55a3c86
bc6c0d11444b2045907172c4626b39a00160e2af97cf0c8f0c77111018e27c1b
bcf4e09f43abdddbb881b3243d7d407ba26f8701cb2ee2e93e41976f734c4640
be71b90ade22d4f290da34f81e48703efeb814e83444e5a399b8820e76f6317b
bf5f31179c7fb59b414083f34ecbcefd303a88549db2db9512ce10d4936b565d
c13118e2c95fbcb4ce06ff7a9454792a41c7ed82d433ccd7aa3572a22742e3e1
c9b1f4ba8f5605d023f3a55e85945b294b85dcfcb35dbc1109fa9bcc1ed9e0d4
d36a2ddcf87a1461d630e493f1f23427f8fb666d6456f9f30813dc1014d88ac1
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c
dd824ca47370640d99212636ddd97cbe07c530e398ee7806fef090abbdb8b433
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7571acec28a82364e641aaf589494a666afcfeb4ec8bd6b8ee5767729dc2160
ef5d80234fe3be41ccf54dd7b3758b8492718d6bebcc04de1de7117383ee13ae
f0045fac6f511f58f5aa2600ddcecc0e60bc47cda0851d856e648270b658fa61
f45a8b4842d523fa15f7f6cd70bf340a958e8563ec00cc517d08111153726d85
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e
fe30861da85d115554998af885f30fbd5ca3a91492878c88f65680353edfc683
fefffdc83ddb8215aaaa7ac87cde85b3a18a297fb59e94f1411cfc18b6099373