www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:20eb:2800:6:45ad:3580:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gazetadopovo.com.br.mcas.ms/
Effective URL:
https://www.gazetadopovo.com.br/
Submission Tags: krdprod
Submission: On May 14 via api (May 14th 2021, 9:20:31 pm UTC) from JP

Summary HTTP 559 Redirects Links 90 Behaviour Indicators

Summary

This website contacted 83 IPs in 9 countries across 62 domains to perform 559 HTTP transactions. The main IP is 2600:9000:20eb:2800:6:45ad:3580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.

This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	40.81.121.140 40.81.121.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2600:9000:20e... 2600:9000:20eb:2800:6:45ad:3580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:415	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a7::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
41	2600:9000:215... 2600:9000:2156:800:1f:3000:7b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:3a00:1b:3b3:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.216.200.118 52.216.200.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
6	2600:9000:206... 2600:9000:206e:5e00:12:af17:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.217.195.96 52.217.195.96	16509 (AMAZON-02) (AMAZON-02)
95	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.95.81 13.224.95.81	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 8	99.86.242.79 99.86.242.79	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.101.168 143.204.101.168	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	178.63.13.144 178.63.13.144	24940 (HETZNER-AS) (HETZNER-AS)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.6.61 13.32.6.61	16509 (AMAZON-02) (AMAZON-02)
39	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	13.224.193.58 13.224.193.58	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2600:9000:20e... 2600:9000:20eb:e000:16:bc5f:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.6.78 13.32.6.78	16509 (AMAZON-02) (AMAZON-02)
9	13.225.74.20 13.225.74.20	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211a:e00:4:5c96:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:211... 2600:9000:211a:b400:13:9bf5:7100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:ac00:1d:7626:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
67	2600:9000:21f... 2600:9000:21f3:3c00:8:7f48:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:20e... 2600:9000:20eb:a400:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.94.201.92 54.94.201.92	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20eb:3000:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
22	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	2804:49c:3403... 2804:49c:3403:2676:ffff:ffff:ffff:6	7162 (Universo ...) (Universo Online S.A.)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:50	15201 (Universo ...) (Universo Online S.A.)
1	2804:49c:3104... 2804:49c:3104:401:ffff:ffff:ffff:34	15201 (Universo ...) (Universo Online S.A.)
6	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	200.147.166.107 200.147.166.107	7162 (Universo ...) (Universo Online S.A.)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 1	52.214.209.198 52.214.209.198	16509 (AMAZON-02) (AMAZON-02)
1	54.76.195.29 54.76.195.29	16509 (AMAZON-02) (AMAZON-02)
10	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 27	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1 2	34.246.133.154 34.246.133.154	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	213.254.244.13 213.254.244.13	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	104.111.237.88 104.111.237.88	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	13.224.95.11 13.224.95.11	16509 (AMAZON-02) (AMAZON-02)
2 2	18.184.153.186 18.184.153.186	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3	213.254.244.23 213.254.244.23	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:44::b	15169 (GOOGLE) (GOOGLE)
8	213.254.244.24 213.254.244.24	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
2 2	213.155.156.167 213.155.156.167	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
559	83

1 40.81.121.140 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.gazetadopovo.com.br.mcas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:20eb:2800:6:45ad:3580:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:415 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a7::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2600:9000:2156:800:1f:3000:7b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3a00:1b:3b3:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

multimidia.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.200.118 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

gdp-prd-data.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206e:5e00:12:af17:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.195.96 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

95 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-81.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.242.79 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-242-79.vie50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-168.fra50.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.13.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de717.cxense.com

scomcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.6.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-61.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-58.fra2.r.cloudfront.net

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e000:16:bc5f:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

infograficos.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.6.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-78.vie50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.225.74.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-20.fra2.r.cloudfront.net

events-api.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211a:e00:4:5c96:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

comments.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:211a:b400:13:9bf5:7100:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.semprefamilia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:ac00:1d:7626:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.umdoisesportes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 2600:9000:21f3:3c00:8:7f48:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

json.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.94.201.92 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-201-92.sa-east-1.compute.amazonaws.com

apps.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:3000:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2804:49c:3403:2676:ffff:ffff:ffff:6 (Brazil)

ASN7162 (Universo Online S.A., BR)

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:50 (Brazil)

ASN15201 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3104:401:ffff:ffff:ffff:34 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.147.166.107 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 200-147-166-107.tlm.acessobol.com.br

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.209.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.195.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.185.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.178 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.133.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-133-154.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Bruggen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.13 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.199 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.237.88 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.14 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.95.11 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-11.zrh50.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.153.186 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-153-186.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.23 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps20518.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:44::b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5edne7.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.254.244.24 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20235.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20240.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
147	gazetadopovo.com.br www.gazetadopovo.com.br media.gazetadopovo.com.br multimidia.gazetadopovo.com.br assets.gazetadopovo.com.br infograficos.gazetadopovo.com.br events-api.gazetadopovo.com.br comments.gazetadopovo.com.br json.gazetadopovo.com.br apps.gazetadopovo.com.br Failed	4 MB
97	google-analytics.com www.google-analytics.com	79 KB
63	doubleclick.net 8 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net	272 KB
55	googlesyndication.com pagead2.googlesyndication.com cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com tpc.googlesyndication.com	241 KB
24	google.com news.google.com www.google.com play.google.com adservice.google.com	68 KB
22	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20518.doubleverify.com tps.doubleverify.com tps20235.doubleverify.com tps20240.doubleverify.com	225 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	272 KB
14	2mdn.net s0.2mdn.net	334 KB
11	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com api-v3.tinypass.com	286 KB
10	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	98 KB
8	scorecardresearch.com 3 redirects sb.scorecardresearch.com	8 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com	7 KB
7	semprefamilia.com.br www.semprefamilia.com.br	104 KB
7	google.de www.google.de adservice.google.de	1 KB
6	googletagservices.com www.googletagservices.com	153 KB
6	tailtarget.com tt-10162-1.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	3 KB
5	dynad.net t.dynad.net s.dynad.net	53 KB
4	gvt1.com 1 redirects redirector.gvt1.com r5---sn-4g5edne7.gvt1.com	3 MB
4	lijit.com 4 redirects ap.lijit.com	3 KB
4	uol.com.br tm.uol.com.br tracker.bt.uol.com.br	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	amazonaws.com gdp-prd-data.s3.us-east-1.amazonaws.com s3.amazonaws.com 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	351 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	304 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	3 KB
3	openx.net 2 redirects us-u.openx.net	828 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	facebook.com www.facebook.com	639 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	de17a.com 2 redirects d5p.de17a.com	722 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	937 B
2	smaato.net 2 redirects s.ad.smaato.net	1 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	demdex.net 1 redirects skydeutschland.demdex.net	2 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com	465 B
2	umdoisesportes.com.br www.umdoisesportes.com.br	1 KB
2	facebook.net connect.facebook.net	96 KB
2	cxense.com scdn.cxense.com scomcluster.cxense.com	28 KB
2	privacytools.com.br cdn.privacytools.com.br	22 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	463 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	477 B
1	adsrvr.org match.adsrvr.org	265 B
1	quantserve.com cms.quantserve.com	463 B
1	mathtag.com 1 redirects sync.mathtag.com	817 B
1	cloudflare.com cdnjs.cloudflare.com	22 KB
1	exactag.com m.exactag.com	1 KB
1	twitter.com analytics.twitter.com	658 B
1	t.co t.co	454 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudfront.net d335luupugsy2.cloudfront.net	402 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	navdmp.com tag.navdmp.com	3 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
1	jquery.com code.jquery.com	30 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	mcas.ms www.gazetadopovo.com.br.mcas.ms	841 B
0	netmng.com Failed google2waycm.netmng.com Failed
0	Failed function sub() { [native code] }. Failed
559	62

	Domain	Requested by
97	www.google-analytics.com	www.gazetadopovo.com.br www.google-analytics.com me.jsuol.com.br
67	json.gazetadopovo.com.br	www.gazetadopovo.com.br
41	media.gazetadopovo.com.br	www.gazetadopovo.com.br buy.tinypass.com
33	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com googleads.g.doubleclick.net srcdoc s0.2mdn.net www.googletagservices.com ad.doubleclick.net
27	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
19	www.gazetadopovo.com.br	www.gazetadopovo.com.br
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net ad.doubleclick.net
14	s0.2mdn.net	www.gazetadopovo.com.br.mcas.ms imasdk.googleapis.com s0.2mdn.net cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
10	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net
9	cdn.doubleverify.com	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com cdn.doubleverify.com www.gazetadopovo.com.br.mcas.ms ad.doubleclick.net
9	tm.jsuol.com.br	www.gazetadopovo.com.br tm.jsuol.com.br tm.uol.com.br www.gazetadopovo.com.br.mcas.ms
9	events-api.gazetadopovo.com.br	www.gazetadopovo.com.br gdp-prd-data.s3.us-east-1.amazonaws.com
8	googleads.g.doubleclick.net	www.googleadservices.com cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com www.gazetadopovo.com.br.mcas.ms
8	www.google.com	www.gazetadopovo.com.br cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
8	sb.scorecardresearch.com	3 redirects www.gazetadopovo.com.br.mcas.ms www.gazetadopovo.com.br
8	fonts.gstatic.com	fonts.googleapis.com news.google.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	www.semprefamilia.com.br	www.gazetadopovo.com.br
7	play.google.com	www.gstatic.com
7	news.google.com	www.gazetadopovo.com.br news.google.com www.gstatic.com
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	googleads4.g.doubleclick.net	www.gazetadopovo.com.br.mcas.ms googleads.g.doubleclick.net ad.doubleclick.net
6	www.googletagservices.com	securepubads.g.doubleclick.net cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
6	www.gstatic.com	news.google.com www.gstatic.com
6	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
6	www.google.de	www.gazetadopovo.com.br
6	assets.gazetadopovo.com.br	www.gazetadopovo.com.br
5	stats.g.doubleclick.net	www.google-analytics.com
4	ap.lijit.com	4 redirects
4	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	tps20240.doubleverify.com	cdn.doubleverify.com
3	tps20235.doubleverify.com	cdn.doubleverify.com
3	r5---sn-4g5edne7.gvt1.com
3	csi.gstatic.com	imasdk.googleapis.com
3	tps20518.doubleverify.com	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	t.dynad.net	www.gazetadopovo.com.br.mcas.ms
3	tm.uol.com.br	tm.jsuol.com.br www.gazetadopovo.com.br.mcas.ms
3	www.facebook.com	www.gazetadopovo.com.br connect.facebook.net
3	experience.tinypass.com	www.gazetadopovo.com.br cdn.tinypass.com
3	mcasproxy.azureedge.net	www.gazetadopovo.com.br.mcas.ms mcasproxy.azureedge.net
2	d5p.de17a.com	2 redirects
2	c1.adform.net	2 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	tracking.m6r.eu	2 redirects
2	skydeutschland.demdex.net	1 redirects cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
2	imasdk.googleapis.com	s.dynad.net imasdk.googleapis.com
2	s.dynad.net	t.dynad.net
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	b.t.tailtarget.com	tm.jsuol.com.br
2	www.umdoisesportes.com.br	www.gazetadopovo.com.br
2	comments.gazetadopovo.com.br	www.gazetadopovo.com.br
2	3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	gdp-prd-data.s3.us-east-1.amazonaws.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	www.gazetadopovo.com.br.mcas.ms connect.facebook.net
2	cdn.privacytools.com.br	www.gazetadopovo.com.br
2	fonts.googleapis.com	www.gazetadopovo.com.br buy.tinypass.com
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
1	cms.quantserve.com	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	sync.mathtag.com	1 redirects
1	r.turn.com	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	cdnjs.cloudflare.com	s0.2mdn.net
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	m.exactag.com	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
1	static.adsafeprotected.com	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	t.tailtarget.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	tracker.bt.uol.com.br	www.gazetadopovo.com.br.mcas.ms
1	me.jsuol.com.br	tm.jsuol.com.br
1	apps.gazetadopovo.com.br	www.gazetadopovo.com.br code.jquery.com
1	api-v3.tinypass.com	cdn.tinypass.com
1	vars.hotjar.com	static.hotjar.com
1	infograficos.gazetadopovo.com.br	code.jquery.com
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	www.gazetadopovo.com.br
1	script.hotjar.com	static.hotjar.com
1	cdn.tinypass.com	experience.tinypass.com
1	px4.ads.linkedin.com	www.gazetadopovo.com.br
1	www.linkedin.com	1 redirects
1	scomcluster.cxense.com	www.gazetadopovo.com.br
1	static.ads-twitter.com	www.gazetadopovo.com.br.mcas.ms
1	d335luupugsy2.cloudfront.net	www.gazetadopovo.com.br.mcas.ms
1	snap.licdn.com	www.gazetadopovo.com.br.mcas.ms
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	s3.amazonaws.com	code.jquery.com
1	tag.navdmp.com	www.gazetadopovo.com.br
1	www.googletagmanager.com	www.gazetadopovo.com.br
1	gdp-prd-data.s3.us-east-1.amazonaws.com	www.gazetadopovo.com.br
1	multimidia.gazetadopovo.com.br	www.gazetadopovo.com.br
1	scdn.cxense.com	www.gazetadopovo.com.br
1	code.jquery.com	www.gazetadopovo.com.br
1	cdn.onesignal.com	www.gazetadopovo.com.br
1	www.gazetadopovo.com.br.mcas.ms
0	google2waycm.netmng.com Failed	cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
0	json.gazetadopovo.com.brhttps Failed	www.gazetadopovo.com.br
559	110

This site contains links to these domains. Also see Links.

Domain
assinaturas.gazetadopovo.com.br
conta.gazetadopovo.com.br
clube.gazetadopovo.com.br
especiais.gazetadopovo.com.br
www.semprefamilia.com.br
www.umdoisesportes.com.br
pt-br.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
gazetadopovojornais.com.br
www.grpcom.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 02	`2021-05-12` - `2022-05-07`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.gazetadopovo.com.br Amazon	`2020-12-23` - `2022-01-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-04-09` - `2022-05-08`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
semprefamilia.com.br Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
*.jsuol.com.br Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
*.umdoisesportes.com.br Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh
*.uol.com.br Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-04-27` - `2021-07-06`	2 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh

This page contains 34 frames:

Primary Page: https://www.gazetadopovo.com.br/
Frame ID: 82E54D8E3076310B320F39400E548178
Requests: 359 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Frame ID: 613EE74FDA17F0C415DAB710EF614332
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450285
Frame ID: C4A2C9FC2FAEB7876425081AE2B7B346
Requests: 14 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 363C7DB15F103ECE47102EB4083978B0
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Frame ID: 1FFE84055647CEF76B6D4DD2E1EB3FC9
Requests: 10 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 7995270A481A98DEB222E4C86B72CF07
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 6BE403897C017582A210FD5CC1D6F7D9
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: 5AD004E77E54C892DDD63586DE39E913
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2A7DCD48BBD8ECD687A48E638B164A8D
Requests: 2 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: CB5652602A36C2DDD66722AC69632976
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: 7566D2DC31BFA7251755910159B9B055
Requests: 10 HTTP requests in this frame

Frame: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 07D9D19C36EFB594E45539056DB16963
Requests: 18 HTTP requests in this frame

Frame: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B2AE478852E813D1D8648BB09B8D071
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKeYyqABMAE&v=APEucNXet-A-J4CawDCmEpmvSM5VlSDuVavA1UDfqYMCdP0XDB34qma_Z5_fQyuUpLt5RYT7-qn3fEmp_9PK6Fqzr5VS9GRqWVAYE2lLFD6n7A9zdwbg1nXJYoF2KHymmTVHq12FcDqy9p53pV4-FfgfVSvtjRU8qH9ph0OclIcUfRTEMZXUD_RYjMUTWeuUxPzpkuuQDVei-KsVfBc0Wdp7-MSMxf3_CQ
Frame ID: 65C1BD20403DBD4C5520438EECBF3538
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGhoipATAB&v=APEucNVDRUc0y_wmJCQLn9KWix_SRQi72pAUyOvr4G7ZqInVdMVXlBV26DiBF-rvZVK1IG7ykTiUAOh3m9SWFD8b0dAjMuprVTOgh0MwS2lQEUslzgoLGYPbzcle-VOd23NgplqQJfSlPIEAB8bjnkMyd8sHF_MKm331U-kQCBM2DxiW2n8borBkusnUC1YYy9tDCcYwOfYBsPPzMiAbmqWRrCC6S2q2FQ
Frame ID: 1730B8E73F45EFC444DD83BEE8BCDC3A
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Frame ID: 6656B55970361E1A2BFC7FF7601DF0D2
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 27DBED4F332D5228ED484BC82DCE7970
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 61474AE6D0BF860E09A0148B194A71FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E810346A0E61EDA43C56E719721A910
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2
Frame ID: D05CF39E5B9F9178BFEED6157CCC257A
Requests: 10 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 9A4C60136DAE8FB45AC5FD1E44401B27
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 3515F08037093C879858DDDD1834FD00
Requests: 1 HTTP requests in this frame

Frame: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B574A1C7832195130DAD3202F7EC8FF3
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC272935F2B01A57D2A3301AB648CB25
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhjtyMueATAB&v=APEucNVYesqu9XVYMoHOcbK-MjA2mku0apR_ohmJuRmShBoSIskrhWn2p-iF59C4D0PBZxYKhdJAI4rQYBPm_BtYu8IvFA8Lc1TXdzvPL54WFoh4QerMsZwP9rZx0Xdr0LLusDn5nYrpdQOyGcvtnlZjVY4ZsZeyGK8bg-EzCIevSKGT3QNECbzJoDtdok5z6VuBGYp-WePjXHwDiW2PZQQlrP0YLnjWtA
Frame ID: D6FB7CC2A62BC0F9C4ECF0F6922864F1
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 60119B25EDF56A94C52D606929F799B3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C17E3C75A28CCAFBCDA947FD519E5F4C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js
Frame ID: A0A110BAC914B94CB0C667AE9D64F4E4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1344.js
Frame ID: 649E693417B08BD056A834DA3F007F77
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63060F1D97A39CD37D212E703AAD853A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1344.js
Frame ID: DF0A68F42ED61098973AAEFCBFFCD1A9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 640EE5AA5327C9EB8E242801C920B8B9
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: 2B8C5AAFEFB5B8F10F9C22D368CB27D5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: 2C98C44798D25816B06D08186C6AD906
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.gazetadopovo.com.br.mcas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

559
Requests

98 %
HTTPS

56 %
IPv6

62
Domains

110
Subdomains

83
IPs

9
Countries

9997 kB
Transfer

20170 kB
Size

17
Cookies

90 Outgoing links

These are links going to different origins than the main page.

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta-mobile
Title: Assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta
Title: assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/login?referrer=https://www.gazetadopovo.com.br/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar/
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/
Title: Clube Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/painel-das-privatizacoes/?ref=explore
Title: Privatizações

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/reforma-tributaria/?ref=explore
Title: Reforma tributária

Search URL Search Domain Scan URL

URL: http://especiais.gazetadopovo.com.br/por-dentro-do-vale/?ref=explore
Title: Startups

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/?ref=explore
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/?ref=explore
Title: Saúde

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/?ref=explore
Title: Virtudes e Valores

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/educacao-dos-filhos/?ref=explore
Title: Educação dos filhos

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/previsao-do-tempo/?ref=explore
Title: Previsão do Tempo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/filmes/?ref=explore
Title: Cinema

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/?ref=explore
Title: UmDois Esportes

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/?ref=explore
Title: Athletico

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/?ref=explore
Title: Coritiba

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/?ref=explore
Title: Paraná Clube

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/cartoleiros/?ref=explore
Title: Cartoleiros

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/?ref=explore
Title: Mauro Cezar Pereira

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/?ref=explore
Title: Augusto Mafuz

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/?ref=explore
Title: Carneiro Neto

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/?ref=explore
Title: André Barcinski

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-pugliesi/?ref=explore
Title: André Pugliesi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/jones-rossi/?ref=explore
Title: Jones Rossi

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-campeonato-brasileiro-2020/?ref=explore
Title: Brasileirão Série A

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-campeonato-brasileiro-2020-serie-b/?ref=explore
Title: Brasileirão Série B

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-libertadores-2020/?ref=explore
Title: Libertadores

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/premium/?ref=explore
Title: Conheça o Premium

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/presidios-privados-no-brasil/?ref=explore
Title: Presídios Privados

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/?ref=explore
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/pesquisas-de-aprovacao/?ref=explore
Title: Pesquisas de aprovação

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/?ref=explore
Title: 100 Anos da Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/loterias/?ref=explore
Title: Loterias

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/?ref=explore
Title: Todos os especiais

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/dentro-da-lei/?ref=explore
Title: Dentro da Lei

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes-editoriais-gazeta-povo-resumo/?ref=explore
Title: Em Resumo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes/?ref=explore
Title: Em Vídeo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/noticias/?ref=explore
Title: Notícias do Clube

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/parceiros/?ref=explore
Title: Descontos do Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/cartao-virtual/?ref=explore
Title: Aplicativo Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro?ref=explore
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/minha-assinatura?ref=explore
Title: Minha Assinatura

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/?ref=explore
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://twitter.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gazeta-do-povo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao?key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJIT01FIn0.eBdJ9L4FA-1dhQuhebhUznQfSM278NGQRO7K0Pr2iiY
Title:

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao#lavajato
Title: LINHA DO TEMPOOs números, os desvios éticos e de conduta que querem apagar da sua memória

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao?key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJIT01FIn0.eBdJ9L4FA-1dhQuhebhUznQfSM278NGQRO7K0Pr2iiY#podcasts
Title: PODCASTA história da operação Lava Jato, seus principais trunfos e a campanha de desconstrução em áudio

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao#kit
Title: KIT ANTICORRUPÇÃOReceba nossa newsletter e ganhe figurinhas de WhatsApp para compartilhamento

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-vozes-na-gazeta
Title: Leia mais. Assine agora!

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/mortes-de-gravidas-ate-maio-de-2021-supera-todo-o-ano-de-2020/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/mortes-de-gravidas-ate-maio-de-2021-supera-todo-o-ano-de-2020/#comentarios
Title: 1

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/numeros/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/parana/?utm_source=gazeta-do-povo&utm_medium=componente-home2&utm_campaign=coronavirus
Title: Veja a média móvel atualizada

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/campeonatos/paranaense/fc-cascavel-pede-efeito-suspensivo-no-stjd-e-estadual-corre-risco-de-paralisacao/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/campeonatos/paranaense/fc-cascavel-pede-efeito-suspensivo-no-stjd-e-estadual-corre-risco-de-paralisacao/#comentarios

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/campeonatos/paranaense/paranaense-suspensao-cascavel-cr-mata-mata/
Title: Suspensão do Cascavel CR mexe com a briga pelo mata-mata. Entenda

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/rio-branco-x-coritiba-coxa-tem-volta-de-titulares-na-escalacao/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/rio-branco-x-coritiba-coxa-tem-volta-de-titulares-na-escalacao/#comentarios

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/coritiba-r-4-milhoes-matheus-cunha/
Title: Coritiba pode lucrar quase R$ 4 milhões com ida de revelação para a Inglaterra

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/escalacoes-parana-operario-desfalques-times/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/escalacoes-parana-operario-desfalques-times/#comentarios

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/carneiro-neto-chegou-a-hora-de-o-athletico-mostrar-sua-cara/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/carneiro-neto-chegou-a-hora-de-o-athletico-mostrar-sua-cara/#comentarios
Title: 3

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/aucas-vence-e-segura-o-melgar-no-grupo-do-athletico-torcedores/
Title: Sul-Americana: Aucas vence e “segura” o Melgar no grupo do Athletico

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/futebol/selecao-convocacao-ao-vivo-acompanhe/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/futebol/selecao-convocacao-ao-vivo-acompanhe/#comentarios
Title: 5

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/futebol/jardine-convoca-abner-do-athletico-para-a-selecao-olimpica-veja-lista/
Title: Veja os nomes convocados para a seleção olímpica

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/casamento-e-compromisso/comunicacao-assertiva-dentro-do-casamento-como-falar-e-ser-realmente-ouvido-pelo-outro/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/casamento-e-compromisso/comunicacao-assertiva-dentro-do-casamento-como-falar-e-ser-realmente-ouvido-pelo-outro/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/perfil-genetico-torna-paciente-mais-suscetivel-a-covid-19-diz-estudo/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/perfil-genetico-torna-paciente-mais-suscetivel-a-covid-19-diz-estudo/#comentarios
Title: 2

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/refluxo-e-fator-para-maior-probabilidade-de-cancer-de-esofago/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/refluxo-e-fator-para-maior-probabilidade-de-cancer-de-esofago/#comentarios

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/por-que-assinar/
Title: Conheça a Gazeta

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-rodape-gazeta
Title: Assine

Search URL Search Domain Scan URL

URL: http://gazetadopovojornais.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: http://www.grpcom.com.br/junte-se-a-nos/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: http://www.umdoisesportes.com.br/
Title: UmDois Esportes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gazetadopovo.com.br.mcas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621027213577&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1621027213577%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621027213577&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621027213577&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQJme86hf2bsCQAAAXlswFOO8wJN-3fSCRLVGqkyVIraWAaYGMeCI5LL7XW8nLRlBaRWqsi4

Request Chain 72

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621027213720&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621027213720&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F

Request Chain 285

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 399

https://pixel.adsafeprotected.com/rfw/st/663882/53780618/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 413

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHpVFO5gyKo_E0hi-3n6ReE&google_cver=1

Request Chain 414

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJ7pknOlCylwzk2IydeRkgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNGF5KYMKcyRWt6G5yBM0s&google_cver=1

Request Chain 416

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBh182s6-CO0u7_XU6HHiL4&google_cver=1

Request Chain 417

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3Njg2ODg2ODM2NjgxNzI5

Request Chain 418

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGq5LZdQOG8-RSTwp-O9zew&google_cver=1

Request Chain 419

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGUzNzBkYTYtNmVlNS0yMDJmLWY3N2ItYzhlZDY1OTJmZGRl

Request Chain 440

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961468&d_placement=298885926&d_campaign=25616010&d_bust=3932658238&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961468&d_placement=298885926&d_campaign=25616010&d_bust=3932658238&gdpr=&gdpr_consent=

Request Chain 450

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEFTRl1XzBMLWEjcZIJThSA&google_cver=1&google_push=AQvitULxN5c5my4a9HVkYzFLQdniF26ZEc-9F6V4w7Z_CM63cMK97WNn7wZyJP1mQW0m5uAgoKqzHHNxFGo9YYSz50bczreF05We HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzIxOTYyNzkwMjgyNjg0NTA2MA== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOBBgf43Q-m0pWYcmM7zZ0E&google_cver=1

Request Chain 451

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOkzHiotjE1D-yiGTFH1biY&google_cver=1&google_push=AQvitUIG9lt21EAhAosjp-VXo5t2dVwmLb1no0xhvgjvBWHv5Ak5qDFG81Ddv5UIhWcYA5cogjfgpH6qeX5optIYVDcuN9NCSL1I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIG9lt21EAhAosjp-VXo5t2dVwmLb1no0xhvgjvBWHv5Ak5qDFG81Ddv5UIhWcYA5cogjfgpH6qeX5optIYVDcuN9NCSL1I

Request Chain 452

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECquoKirtCEEEH-o-4dbkis&google_cver=1&google_push=AQvitULC8yXUaeK4INCbb5K3E_qNyzL_spD2f75k-cd9gsthpq4yDh9qZKKg82yVV5mq4TEr9oJ5XlD-LAVONu--KzvPVhfd8nHu HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECquoKirtCEEEH-o-4dbkis&google_cver=1&google_push=AQvitULC8yXUaeK4INCbb5K3E_qNyzL_spD2f75k-cd9gsthpq4yDh9qZKKg82yVV5mq4TEr9oJ5XlD-LAVONu--KzvPVhfd8nHu&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=YA4SXoe4CxPO2Jsh_q_e0A&google_push=AQvitULC8yXUaeK4INCbb5K3E_qNyzL_spD2f75k-cd9gsthpq4yDh9qZKKg82yVV5mq4TEr9oJ5XlD-LAVONu--KzvPVhfd8nHu

Request Chain 454

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEF4-2Mbri5zY850df_5N82o&google_cver=1&google_push=AQvitULQpnim4zGwCDT3tAaVBl2VjOBUBClKDYrEMl2VqyhFI25OPylEAyZSib6yaL_S8LnNSIRQVfaXbXMdJ_VrWg7kBzwrfQJD HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEF4-2Mbri5zY850df_5N82o&google_cver=1&google_push=AQvitULQpnim4zGwCDT3tAaVBl2VjOBUBClKDYrEMl2VqyhFI25OPylEAyZSib6yaL_S8LnNSIRQVfaXbXMdJ_VrWg7kBzwrfQJD&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULQpnim4zGwCDT3tAaVBl2VjOBUBClKDYrEMl2VqyhFI25OPylEAyZSib6yaL_S8LnNSIRQVfaXbXMdJ_VrWg7kBzwrfQJD&google_hm=593bb66a72bfc26215e5256e

Request Chain 455

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAAa3V2yFYJHuCsjHmasiL8&google_cver=1&google_push=AQvitUIsGI-WCsbjhOcNr7OHMLP5phWoHsduSDpJYXNptV2WMFbfFJuZxh4ZUWAE3Hr-O8pwLy-9bXRjLUay8Wo6prmoRkxhFj7L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=dc00199a9381413ebfc1&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUIsGI-WCsbjhOcNr7OHMLP5phWoHsduSDpJYXNptV2WMFbfFJuZxh4ZUWAE3Hr-O8pwLy-9bXRjLUay8Wo6prmoRkxhFj7L

Request Chain 456

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBdhcrU7aNhLLrkYhVlhlPM&google_cver=1&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5OoORGiAJxYF6qOl0ehpe8pSTd25ZB1wek20D8bs0ZIQdzUKg HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBdhcrU7aNhLLrkYhVlhlPM&google_cver=1&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5OoORGiAJxYF6qOl0ehpe8pSTd25ZB1wek20D8bs0ZIQdzUKg&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBdhcrU7aNhLLrkYhVlhlPM&google_cver=1&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5OoORGiAJxYF6qOl0ehpe8pSTd25ZB1wek20D8bs0ZIQdzUKg&apid=UP2f27e75b-b4fa-11eb-bbda-0645ce603508 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBdhcrU7aNhLLrkYhVlhlPM&google_cver=1&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5OoORGiAJxYF6qOl0ehpe8pSTd25ZB1wek20D8bs0ZIQdzUKg&apid=UP2f27e75b-b4fa-11eb-bbda-0645ce603508&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyZjI3ZTc1Yi1iNGZhLTExZWItYmJkYS0wNjQ1Y2U2MDM1MDg%3D&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5OoORGiAJxYF6qOl0ehpe8pSTd25ZB1wek20D8bs0ZIQdzUKg

Request Chain 477

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNGF5KYMKcyRWt6G5yBM0s&google_cver=1

Request Chain 478

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJ7pknOlCylwzk2IydeRkgAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YJ7pknOlCylwzk2IydeRkgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO0jgyA6tIZD1bsaF8HdLqc&google_cver=1

Request Chain 495

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN6fWEkT4VBlVVmVBrHOQR4&google_cver=1&google_push=AQvitUImPmo4zQpu4qnGWRDd3Zj2ai6FIQ235uwH7nD1OzsQpc6tvPIR0yclu-JLi8RuIl2475bHjBtEcQObTKFwfpuWv6Xn4a8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUImPmo4zQpu4qnGWRDd3Zj2ai6FIQ235uwH7nD1OzsQpc6tvPIR0yclu-JLi8RuIl2475bHjBtEcQObTKFwfpuWv6Xn4a8&google_hm=PW6vMyhERg6Q1fCL_n--F5c

Request Chain 496

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_cver=1&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1

Request Chain 497

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHst_n3EINxzo162YLeo7aM&google_cver=1&google_push=AQvitUKOGzNcgstUr__Os12yrpdDsKzel9XvSVbGf9mS5LdQrD44aWUMnA8-JR0HTBmNUfGVVwmFxQZw6v3RxpC5z614AkhucPop HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=5d62d22074ecb5efd682&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUKOGzNcgstUr__Os12yrpdDsKzel9XvSVbGf9mS5LdQrD44aWUMnA8-JR0HTBmNUfGVVwmFxQZw6v3RxpC5z614AkhucPop

Request Chain 506

https://redirector.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/9E25D3176F0CD91104485CCCF795150355593038.8BB4FCCCA1CE5C5FAB94A01C075DC135B23F8C51/key/ck2/file/file.webm HTTP 302
https://r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/45C25C425DC14506A1A9FD3C6B679A2D27951946.7067290FEA67B142E0E64C56CC7E754D9F268756/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5edne7/ms/nvh/mt/1621026938/mv/u/mvi/5/pl/47/file/file.webm

Request Chain 514

https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621027220139&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621027220139 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621027220139&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621027220139

Request Chain 535

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJEvJBYuZWK6izZw8dqrNdQ&google_cver=1&google_push=AQvitUIr8_9PZ87QHCrBsc32dYem-aGziukgDhXUbCQs1Qq38xiszNidJ-15JuxYVu07Ypu3Yy40neD428pWXPRKoN2PP83cBd8dxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIr8_9PZ87QHCrBsc32dYem-aGziukgDhXUbCQs1Qq38xiszNidJ-15JuxYVu07Ypu3Yy40neD428pWXPRKoN2PP83cBd8dxA&google_hm=NzEyNTA2Njc5MjQzMzE4NjgzNA%3D%3D

Request Chain 536

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJMyvFqCX7yp815tRnPJH3s&google_cver=1&google_push=AQvitULbS7cSLct9-BhzKt6mwCJX02zTcJC-V0yXoViqlae2C3arboBpbP3r0jqr932PngYnb0WG612DtqazjCS0LRAE5-h8zCwWNA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJMyvFqCX7yp815tRnPJH3s&google_cver=1&google_push=AQvitULbS7cSLct9-BhzKt6mwCJX02zTcJC-V0yXoViqlae2C3arboBpbP3r0jqr932PngYnb0WG612DtqazjCS0LRAE5-h8zCwWNA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUwMjg1OTM2MjQ0ODE1MDM0Mw&google_push=AQvitULbS7cSLct9-BhzKt6mwCJX02zTcJC-V0yXoViqlae2C3arboBpbP3r0jqr932PngYnb0WG612DtqazjCS0LRAE5-h8zCwWNA

Request Chain 537

https://d5p.de17a.com/cookies/google?google_gid=CAESELyRJfXlVH37RMCvSWEW2t8&google_cver=1&google_push=AQvitUIQNe2gXXB41ZvKoZyD4eR_2Ql9E3cAwwY6BCjQq5WVlRzXXnlp5gqCWATpwFU76-5gHKZkEGRCbMr7W75FWAUpuDktURCF HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELyRJfXlVH37RMCvSWEW2t8&google_cver=1&google_push=AQvitUIQNe2gXXB41ZvKoZyD4eR_2Ql9E3cAwwY6BCjQq5WVlRzXXnlp5gqCWATpwFU76-5gHKZkEGRCbMr7W75FWAUpuDktURCF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIQNe2gXXB41ZvKoZyD4eR_2Ql9E3cAwwY6BCjQq5WVlRzXXnlp5gqCWATpwFU76-5gHKZkEGRCbMr7W75FWAUpuDktURCF

Request Chain 538

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJzDd5BAxJPqPxnPU8jD240&google_cver=1&google_push=AQvitUJCHOew2Lg_UFqlf1sp4iQo48tJ0r7EaL6Fy20Q3ZR0-yPtCQIS-0Fk6i8pBqkB2GV50_fceucjB66pLccv4Qi2WYpSBLRqNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09PVFI0T0EtMUQtOFpFMQ==&google_push=AQvitUJCHOew2Lg_UFqlf1sp4iQo48tJ0r7EaL6Fy20Q3ZR0-yPtCQIS-0Fk6i8pBqkB2GV50_fceucjB66pLccv4Qi2WYpSBLRqNQ

Request Chain 539

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMdWt1j2pKh3UMurK9_Vb5Y&google_cver=1&google_push=AQvitUJ80QVh3X8obvacf0tFzZpR0XApx1UlmlKg8LhHtdVbV0HG541WojG5qJ8_3FfeLJd9A6R613UwjQYVSoraog9r-qKbEWQeuA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMdWt1j2pKh3UMurK9_Vb5Y&google_cver=1&google_push=AQvitUJ80QVh3X8obvacf0tFzZpR0XApx1UlmlKg8LhHtdVbV0HG541WojG5qJ8_3FfeLJd9A6R613UwjQYVSoraog9r-qKbEWQeuA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUJ80QVh3X8obvacf0tFzZpR0XApx1UlmlKg8LhHtdVbV0HG541WojG5qJ8_3FfeLJd9A6R613UwjQYVSoraog9r-qKbEWQeuA&google_hm=e36717541abf426d15ce0507

559 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.gazetadopovo.com.br.mcas.ms/ 1 KB
841 B 206ms
62ms Document
text/html 40.81.121.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.81.121.140 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

6e6ea38b72668f7977a64ff403eb7d185f51228d15749b397ef3ddce7b3b81da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.gazetadopovo.com.br.mcas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Fri, 14 May 2021 21:20:12 GMT
x-mcas-request-id: 29b6fba96fcbe3d0b74ad02bc447075f
expires: Mon, 01-Jan-1990 00:00:00 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
pragma: no-cache
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/js/ 5 KB
5 KB 24ms
8ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-store-helper.min.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://www.gazetadopovo.com.br.mcas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 14 May 2021 21:20:12 GMT
last-modified: Tue, 04 May 2021 17:11:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D90F1F9E34F4BE
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2ac76fd-101e-0001-4833-455529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=3472
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/html/ Frame 613E 281 B
726 B 8ms
8ms Document
text/html 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br.mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.mcas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Tue, 04 May 2021 17:07:19 GMT
etag: 0x8D90F1F135BA00D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a4241b6-e01e-001f-7a33-458fc4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=8076
date: Fri, 14 May 2021 21:20:12 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/js/ Frame 613E 64 KB
65 KB 7ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fa7c60fca96e114cf9162a26c0eef728783f2dbff06d2b86773535af90de3f8b

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 14 May 2021 21:20:12 GMT
last-modified: Tue, 04 May 2021 17:11:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: dSafsVqER9739PXXMGX73g==
etag: 0x8D90F1F9DEDA57A
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2ac7937-101e-0001-4333-455529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=734
x-ms-version: 2009-09-19
content-length: 66024

GET
H2 200 Primary Request / Show response
www.gazetadopovo.com.br/ 1 MB
293 KB 38ms
21ms Document
text/html 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72723a249f5e97fa8c7efbe30d92de1b60f71719e810650515168823256b67d6

Request headers

:method: GET
:authority: www.gazetadopovo.com.br
:scheme: https
:path: /?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.gazetadopovo.com.br.mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.mcas.ms/

Response headers

content-type: text/html
date: Fri, 14 May 2021 21:14:04 GMT
last-modified: Fri, 14 May 2021 21:02:33 GMT
cache-control: max-age=600
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
etag: W/"0c6ac54547893b3601f500264720d68f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: fkr5eo-M9-1d6SniitYinz3PSWQtenAshKWzbwtphwg8E1xcB9b14w==
age: 370

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 46ms
28ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2698
etag: W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 64f72b51b9281f35-FRA
cf-request-id: 0a0e59671500001f354e987000000001
expires: Mon, 17 May 2021 21:20:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
959 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 May 2021 21:20:13 GMT
server: ESF
date: Fri, 14 May 2021 21:20:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 May 2021 21:20:13 GMT

GET
H2 200 e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/ 8 KB
2 KB 41ms
23ms Stylesheet
text/css 2606:4700:20::681a:415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:415 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6041
cf-polished: status=cannot_optimize
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a0e5967160000c2b8141fc000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RUTHq5faztuBM20cLFsZy%2FmMQmrJr3J9AwR29V3l0jiclcTocdNsciSoIwNPWdzfWn%2BqBNZtm6E%2Bd3HXGPAXaKUVGMxnfJ%2FsOaJTxF9EH%2FJ4pcDngL0iSkTFQnCLiUZeM%2Bdv2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 64f72b51beacc2b8-FRA

GET
H2 200 app-19c4d622d6a1aee75230.css
www.gazetadopovo.com.br/assets/ 681 KB
45 KB 12ms
12ms Stylesheet
text/css 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a4cc0e434a49a85bef77cf1d345a20b952002eb8704dcddd90301e13d4bd67b

Request headers

:path: /assets/app-19c4d622d6a1aee75230.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 21:30:16 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 21:09:26 GMT
server: AmazonS3
age: 85798
etag: W/"fcd71f4f27fbff1beb0c0fd5b55622ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: AYStkus18Y8zmLTlZ3gNUxKUwZCTvRsbwR462fQGHv6sWXFV1LjhlA==

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 28ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1621027213.dop131.fr8.t,1621027213.cds218.fr8.hn,1621027213.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 ico-noticias.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 402 B
758 B 18ms
12ms Image
image/svg+xml 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-noticias.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c

Request headers

:path: /assets/images/menu/icons/ico-noticias.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:25 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 8269369
etag: "0047e5eff1c16451783c127e71d7c4dc"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 402
x-amz-cf-id: hZhMX99W8tTc5Ax2LQceVFgdfRNDZPfjkpyid3g8T26DvNeFs6Mibw==

GET
H2 200 ico-opiniao.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 742 B
1 KB 22ms
17ms Image
image/svg+xml 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-opiniao.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace

Request headers

:path: /assets/images/menu/icons/ico-opiniao.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:10 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 8345763
etag: "81ceaad7f3bf5e4912e4a7e9fea1d1a8"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 742
x-amz-cf-id: np4bcim4P0p3dhjozoIYiquyBxe2aMHjrt9JWxNybD2YoafMBDI4Sg==

GET
H2 200 ico-descubra.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 553 B
910 B 28ms
23ms Image
image/svg+xml 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-descubra.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96

Request headers

:path: /assets/images/menu/icons/ico-descubra.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:25 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:16 GMT
server: AmazonS3
age: 8269369
etag: "f54a53358f4eb688ab2e8b30a5f16f6c"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 553
x-amz-cf-id: bIpSouFIeFAuuUM-8AFDcDD2AbZP56q2fvYErU6ndqwUWG2jydBqqA==

GET
H2 200 ico-minha-gazeta.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 381 B
737 B 22ms
17ms Image
image/svg+xml 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-minha-gazeta.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568

Request headers

:path: /assets/images/menu/icons/ico-minha-gazeta.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 02:49:07 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 8620266
etag: "e7caef4cd9fc8923d63157348bf8b219"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 381
x-amz-cf-id: 9yZUjP0M5pCwv_DXzR_wI0hk37GSfvRHXayMLegoxe2zngIg2NmgnA==

GET
H2 200 gazeta-fallback.svg
www.gazetadopovo.com.br/assets/images/svg/ 123 B
469 B 21ms
16ms Image
image/svg+xml 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/svg/gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7

Request headers

:path: /assets/images/svg/gazeta-fallback.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 00:33:06 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
last-modified: Tue, 30 Mar 2021 21:25:51 GMT
server: AmazonS3
age: 2839627
etag: "852c057958949c7560916cdd5f0121ab"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: JSgWrst_kbZqn0ddRoNXfTbTH453GN1OkziKx7KAarovY1k3FLFSsA==

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 114 KB
27 KB 34ms
8ms Script
application/x-javascript 2a02:26f0:6c00:2a7::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 389033bda6df04020f9010686fdac3a0232caddadddf2ea2367954c0aeb5be35

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 May 2021 09:22:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27418
Expires: Fri, 14 May 2021 22:20:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3201
date: Fri, 14 May 2021 20:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 14 May 2021 22:26:52 GMT

GET
H2 200 paulo-polzonoff.jpg
media.gazetadopovo.com.br/2019/12/02152010/ 8 KB
8 KB 35ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/12/02152010/paulo-polzonoff.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8ce4a0a32c830a6051b2907482e3122be8ad51d495ed58b238c68502b5eb8cf

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:26 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 18:20:12 GMT
server: AmazonS3
age: 8269368
etag: "e94bc2091dec13fcb35322d48e48f9b3"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7448
x-amz-cf-id: tniOxIOiDTBNiS834FCAqp6PDuWqgUaLwG3iAzvb-O0yTA8-IbElxA==
expires: Tue, 01 Dec 2020 18:20:10 GMT

GET
H2 200 madeleine-2020-1.png
media.gazetadopovo.com.br/2020/04/07211307/ 134 KB
134 KB 35ms
9ms Image
image/png 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/04/07211307/madeleine-2020-1.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b251acadc1689369d2cd4e68a3c2085891ddbfb13dbe25f0f0bcc3119aeb09a8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 17:35:22 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 00:13:10 GMT
server: AmazonS3
age: 1309492
etag: "818fc0484d11735c5b6bf1ff8bda4022"
x-cache: Hit from cloudfront
content-type: image/png
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 137019
x-amz-cf-id: 8VSYbuGX9_yTU8oDDaDbRWNRHamrsWF7NykQJLgLeTXCqT-14jJ_dQ==
expires: Thu, 08 Apr 2021 00:13:07 GMT

GET
H2 200 carlos3.jpg
media.gazetadopovo.com.br/2021/04/05215839/ 10 KB
11 KB 35ms
9ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/05215839/carlos3.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b9f14aad2e54ad79df17ebbdefefd5b255e048b1d9fa08132c496ef0e1d7128

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 18:02:23 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Tue, 06 Apr 2021 00:58:40 GMT
server: AmazonS3
age: 2776671
etag: "8a2226d8b0625081a0aafb0b3b3cf5fe"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10620
x-amz-cf-id: KuaQzEoKuifJzxdVwoicP1EvgYDtDmrsgEibR363hTBWBXBDoNsoeg==
expires: Wed, 06 Apr 2022 00:58:39 GMT

GET
H2 200 infog-remote.js Show response
multimidia.gazetadopovo.com.br/recursos/js/ 10 KB
10 KB 54ms
9ms Script
application/javascript 2600:9000:20eb:3a00:1b:3b3:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://multimidia.gazetadopovo.com.br/recursos/js/infog-remote.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:1b:3b3:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) PHP/5.5.21 /
Resource Hash: 9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 07:10:40 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Fri, 09 Nov 2018 13:38:20 GMT
server: Apache/2.4.6 (CentOS) PHP/5.5.21
age: 50973
etag: "277a-57a3b76e9180e"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10106
x-amz-cf-id: QOIt5omVDEPhuV2XyZSBq3_oM7oB1MF9F6jrmeO5ir_4C_4B7ilxRA==
expires: Fri, 14 May 2021 07:15:40 GMT

GET
H2 200 carneiro-neto-fundo-branco-300x300.jpg
media.gazetadopovo.com.br/2021/05/ 63 KB
64 KB 36ms
10ms Image
binary/octet-stream 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/carneiro-neto-fundo-branco-300x300.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71320e22153f97e1739fc5fd5df4080192219b589dab85e3a23084575d8ec497

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 13:14:47 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 13:12:55 GMT
server: AmazonS3
age: 29127
etag: "931598f2f2b2c4fe36a4440e9b5324a8"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 64847
x-amz-cf-id: OBRKGzB_wsDdOfcDVeBdgTRwm3zKLaymiaQL5wn-iW4U1hpc7J0Ipg==

GET
H2 200 Joao-Kepler.jpg
media.gazetadopovo.com.br/2019/12/13111717/ 9 KB
9 KB 36ms
10ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/12/13111717/Joao-Kepler.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 440e766b126d9aa088c0c6c66b589b201bfa0683bbb3d70ec5f5191445007a20

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 00:57:57 GMT
content-encoding: gzip
last-modified: Fri, 13 Dec 2019 14:17:18 GMT
server: AmazonS3
age: 850937
etag: "f530bc6bb0baf55657edb4a98cc51c98"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8486
x-amz-cf-id: IGfylSw6BLrE_psaBuOBEv6yadGtWHyHHiWPZxPlkvJWufMgw4sYNg==
expires: Sat, 12 Dec 2020 14:17:17 GMT

GET
H2 200 bruna-frascolla.jpg
media.gazetadopovo.com.br/2020/07/09173751/ 8 KB
8 KB 40ms
15ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/07/09173751/bruna-frascolla.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 947e3dec03b8a6a3d77e890d173bc946ee51b395db9ab32d971da1996305a409

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 01:25:10 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 20:37:54 GMT
server: AmazonS3
age: 8625303
etag: "ebb57691647a551f2047dd0b2d1e0a0b"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8259
x-amz-cf-id: Gt3-x7TJ0OYPr5YLfsQa0BcnAr73kv8P8dH7q1XvPYQRr-f9iARyiw==
expires: Fri, 09 Jul 2021 20:37:51 GMT

GET
H2 200 owl.carousel.min.js Show response
www.gazetadopovo.com.br/assets/legacy/ 43 KB
12 KB 16ms
10ms Script
application/javascript 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/owl.carousel.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b

Request headers

:path: /assets/legacy/owl.carousel.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:35:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 17:21:37 GMT
server: AmazonS3
age: 7847103
etag: W/"5274afb2522b0f6f1b6a019949c3c104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: yVV8rmHamf_ssyBctg_CG2qtLo72BZZXQrT9I4neYfeYR-MYtI5kZQ==

GET
H2 200 GazetaDoPovoSDK.js Show response
www.gazetadopovo.com.br/assets/legacy/ 145 KB
37 KB 18ms
12ms Script
application/javascript 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/GazetaDoPovoSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2

Request headers

:path: /assets/legacy/GazetaDoPovoSDK.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 22:02:17 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2019 18:34:32 GMT
server: AmazonS3
age: 10797477
etag: W/"93db618a4f3bd0163e68ad039dcbd60c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: Vhr5Sc67fUzzUwIn8p28CftP4SFrw2NPIxbt40vVklRyvmZbi7OP6Q==

GET
H2 200 social.js Show response
www.gazetadopovo.com.br/assets/legacy/ 264 KB
80 KB 31ms
25ms Script
application/javascript 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/social.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3bca498f4fa68a5d099135c6b44322e22aa62e509f59fc294d9e53d38475374

Request headers

:path: /assets/legacy/social.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 07:21:16 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 16:43:33 GMT
server: AmazonS3
age: 4629538
etag: W/"d36619672c599923a4c9712bd040f9e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: 6Hn-s-W_deczFL6KNPOmAo56W561ry9byb14HlUkcM0rs61rmgFOzg==

GET
H2 200 vendor-9baf93355710264da6ef.js Show response
www.gazetadopovo.com.br/assets/ 295 KB
96 KB 23ms
17ms Script
application/javascript 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8081c769c2d9191a1ae2bea8b1409784c0a13d70b83bb2f41d41cc22ef2164e7

Request headers

:path: /assets/vendor-9baf93355710264da6ef.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 14:32:53 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 14:30:45 GMT
server: AmazonS3
age: 110840
etag: W/"3e425e478050fb49f8d5dbffdd68f55b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: fVxUXG4n5glFXtjw4_2UN371Ew3xPgXajjclD02udJ13Hls5i5tWuw==

GET
H2 200 gazetadopovo-app-b3eeb35c5cd968c95b53.js Show response
www.gazetadopovo.com.br/assets/ 366 KB
67 KB 18ms
12ms Script
application/javascript 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bee94f92f87881238a9d783523e1d3c6eae7d4f808e261eea83c5c5b585e6a60

Request headers

:path: /assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 14:32:54 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 14:30:08 GMT
server: AmazonS3
age: 110840
etag: W/"ceb11d3e5815f015f9e46b4a991d0a61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: uQrxyuUfvR56BfxQZ1RgsEzjvepZEV_PZgD6QCtK7O8esidbIN1-ww==

GET
H2 200 google-3.2.2.js Show response
www.gazetadopovo.com.br/assets/legacy/swg/ 114 KB
38 KB 18ms
12ms Script
text/javascript 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

:path: /assets/legacy/swg/google-3.2.2.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 22:04:47 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 20:50:04 GMT
server: AmazonS3
age: 10797326
etag: W/"9c302f91fb353b7f558cbda7922e6da1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: text/javascript; charset=UTF-8
x-amz-cf-id: q2DKkaNZqnfquyiZqLjrQPdrGKUvSEE0c2QkHnma6ZYh0CrSI163CA==

GET
H/1.1 200
OK JSPianoSDK-0.4.4.js Show response
gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/ 323 KB
323 KB 576ms
154ms Script
application/json 52.216.200.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.200.118 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:14 GMT
Last-Modified: Fri, 05 Mar 2021 13:15:08 GMT
Server: AmazonS3
x-amz-request-id: KJH4HWY0S26A3PXM
ETag: "cc0b84a81c8868bf472ad514d8695844"
Content-Type: application/json
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 330317
x-amz-id-2: 1H/2BhzAxxALPBEpd2PgSqcW+4w0kqopcboiQBRdOmJ+cRzOpmxYCUcksPJEty43VB36vp+DXIY=

GET
H3-29 200 e6Ya311101.js Show response
cdn.privacytools.com.br/public_api/banner/script/ 107 KB
19 KB 46ms
26ms Script
text/plain 2606:4700:20::681a:415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/script/e6Ya311101.js?p=bottom&t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:415 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c315490653d8ffce62de9da61cce3a69ce36d16559fd613a0fe097622523d0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9907
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fd5rWOX58RJ%2FZzxwP2vLwnDt9gzWEqm%2BSVwzuOgpsuZ0evB5mK%2FCtCaMN9RpFhnrYiAp4wtquTaW3u5prN2XIDcJGqoaDz4NVHTk4qrnPywK%2FSTdt94HXaodyW0WLwKF43cdyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cache-control: public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate
cf-ray: 64f72b5239de2484-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a0e59676400002484c0b74000000001

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
62 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3da88ed707e9f5a8821a3b82c8f159ce6e02200b258f5c97c48801556e89f57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63281
x-xss-protection: 0
last-modified: Fri, 14 May 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 May 2021 21:20:13 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 8 KB
3 KB 48ms
15ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2498
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 0a0e59679900004e2bc4989000000001
last-modified: Mon, 26 Apr 2021 21:14:53 GMT
server: cloudflare
etag: W/"60872d4d-1f5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 64f72b5288784e2b-FRA
expires: Fri, 14 May 2021 21:38:35 GMT

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 05:41:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
age: 488303
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
expires: Mon, 09 May 2022 05:41:50 GMT

GET
H2 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 06:10:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
age: 486556
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
expires: Mon, 09 May 2022 06:10:57 GMT

GET
H2 200 logo-gazeta-fallback.svg
assets.gazetadopovo.com.br/images/svg/ 2 KB
1 KB 84ms
22ms Image
image/svg+xml 2600:9000:206e:5e00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/logo-gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5e00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:13 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 19:11:32 GMT
server: AmazonS3
age: 8345761
etag: W/"d792eee1076dd5de89b09831c82d0436"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
content-type: image/svg+xml
x-amz-cf-id: reeeGEqUxIjZI24x-RntW_mZXNF7ilvP4oxUkX73cUfm_j54beYQGg==

GET
H2 200 ico-related-items.svg
assets.gazetadopovo.com.br/images/svg/ 156 B
527 B 85ms
23ms Image
image/svg+xml 2600:9000:206e:5e00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-related-items.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5e00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 03:59:10 GMT
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:29 GMT
server: AmazonS3
age: 8270464
etag: "a1e034e511ddfddbd71c0ee10f8240f0"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 156
x-amz-cf-id: Ploex9pChG2qtaGcA7GbNRtERlQVims2yfpzINXC5craJOB3wTguWQ==

GET
H3-29 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 18 KB
19 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:26:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:44 GMT
server: sffe
age: 330852
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18924
x-xss-protection: 0
expires: Wed, 11 May 2022 01:26:01 GMT

GET
H3-29 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:53 GMT
server: sffe
age: 155829
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19300
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:04 GMT

GET
H/1.1 200
OK 5294.json Show response
s3.amazonaws.com/gp-infoservices/infocoder/ 27 KB
27 KB 569ms
158ms Script
application/json 52.217.195.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/gp-infoservices/infocoder/5294.json?_=1621027213133
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.195.96 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd6d343c560c20611901e4c09e6f4da827fdb5957d2e4e2d3047c2e5804d4e6b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:14 GMT
Last-Modified: Tue, 20 Oct 2020 21:22:55 GMT
Server: AmazonS3
x-amz-request-id: KJHAS55QQE9XV9QW
ETag: "16fd83f68ab6025e68cf1c8761f5a7c1"
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 27623
x-amz-id-2: R3J4ZpYOZtumVTDWhGRzbJ0JE4SaYMDKiQKdFg17IwCy3GbLLm7ZAAqcPaZfMU5Q/PBCYEwJlAI=

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=70970493&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=914239445&gjid=708448561&cid=1622044111.1621027213&tid=UA-23088598-1&_gid=1523808297.1621027213&_r=1&_slc=1&z=1911745695

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=914239445&gjid=708448561&_gid=1523808297.1621027213&_u=IEBAAEAAAAAAAC~&z=790045030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 21:20:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 147 KB
44 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 810
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44829
x-xss-protection: 0
expires: Fri, 14 May 2021 21:56:43 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 43ms
26ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 119
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e5968ba00004db29d035000000001
x-request-id: Cei84tqSSYU
wn: prod-exp-10-0-88-251
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 64f72b545d864db2-FRA
expires: Fri, 14 May 2021 21:50:13 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1939
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 14 May 2021 21:47:54 GMT

GET
H2 200 hotjar-457089.js Show response
static.hotjar.com/c/ 32 KB
5 KB 169ms
60ms Script
application/javascript 13.224.95.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-457089.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.95.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-95-81.zrh50.r.cloudfront.net

Software

Resource Hash

5f278fce1ff36e9012ad04a47e7e3f2499a987c01372c2eee65e0ca6d3f9d841

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 41
etag: W/5b6cc2276357f07e6e7ea12d1ce51c59
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: g_qUCVfIvnx3WvUfTcbu9-26qYOmmzn4brGQm0zX__c6KRyDcYkQow==
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 175ms
62ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 May 2021 21:20:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: USpiOOawHzR6Bq1a1PaHlrC01pSZOlUhGB8d103tV6Kx2EUGfG5oGbb4IZ2R5R6i4IuovrJMxzm4xzPAjMLjuA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 14 May 2021 21:20:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 151ms
49ms Script
application/javascript 99.86.242.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:06:45 GMT
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: vEv5qnWaWloynuJRjvOzhNFfSkOpsJWxZg0bkwAbWhpdNzkh4MQvzA==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 11ms
10ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=22691
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 13 B
402 B 138ms
45ms Script
application/javascript 143.204.101.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 19:27:07 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Thu, 05 Sep 2019 14:23:06 GMT
server: AmazonS3
age: 611586
etag: "8e742d11d6b24c401e35f3b516726584"
x-cache: Hit from cloudfront
x-amz-version-id: HcQ7eDLpUO0rOnZ5z49wWPmZsoIBXyGt
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 13
x-amz-cf-id: ua_KdV3mLC0ewNhfOVcczvjqxGBzYigtQQFCPeWPo29iaf2-X1f9cA==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 151ms
49ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 76850
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1621027214.643606,VS0,VE0
x-served-by: cache-fra19157-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=914239445&_u=IEBAAEAAAAAAAC~&z=411115067

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=914239445&_u=IEBAAEAAAAAAAC~&z=411115067

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rep.gif
scomcluster.cxense.com/Repo/ 43 B
468 B 299ms
76ms Image
image/gif 178.63.13.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kootqyw7b71zr37a&sid=1138596144857280556&loc=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&new=1&arf=0&ltm=1621027213351&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kootqz1tsnd76yb9&ckp=kootqz1vibwnzest&glb=&wsz=1600x1200
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.13.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de717.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:13 GMT
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGDAAEALQAAAAC~&jid=791246802&gjid=998882628&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=1523808297.1621027213&_r=1&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&z=468451623

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K98STKR&t=gtm4&cid=1622044111.1621027213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

640d44cf7e0cf59b4807fd4277d2fd5671b500b3d812ead47ac137aa6f52d9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35026
x-xss-protection: 0
last-modified: Fri, 14 May 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 May 2021 21:20:13 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621027213577&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1621027213577%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621027213577&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621027213577&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQJme86hf2bsCQAAAXlswFOO8wJN-3fSCRLVGqkyVIraWAaYGMeCI5L...

0
155 B

443ms
175ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621027213577&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQJme86hf2bsCQAAAXlswFOO8wJN-3fSCRLVGqkyVIraWAaYGMeCI5LL7XW8nLRlBaRWqsi4
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: aki1w6kLfxYgGIHUuCoAAA==

Redirect headers

date: Fri, 14 May 2021 21:20:14 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621027213577&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQJme86hf2bsCQAAAXlswFOO8wJN-3fSCRLVGqkyVIraWAaYGMeCI5LL7XW8nLRlBaRWqsi4
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: +jn4qakLfxZAkcccyyoAAA==

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 407 KB
127 KB 33ms
32ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e9164448bbb0306f0ad72dad13782ef08ae66a9ac3d9b857d9a57a8a3468a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 296
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e59690a00004db27fa9c000000001
wn: prod-dash-10-0-134-202
last-modified: Thu, 13 May 2021 01:18:32 GMT
server: cloudflare
etag: W/"416463-1620868712000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 64f72b54dea94db2-FRA
expires: Fri, 14 May 2021 21:25:13 GMT

GET
H3-29 200 343122172743779 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/343122172743779?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c8559b3d9f89fac3a49716cc7ae77f6b922e2e5c82c81e4b558fcdb5a819e35

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74233
x-fb-rlafr: 0
pragma: public
x-fb-debug: VcKVqiHao/TXQKGADlOM9ug461nRayiBSZICtcu4xr3yRaVfCXRxdY7ljCuMZBbpHQW/9ZN4eYkPRqDs0KjdcA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 14 May 2021 21:20:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 24ms
9ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 1755
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Fri, 14 May 2021 21:40:58 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame C4A2 25 KB
8 KB 81ms
71ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=450285

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c33d27cab31c3b8c1a18e54a01447d1d25f77ba8499018b01c1156b92080dd8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-F1vHbOa96IyW4l+iXW7bzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-F1vHbOa96IyW4l+iXW7bzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=450285
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 May 2021 21:20:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-F1vHbOa96IyW4l+iXW7bzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-F1vHbOa96IyW4l+iXW7bzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=215=SI9yePzOJtKgsSUvYBAxOcN-ThRA4k2cENBHuwgefZd4eh3j9eLgmjO4hYw6FuLfiAXEJI169DdoYbUw1TA31SN5iNckEAfow-SUVGxb8g_OY0k0n-jkDAHlORdYuevXR4fDvDzM3ZNFei46xEXtVZJX9RyB38hkbTHvoB_6BEo; expires=Sat, 13-Nov-2021 21:20:13 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 18ms
8ms Other
image/svg+xml 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 808
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 14 May 2021 21:56:45 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 32ms
16ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=791246802&gjid=998882628&_gid=1523808297.1621027213&_u=aGDAAEALQAAAAC~&z=687638904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 21:20:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/ 2 B
58 B 69ms
67ms Fetch
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 / Show response
www.gazetadopovo.com.br/ 0
351 B 420ms
419ms XHR
text/html 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?&_=1621027213417
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1622044111.1621027213; _gid=GA1.3.1523808297.1621027213; _gat=1; _gcl_au=1.1.4886979.1621027213; cX_S=kootqz1tsnd76yb9; cX_P=kootqz1vibwnzest; _gat_UA-23088598-1=1
:path: /?&_=1621027213417
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: HEAD
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 21:02:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"0c6ac54547893b3601f500264720d68f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=600
content-type: text/html
x-amz-cf-id: 403G6ojshL6qBL6nvvxkahaocj--Ne80aI51CuQn9WulZoOXNQ5_9g==

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=PageView&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&if=false&ts=1621027213626&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.2.1621027213624.1717082381&it=1621027213584&coo=false&exp=l0&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 14 May 2021 21:20:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=ViewContent&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&if=false&ts=1621027213629&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.2.1621027213624.1717082381&it=1621027213584&coo=false&exp=l0&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 14 May 2021 21:20:13 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 26ms
24ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=791246802&_u=aGDAAEALQAAAAC~&z=351244559

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 25ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=791246802&_u=aGDAAEALQAAAAC~&z=351244559

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 2 KB
2 KB 150ms
150ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f27bf75071302176a83b109340393c38435e1dc7593fdef87e74fe7bc9cdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e59698d00004db24b380000000001
x-request-id: Cpl84tqKbBJ
pragma: no-cache
wn: prod-exp-10-0-134-46
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 64f72b55a8614db2-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
276 B 22ms
21ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e68a8e11989f755b422afcd231083744a574a76fafd9b661bd053e571bc2d51a

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 229
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e59699100004db27faa4000000001
x-request-id: Ccf84tqhTxe
pragma
wn: prod-dash-10-0-121-63
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=1200
cf-ray: 64f72b55b8724db2-FRA
expires: Fri, 14 May 2021 21:40:13 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621027213720&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=http...
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621027213720&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=htt...

64 B
331 B

76ms
76ms

Image
image/gif

99.86.242.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621027213720&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-79.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: -hUL1B_z18MXxVIlEsS5ES8wLmhgQdLYQvazL-HvwVP9RktE4NO1Kw==

Redirect headers

date: Fri, 14 May 2021 21:20:13 GMT
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621027213720&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F
content-length: 311
x-amz-cf-id: 9aoXGOQvhJTU6YkVVrXLERlpK5jngOkxMvRuN-BkVc4MkSAPqDJvCw==

GET
H2 200 modules.0fd8b750824023792fba.js Show response
script.hotjar.com/ 220 KB
58 KB 165ms
64ms Script
application/javascript 13.32.6.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0fd8b750824023792fba.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-457089.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.6.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-6-61.vie50.r.cloudfront.net

Software

Resource Hash

65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 07:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222188
x-cache: Hit from cloudfront
content-length: 59191
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 07:37:04 GMT
etag: "cd11ca1a90eced753504203f173db976"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f9fdc7f95aba4b520d73ade0f850d634.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: wdnKv_tZFdoB1hNvbwmvAMnEAFhBt4I9HOEY7DpSfiTVJKpbyNc-MQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/?random=1621027213726&cv=9&fst=1621027213726&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

305967bb74a73c1ccdd9e86fd25f3dbac1250cf7b592897066c6b272d2bbf03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/?random=1621027213729&cv=9&fst=1621027213729&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc89a9f3aaf0b0985a2c618f1b7978f0aeb6eed42f8e1fa447fc928eb633015a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1064
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 245ms
156ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 14 May 2021 21:20:13 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 584d088426c37fcb3a052baa1fdfe76bb15038c85602b1a60aedbfa1f71b9875
x-transaction: 264201413b94515e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame C4A2 21 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450285

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:50:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 1755
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Fri, 14 May 2021 21:40:58 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5B-... Frame C4A2 146 KB
51 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5B-gFR_NtDs_kXSFl4p41_EA798g/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a76fd2d7206486cd72f80c33106d521c63cd5c7cf869c5c0ab908ad2c87d342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 18:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 00:51:46 GMT
server: sffe
age: 96242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52525
x-xss-protection: 0
expires: Fri, 13 May 2022 18:36:11 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/961891575/ 42 B
64 B 60ms
59ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/961891575/?random=1621027213726&cv=9&fst=1621026000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=3419956660&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/961891575/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/961891575/?random=1621027213726&cv=9&fst=1621026000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=3419956660&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/854244571/ 42 B
64 B 58ms
58ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854244571/?random=1621027213729&cv=9&fst=1621026000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=340587876&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/854244571/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854244571/?random=1621027213729&cv=9&fst=1621026000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5c1&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=340587876&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame C4A2 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450285

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 155831
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:02 GMT

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame C4A2 36 KB
13 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5B-gFR_NtDs_kXSFl4p41_EA798g/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a6117292845afab73b2de4673d5d7559afdffe1ef69fb08a1cb5003220859b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 91753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13447
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame C4A2 95 KB
32 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI74amyhivC-9LyndN6k0iHexbJ03g/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee55a78068293dd8c4ed978c35e141b9d211314ada6085d55a18dc507cb190d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 91753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33095
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame C4A2 256 B
225 B 34ms
33ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=6013963566421797706&bl=boq_subscribewithgoogleclientserver_20210512.13_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=84014&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9f3a9a56336afffef938cd4c0f29deeaed14cff056017859c2012f2a8aeae27

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame C4A2 46 KB
17 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI74amyhivC-9LyndN6k0iHexbJ03g/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0244432d5bd68b595fef41e5257737a038d95848a1fa483c66fb8fdee718d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 91753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17704
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame C4A2 236 B
183 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI74amyhivC-9LyndN6k0iHexbJ03g/m=lwddkf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 91753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

GET
H3-29 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame C4A2 796 B
468 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,lwddkf,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI74amyhivC-9LyndN6k0iHexbJ03g/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c862d06dbc394d8f64662949c40b019bd661b71381a0485ff7ccf3eaa45786f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 91753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

POST
H2 200 log Show response
play.google.com/ Frame C4A2 131 B
644 B 62ms
41ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 56ms
37ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 14 May 2021 21:20:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 14 May 2021 21:20:13 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame C4A2 131 B
154 B 41ms
40ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:13 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame C4A2 131 B
154 B 41ms
41ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 55ms
38ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 14 May 2021 21:20:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 14 May 2021 21:20:13 GMT
cache-control: private

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 53ms
38ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 14 May 2021 21:20:13 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 14 May 2021 21:20:13 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame C4A2 131 B
154 B 40ms
40ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:13 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:13 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=70970493&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Placar%20Covid%20no%20Paran%C3%A1%20-%20Componente%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALQAAAAC~&jid=2095403120&gjid=1302083468&cid=1622044111.1621027213&tid=UA-70198534-1&_gid=1523808297.1621027213&_r=1&_slc=1&cd1=infocoder&cd2=5294&z=836451287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-70198534-1&cid=1622044111.1621027213&jid=2095403120&gjid=1302083468&_gid=1523808297.1621027213&_u=aGDAAEALQAAAAC~&z=1241800950

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 21:20:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 12ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarycMAHS5VSojbK8A8P

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 14 May 2021 21:20:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

OPTIONS
H2 200 flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame 0
0 237ms
137ms Preflight
application/json 13.224.193.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol: H2
Server: 13.224.193.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-58.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 14 May 2021 21:20:14 GMT
x-amzn-requestid: c5d6fead-0ccf-4390-81b4-ac267d3b9c41
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: fVluRFKroAMFrIw=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: RXsQAWR3qVVsvDYpfWlvHCDaWQDkSt8c3VBdFT1o74QtbdrDeZGMGA==

POST
H2 200 flow1 Show response
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ 504 B
879 B 154ms
153ms XHR
application/json 13.224.193.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-58.fra2.r.cloudfront.net
Software: /
Resource Hash: 44496cc81b5d0b6f20e309c776ccb7de6ea624ccf7f12faad3731be73961fd45

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 6e96a74c-2558-4059-941c-3f7126cb9e7f
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-609ee98e-3abaf0a932fb413a11b481ab;Sampled=1
x-amz-apigw-id: fVluSGdAoAMFe2w=
content-length: 504
x-amz-cf-id: _Cpx0iYDvcNPxh8MV9peljdlXp2LIThd_l5oBj5PC3k5SCJ8YOOhQQ==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 253ms
163ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 14 May 2021 21:20:14 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 07057d961c269d7d91b35199a353c7e56287f608b9f116b604d86884d6099b6c
x-transaction: e0c6ee7dac461219
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ico-arrow-left.svg
assets.gazetadopovo.com.br/images/svg/ 127 B
501 B 21ms
20ms Image
image/svg+xml 2600:9000:206e:5e00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-left.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5e00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:07:46 GMT
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:27 GMT
server: AmazonS3
age: 8597549
etag: "6ae51f29a6cffccc223655e32d23de10"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 127
x-amz-cf-id: XsbvtRCyShgcxaeDfvz2xOWqG6f45VhCByQQSj6WkO_fUgyXElZqUw==

GET
H2 200 ico-arrow-right.svg
assets.gazetadopovo.com.br/images/svg/ 123 B
496 B 22ms
22ms Image
image/svg+xml 2600:9000:206e:5e00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-right.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5e00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 11:47:20 GMT
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
last-modified: Tue, 30 Mar 2021 21:25:52 GMT
server: AmazonS3
age: 3835975
etag: "360b8c417ef8fc3088f833de9723ae18"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: sDE84PzruiaEmdA9U0mJWPI0mcBg22Hm3tYPKsoX4cXbpTEcJsn4qw==

GET
H2 200 / Show response
infograficos.gazetadopovo.com.br/json-google-spreadsheet/ 763 B
1000 B 468ms
436ms Script
application/json 2600:9000:20eb:e000:16:bc5f:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://infograficos.gazetadopovo.com.br/json-google-spreadsheet/?callback=jQuery33107590980642479601_1621027213134&id=1Pn1D6-1SwjcjvVnigSTDUrgGfI3-xub00yvRMkRPIpI&sheet=3&_=1621027213135
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e000:16:bc5f:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ff156ac54096975d3e14e590858cb08eee2efd16af2ccf7b73f106d0811a899a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json
content-length: 763
x-amz-cf-id: zxYI2Jxhd7RGqWyvCXaKQu3veOtx3EF754hmcn08j2CRD_jly-4rwg==

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 363C 1 KB
1 KB 155ms
49ms Document
text/html 13.32.6.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-457089.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-78.vie50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c855d201fddbb6ef22989607fe8f5d1f.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 8eTvtnQP1nzy4zkFTMuzJonI3aYELRHmetSU93Oih-YVgvbbrQ-9mA==
age: 3906582

POST
H2 200 unload
api-v3.tinypass.com/api/v3/page/ 0
0 135ms
134ms Ping
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/page/unload?aid=izBe3CQ7pu&tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQqjbw0jme_suH8GZlRkYLrgbt-bv_oPzWlCPNuj65WgbBdNDcNXOlKQKkrSKLF0A6ZiZsjmSrH58QAulSvUNMK0XFSI1pW_JmoNsYrxPQKSl_ClXXX7wZd7xhwozNxHCCQ&time_spent=%7B%22active%22%3A0%2C%22total%22%3A0%7D&scroll=%7B%22max_page_height%22%3A9096%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&pageview_id=2021-05-14-23-20-13-691-uNs0t6Hs9t0RkxHJ-b936ad7ebc1e9e7e2afe591d682f915b&visit_id=v-2021-05-14-23-20-13-694-BE8FV6Sla533f0CB-b936ad7ebc1e9e7e2afe591d682f915b
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 6 KB
3 KB 154ms
154ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89c11b0ee752f72819ff6b6d502279fb493d7ae783ea45672efd5eef6338b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e596d1d00004db26f1cd000000001
x-request-id: Cql84tqztuO
pragma: no-cache
wn: prod-exp-10-200-74-249
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 64f72b5b6d604db2-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 230ms
137ms Preflight
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 14 May 2021 21:20:14 GMT
x-amzn-requestid: 7f6b4fcd-35a4-4aa9-998a-ba8b7547c71a
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fVluWHJsoAMF4Cw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Wl9mP2CGDf9AZa8BoiF0e3LyRDNQKqDBw0hvJwzqw4vPjgQrv0b37A==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 605ms
605ms XHR
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 388e44b00b02584faffc4755667c1f2d9ba47acf9d79d5c9824d36c4f20234ec

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 May 2021 21:20:15 GMT
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
etag: W/"4b3-uGxIKk6X9vE56tq5b5u2tw9ho5s"
x-amzn-remapped-content-length: 1203
x-amzn-remapped-date: Fri, 14 May 2021 21:20:15 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fVluZHUfoAMFhlQ=
content-length: 1203
x-amzn-requestid: 39592bcc-0735-42de-88c5-79c5aaf6bb6f
x-amzn-trace-id: Root=1-609ee98f-4464617a393555cf074b1e29;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: zrJ4ddhdKoXfEcanB21bSSlO-xabz9j5tox6lYkUDrZ_SQALVymq4A==
x-amzn-remapped-connection: close

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 551 B
796 B 146ms
130ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c96ae13eca566cd88e7584e53dd1b46d4577f1af3eefb9230f9da1ce9e1159e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e596dcf000005c444800000000001
x-request-id: Cql84tqUEYc
pragma: no-cache
wn: prod-dash-10-0-124-91
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 64f72b5c7aca05c4-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 1FFE 6 KB
3 KB 20ms
20ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4305cf47f19afb59b38a7b1107cfc9992346da5b5fdb412193c862a22cc1ac35

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Sat, 15 May 2021 00:20:14 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.002
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-124-91
x-forwarded-https: on
x-request-id: Cfx24tqMhZH
x-xss-protection: 0
cf-cache-status: HIT
age: 7355
cf-request-id: 0a0e596dc900004db2af084000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64f72b5c7fb94db2-FRA
content-encoding: br

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 364ms
316ms Preflight
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 14 May 2021 21:20:15 GMT
x-amzn-requestid: a6bf3bc9-b483-49d1-9556-54af25ebb906
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fVluXGfmoAMFe2w=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: aAptrlA77Rqa_tixTOwZJvrb6u0p1_FxsYUm5DH5IcoyQdpUIQ8Ovw==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 353ms
353ms XHR
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: / Express
Resource Hash: dac79b049b8b208239f473c21ea5fdad9dd3c03881512541cd336575d10033bf

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:15 GMT
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
etag: W/"4ff-9TiSDDBPiQm29eg+9P/TVddY8hE"
x-amzn-remapped-content-length: 1279
x-amzn-remapped-date: Fri, 14 May 2021 21:20:15 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fVlubFwvoAMF1Rg=
content-length: 1279
x-amzn-requestid: 250c7262-b63c-42a2-8017-55027a5341eb
x-amzn-trace-id: Root=1-609ee98f-3d24ffef7e894a607dc9e38a;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: QL479Xh2HPUOmChyT6H5Dt_b-ZiTIbTe5zZLtW3VEMSO9hMs-jKIJA==
x-amzn-remapped-connection: close

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 1FFE 33 KB
5 KB 23ms
23ms Stylesheet
text/css 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 967
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e596de100004db22f08d000000001
wn: prod-dash-10-200-75-20
last-modified: Wed, 12 May 2021 20:48:34 GMT
server: cloudflare
etag: W/"33843-1620852514000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 64f72b5c98054db2-FRA
expires: Fri, 14 May 2021 23:20:14 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 1FFE 509 KB
143 KB 53ms
52ms Script
text/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.188.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5996062961b290de6f5e449fbcfdc3df354b36605692d9be7e571b91f978e21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 963
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e596de100004db262178000000001
wn: prod-dash-10-0-128-18
last-modified: Thu, 13 May 2021 13:08:26 NZST
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=585837
x-optimized-by: _sam
cf-ray: 64f72b5c98094db2-FRA
expires: Fri, 21 May 2021 16:04:11 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 1FFE 6 KB
558 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

796b7c426168c17fd0cda987277798ded81c6503a920f1fa4a90b946356ccb6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 May 2021 21:20:14 GMT
server: ESF
date: Fri, 14 May 2021 21:20:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 May 2021 21:20:14 GMT

GET
H2 200 campanha-corrupcao-desktop.jpg
media.gazetadopovo.com.br/2021/05/11094814/ Frame 1FFE 220 KB
221 KB 8ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094814/campanha-corrupcao-desktop.jpg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:21 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:15 GMT
server: AmazonS3
age: 278334
etag: "467c437588df95f88c8134c13e1277e4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 225668
x-amz-cf-id: L5G2OEy7l0whJghHQC3dRHQ1G0M9V8Ban-4IuWfN3hX-WInJRLppSQ==
expires: Wed, 11 May 2022 12:48:14 GMT

GET
H2 200 campanha-corrupcao-mobile.jpg
media.gazetadopovo.com.br/2021/05/11094813/ Frame 1FFE 63 KB
64 KB 9ms
9ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094813/campanha-corrupcao-mobile.jpg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f363bb1263ff140c7a599ac408717e56d801c29238b25bb8506a7a09527408c3

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:24 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:14 GMT
server: AmazonS3
age: 278331
etag: "cdfe63c78eeebb1a915d0428fde4c4b4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 65023
x-amz-cf-id: 95K7jrRuwgoG5eRJ2_wUOi2D8wqeIfwjsNPD6AWvkcMsfw0zMbu7pA==
expires: Wed, 11 May 2022 12:48:13 GMT

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/template/ Frame 1FFE 53 B
386 B 135ms
135ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/trackShow

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.188.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f662e23645b1b81aaf6eb5901cc9162dc0316b2b48a735c2761493e8ecf1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVYU55WIZ0ZT&offerId=fakeOfferId&experienceId=EXIAHC2U55HU&iframeId=offer_da51198308f88f95dd9e-0&displayMode=modal&widget=template
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0e596e7d00004db24f2a1000000001
x-request-id: Crl84tqbX1j
pragma: no-cache
wn: prod-dash-10-0-114-33
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dashboard.piano.io
x-xss-protection: 0
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-ray: 64f72b5d9a184db2-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ Frame 1FFE 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 06:10:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
age: 486558
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
expires: Mon, 09 May 2022 06:10:57 GMT

GET
H3-29 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ Frame 1FFE 20 KB
20 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 05:41:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
age: 488305
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
expires: Mon, 09 May 2022 05:41:50 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 campanha-corrupcao-desktop.jpg
media.gazetadopovo.com.br/2021/05/11094814/ Frame 1FFE 220 KB
221 KB 21ms
18ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/11094814/campanha-corrupcao-desktop.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 16:01:21 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 12:48:15 GMT
server: AmazonS3
age: 278335
etag: "467c437588df95f88c8134c13e1277e4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 225668
x-amz-cf-id: Ywfa2M42kRFthQoZ_v8YyxURbEnI6g0gz-C3EK4RgTOHjPI-VKLIVg==
expires: Wed, 11 May 2022 12:48:14 GMT

OPTIONS
H2 200 /
comments.gazetadopovo.com.br/content/count/comments/ Frame 0
0 423ms
345ms Preflight
application/json 2600:9000:211a:e00:4:5c96:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%2268629ee0-b4eb-11eb-80a9-d7630b3898f0%22,%227192a5d0-b4f7-11eb-b497-2b2353b9a2f3%22,%2242b9bb30-b7b6-11e9-96d3-6195e13c2fd4%22,%22541432b0-b4cc-11eb-a5e9-572d78fb9593%22,%22808e2860-b4c1-11eb-a9ed-898d61679f0e%22,%22c54518d0-b4f1-11eb-beb9-31e7484add5a%22,%2223182130-b4e0-11eb-b17a-b3a0b02878ce%22,%2248ad61b0-b4d8-11eb-893d-bfc914b5ec37%22,%223276b1e0-b4d7-11eb-a5e9-572d78fb9593%22,%22976a5a70-b4d7-11eb-a5e9-572d78fb9593%22,%227501e880-b4e2-11eb-b17a-b3a0b02878ce%22,%22cacb2c90-b4e7-11eb-80a9-d7630b3898f0%22,%22b5132ad0-b4b3-11eb-8141-453b26660345%22,%222cf77390-b4ef-11eb-beb9-31e7484add5a%22,%22d986be20-b4ec-11eb-80a9-d7630b3898f0%22,%22ffe37a10-b4f4-11eb-beb9-31e7484add5a%22,%22653eb150-b4e5-11eb-80a9-d7630b3898f0%22,%2234e05580-b4f0-11eb-80a9-d7630b3898f0%22,%223cd424d0-b4ad-11eb-a4b4-871cc25db5a5%22,%2251ef56e0-b4cc-11eb-a5e9-572d78fb9593%22,%22f9ec8cd0-b4e2-11eb-bb1b-3ff4c1ce9ad4%22,%2298820370-b4c0-11eb-b7d5-37c03f3b7778%22,%2249648970-b4e8-11eb-80a9-d7630b3898f0%22,%2246e77b80-b4e8-11eb-80a9-d7630b3898f0%22,%22eb138c30-b4b1-11eb-b7d5-37c03f3b7778%22,%222d1618c0-b4e7-11eb-80a9-d7630b3898f0%22,%22608c6990-b445-11eb-996a-57f8a776742d%22,%223facd8c0-b4d8-11eb-893d-bfc914b5ec37%22,%226903e900-b41c-11eb-8d21-55e545bfcd50%22,%22c0a98ef0-b4b5-11eb-b7d5-37c03f3b7778%22,%22f9d66140-b428-11eb-875b-7746cbd8ec2f%22,%22cacf07c0-b424-11eb-84fb-6f574c5dc335%22,%22c6f49400-b4e5-11eb-bb1b-3ff4c1ce9ad4%22,%22ddd80820-b4f2-11eb-beb9-31e7484add5a%22,%22a5c71960-b34b-11eb-abee-03f5385d5ff5%22,%221a655b40-b3fd-11eb-a187-db5066d085d8%22,%227f65d320-b34f-11eb-9e49-ed09bdae7c6a%22,%2256cab430-b32c-11eb-a9f4-171e5a40a72b%22,%2295da72d0-b4af-11eb-b7d5-37c03f3b7778%22,%22073d07a0-b422-11eb-84fb-6f574c5dc335%22,%2200122a10-b417-11eb-8d21-55e545bfcd50%22,%22d04afc70-b3e5-11eb-8e1e-696d85600db1%22,%226e8ae520-b428-11eb-875b-7746cbd8ec2f%22,%227f93bc80-b3f5-11eb-bfa9-6d75d86756d2%22,%22b0a61680-b420-11eb-84fb-6f574c5dc335%22,%2232608ea0-b262-11eb-9664-8bedfda48389%22,%2220920d30-b25c-11eb-a8f5-cf15ee40fcd5%22,%226597b8c0-b41f-11eb-8d21-55e545bfcd50%22,%22731cc630-b360-11eb-a21b-751ed1246604%22,%22a40845a0-b33b-11eb-8284-272359f31f7c%22,%224d353180-b31c-11eb-b2f2-a9b0dc1a9d89%22]
Protocol: H2
Server: 2600:9000:211a:e00:4:5c96:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 14 May 2021 21:20:16 GMT
x-amzn-requestid: 76bd4e8d-e351-45d9-bdb9-818d12985cbe
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token
x-amz-apigw-id: fVluhHlQIAMF_lw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 642d71984e3d1baa43fcd1fe0b0c012f.cloudfront.net (CloudFront), 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2 VIE50-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hK6W5QHbiJ9EOsEWYkQUZ0ec2OQn5GAr7HfNQWvt0DoADN_r90Fr3Q==

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 317ms
317ms Preflight
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 14 May 2021 21:20:15 GMT
x-amzn-requestid: 245cd7a4-bae9-4c03-aa9c-0996d3b00c33
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fVlugFuvoAMFgXg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Y-SNrXdeclbZbaG59POrpbdl7G-ZbbLysXtBMrHOmnH2v0puF8uuSQ==

OPTIONS
H2 200 /
www.semprefamilia.com.br/cookie-exchanger/ Frame 0
0 338ms
337ms Preflight
application/json 2600:9000:211a:b400:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:211a:b400:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Fri, 14 May 2021 21:20:16 GMT
x-amzn-requestid: d0afd005-2df6-4a68-a358-ec1c40335d28
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fVluhEKRoAMFTSw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront), 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1 VIE50-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qD46zuKlNAhxZziRpMiz2HBx_1dmfpX4fQZxYXJUT8PisxjyAQZJ6Q==

OPTIONS
H2 200 /
www.umdoisesportes.com.br/cookie-exchanger/ Frame 0
0 144ms
120ms Preflight
application/json 2600:9000:20eb:ac00:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:20eb:ac00:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Fri, 14 May 2021 21:20:15 GMT
x-amzn-requestid: a13f90eb-8070-46be-8595-62eb4629e1eb
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fVlufEyhoAMFY1w=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront), 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2 FRA2-C1
x-cache: Miss from cloudfront
x-amz-cf-id: C9qLYGPx584YSW6dJ33kigm24walEWN9hDCWrj5XWHmRHmJn-hqAdA==

GET
H2 200 psd-se-afasta-de-bolsonaro-afaga-lula-e-mira-estados-eleicoes-2022.json Show response
json.gazetadopovo.com.br/republica/ 36 KB
8 KB 47ms
13ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/psd-se-afasta-de-bolsonaro-afaga-lula-e-mira-estados-eleicoes-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bfdbf2a7af9a8153d6ddaf5ae47a8e9b63199713c32fb8d08c00b704e8cdcce

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:19:41 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 35
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:18:35 GMT
server: AmazonS3
etag: W/"50bf08514764141667d16228836e9600"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
content-type: application/json
x-amz-cf-id: RDex1bip7Agvq7ElV3fB9FQF5WQN5Ek68oZwjGFG6dXB9u6KiZCNlg==

GET
H2 200 rodrigo-maia-desfiliacao-dem.json Show response
json.gazetadopovo.com.br/republica/breves/ 18 KB
4 KB 62ms
29ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/rodrigo-maia-desfiliacao-dem.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4cfebbbfd01683311a17a63b4a47d090ca9620c42f9655e13da7cdd33181cbe8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c04f26568ef4b9e8518d0b7cc68f0d42"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 20:46:14 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: SpMWjF-KoAkeKf9qhNve3efDoKIAANI98N7sDkUJcD0fQGyH-h726A==

GET
H2 200 disturbios-internos-ameaca-a-israel.json Show response
json.gazetadopovo.com.br/mundo/ 22 KB
6 KB 61ms
28ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/disturbios-internos-ameaca-a-israel.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa8b713a154b54249bd05a06ea0ed87ea2ab1cd5401672a632b135855c065c24

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d25b8f74262112b747b3e5b9a57bbf13"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:01:02 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: VVRZBvP4IJx9kkTkYuKmhUm6fSpQVwFZHc90j2C7JpoTqsNZpwKLiw==

GET
H2 200 lava-jato-maos-limpas.json Show response
json.gazetadopovo.com.br/republica/ 19 KB
5 KB 63ms
31ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lava-jato-maos-limpas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47bb2760890a290ad550e791686a1d9648d2e398eb8342869819bbf68c3ae458

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3f4eb87506ca1625f91c4b76a023d6af"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 18:16:06 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: xmxSL9Uw-mDyCjP8PZlgOz2FIIomi4Z_dqn4Ep9lOQ-vkrctotjb6A==

GET
H2 200 8-leiloes-setor-saneamento-31-bilhoes-2021-2022.json Show response
json.gazetadopovo.com.br/economia/ 27 KB
7 KB 61ms
29ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/8-leiloes-setor-saneamento-31-bilhoes-2021-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33b3ec1b600ad6625d0e55a3acf2e1c5cfcf9ffd503d2b2dd4cd7bbd112a4c2e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e812e9dda5cc90301569874862c8d2e4"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:56:56 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: AxIQomrYdjxMI6gH6F5gFqg-KNbyfaFzd9NMaETMJN5wYAAVo6DPcQ==

GET
H2 200 guerra-contra-crimes-sexuais-criancas-e-tecnologica-especialista-cibercrimes-luiz-walmocyr-policia-federal-darknet.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/ 30 KB
9 KB 61ms
30ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/guerra-contra-crimes-sexuais-criancas-e-tecnologica-especialista-cibercrimes-luiz-walmocyr-policia-federal-darknet.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3a216384e31bb9d5f4b49670fc877d9722c058ab78ff22f8b21a5e9ae7657cc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4e74d1deb1be1b7186a37eecb2656777"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 16:29:46 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: xvZmnwBKIbzqgw9eLJsZRW0BPJUiCQGrI_2Vm_e_HGxPCjCHkZRieg==

GET
H2 200 licenciamento-ambiental-regras-o-que-muda-projeto-aprovado.json Show response
json.gazetadopovo.com.br/republica/ 31 KB
8 KB 65ms
34ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/licenciamento-ambiental-regras-o-que-muda-projeto-aprovado.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94cdcace8c4d3288bb5878340eab8a9b6f583f3c4a6edd32e72d0210666c6b60

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9fac6f076fb6ac13b821a8897a93a0db"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 20:23:00 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: TsuVVRiyw8Mm0ZLJgWvzrR46bxQBE8mkfjfSaM8iOMGXKJwqUjDKDA==

GET
H2 200 renan-calheiros-diz-que-pazuello-nao-ir-a-cpi-da-covid-equivale-a-esconder-do-povo-brasileiro.json Show response
json.gazetadopovo.com.br/republica/breves/ 16 KB
4 KB 73ms
43ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/renan-calheiros-diz-que-pazuello-nao-ir-a-cpi-da-covid-equivale-a-esconder-do-povo-brasileiro.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b511715e4e77e792878b0edaedbd2ff36144b23f63eb79b6b8913a5165c2152d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6c8bcaa71625d998a2278fafd29480e0"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:54:17 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: gwtlSX5LzLCFTfVqvui83HOZwyYjxK8Oapcu_qiGu8F5_ufZ9EoqPQ==

GET
H2 200 se-esse-cara-voltar-nunca-mais-vai-sair-diz-bolsonaro-sobre-lula.json Show response
json.gazetadopovo.com.br/republica/breves/ 18 KB
4 KB 66ms
36ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/se-esse-cara-voltar-nunca-mais-vai-sair-diz-bolsonaro-sobre-lula.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92029202769338ce72a1b25882ed91c7098f42bd6dd78d279c223acc2453c7aa

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d348f91f39f495b5bce4c747cb3f0527"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 16:42:07 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: GAM0PYzRn7xmPnJOUdJQJ7_rqKaWqKc_DIbV4y6gfKRmA9wqSAzj6A==

GET
H2 200 corrupcao-felicidade.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 64 KB
10 KB 71ms
41ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/corrupcao-felicidade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b189c1344254cee17f9f2366498b82857b5f6bf725e05751311ef02502a38ef2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b83992186ffadc8af53b08f24543ff09"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:17:58 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 2hZPB0Uq7uAMMqMTQ972s8iKEwIqw9Eg3nq1S8ZrPsPxRDzREi1gGA==

GET
H2 200 corrupcao-felicidade.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 64 KB
10 KB 70ms
41ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/corrupcao-felicidade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b189c1344254cee17f9f2366498b82857b5f6bf725e05751311ef02502a38ef2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b83992186ffadc8af53b08f24543ff09"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:17:58 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ZHweHHjz_KDUe0NyAJZM9F95SvmpIA2zGyDUlyRpBffeB5y4YZlglQ==

GET
H2 200 franca-proibe-linguagem-de-genero-neutro-nas-escolas-arbitraria-e-contraproducente.json Show response
json.gazetadopovo.com.br/vozes/madeleine-lacsko/ 81 KB
12 KB 64ms
35ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/madeleine-lacsko/franca-proibe-linguagem-de-genero-neutro-nas-escolas-arbitraria-e-contraproducente.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc2e053bd9064752827a5196e0834ffc13fe7ea863a45e8b43a69edabd0f4a98

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"131f62835e38d01f4854e246f5f5479f"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:23:52 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: hZ0loACijXv3TN6S7FdLSSka78V185kgdWRozdbRc-CjhXG7xYKByA==

GET
H2 200 franca-proibe-linguagem-de-genero-neutro-nas-escolas-arbitraria-e-contraproducente.json Show response
json.gazetadopovo.com.br/vozes/madeleine-lacsko/ 81 KB
12 KB 62ms
34ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/madeleine-lacsko/franca-proibe-linguagem-de-genero-neutro-nas-escolas-arbitraria-e-contraproducente.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc2e053bd9064752827a5196e0834ffc13fe7ea863a45e8b43a69edabd0f4a98

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"131f62835e38d01f4854e246f5f5479f"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:23:52 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: rcuWqLVAqz09bkraOmpRrI5K_YJFjNssXWIYHKUHgXRAbvONyg0zgA==

GET
H2 200 depoimento-de-executivo-da-pfizer-na-cpi-da-covid-esclarecedor.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 74 KB
11 KB 63ms
35ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/depoimento-de-executivo-da-pfizer-na-cpi-da-covid-esclarecedor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8100849e1803ada0fc217cbaf5c1b4e5d0d7355c49db8b177b2894ee93c596bc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"be97d01169f80b700277afe3ba3d597f"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 01:23:21 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: iR1MhSleAiZ_1iMVcvDex7FmBcYMcjbydKCsK3UJvWAZLACuCTjEhg==

GET
H2 200 depoimento-de-executivo-da-pfizer-na-cpi-da-covid-esclarecedor.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 74 KB
11 KB 67ms
40ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/depoimento-de-executivo-da-pfizer-na-cpi-da-covid-esclarecedor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8100849e1803ada0fc217cbaf5c1b4e5d0d7355c49db8b177b2894ee93c596bc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"be97d01169f80b700277afe3ba3d597f"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 01:23:21 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: TWBtdipR56tGz7sIwqLITYQ5N2KEL5nllV4IaYQkb8W_WnKm5rqArA==

GET
H2 200 eleicoes-2022-lula-contra-bolsonaro-eleitores.json Show response
json.gazetadopovo.com.br/vozes/guilherme-macalossi/ 66 KB
10 KB 91ms
64ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-macalossi/eleicoes-2022-lula-contra-bolsonaro-eleitores.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678d2d638d566f2d2af8a7c6a039198ba2463af6ca8053c44dbd2a123594ac1c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"72bb8c333ca9940980db828db3e26c36"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:29:04 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: XPQhEVFsVinBUCMn2vg7ziOJemZfhZ2ZMiQjGj27xMOlXyL6BQ94aw==

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/guilherme-macalossi/eleicoes-2022-lula-contra-bolsonaro-eleitores.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678d2d638d566f2d2af8a7c6a039198ba2463af6ca8053c44dbd2a123594ac1c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"72bb8c333ca9940980db828db3e26c36"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:29:04 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: NXIbKPQdRBPY8VDVSNtnCv86cXDP8_H77W_7QhE40aPsTmebXBwAfw==

GET
H2 200 jerusalem-crise-politica-israel-torcida-mais-racista-do-mundo.json Show response
json.gazetadopovo.com.br/vozes/filipe-figueiredo/ 71 KB
11 KB 69ms
42ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/filipe-figueiredo/jerusalem-crise-politica-israel-torcida-mais-racista-do-mundo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a3e312a37e7e4f144129f67d977ac8b81d2f5c5faf260186c69eca4292a5f63

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c7e9afcb4aad0b331b2f1b1183240d57"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 10:10:33 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: lVOa6isPtx5W6_e2Xtk5IBHaUn844t1adBONvqZT6iFCiCYr9EqdTw==

GET
H2 200 jerusalem-crise-politica-israel-torcida-mais-racista-do-mundo.json Show response
json.gazetadopovo.com.br/vozes/filipe-figueiredo/ 71 KB
11 KB 63ms
37ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/filipe-figueiredo/jerusalem-crise-politica-israel-torcida-mais-racista-do-mundo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a3e312a37e7e4f144129f67d977ac8b81d2f5c5faf260186c69eca4292a5f63

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c7e9afcb4aad0b331b2f1b1183240d57"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 10:10:33 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: _teoVS_mkVRd1S3SIRXfTqWKcD3yvYJGgE_QHpf4FSVIovz_5c3fpg==

GET
H2 200 pessoa-de-bem-policia-trafico-jacarezinho.json Show response
json.gazetadopovo.com.br/vozes/luis-ernesto-lacombe/ 65 KB
10 KB 74ms
48ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/luis-ernesto-lacombe/pessoa-de-bem-policia-trafico-jacarezinho.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14f0423ec80a8cb8436d8ed32dca04fa035a9ad4ce415151062d244706e065f6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3f3124b4311677035888dd4913d5bc70"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 18:30:31 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: INN9JLhaKhVSpv3Y-5Zp5BVBMofNgLdZeHTQMqJUvzHN6jdcbgzJ7w==

GET
H2 200 pessoa-de-bem-policia-trafico-jacarezinho.json Show response
json.gazetadopovo.com.br/vozes/luis-ernesto-lacombe/ 65 KB
10 KB 62ms
37ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/luis-ernesto-lacombe/pessoa-de-bem-policia-trafico-jacarezinho.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14f0423ec80a8cb8436d8ed32dca04fa035a9ad4ce415151062d244706e065f6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3f3124b4311677035888dd4913d5bc70"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 18:30:31 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: o8boFu59qalqiZu-kHddoY62E2b7tvw5CJGkbfs3JTkNOH5Bf7A1jg==

GET
H2 200 vacinas-covid-butantan-fiocruz-paralisacao-da-producao.json Show response
json.gazetadopovo.com.br/republica/ 15 KB
4 KB 68ms
43ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/vacinas-covid-butantan-fiocruz-paralisacao-da-producao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3e33eae924ad2106ac122ba2a8a3f1a8e7c6fe28cbfbc0c974c2f577a3d69ed

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1dc86004b74131b0aba4e0e61d6b8e49"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:04:31 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: rAj4x1twm0SgqdyyH1RX7Xm3G1nuXM7IfoI9NdNeCzi5hHFW0lP4OA==

GET
H2 200 recusa-de-vacina-contra-covid-19-pode-gerar-justa-causa-decide-justica-do-trabalho.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/breves/ 17 KB
4 KB 69ms
45ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/breves/recusa-de-vacina-contra-covid-19-pode-gerar-justa-causa-decide-justica-do-trabalho.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5165f2800f8a97a40d9d0621279f65b0f74c64c03f069f77569b3a7ee661445d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e639876262f622b9386b4f19b0357f02"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 14:19:54 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: zoZJulO5c9tp6BOPIMooMq7FjFfdlyuxLkkwc-mf7FE5Wo5WPqlzHw==

GET
H2 200 maioria-do-stf-votam-para-execucao-do-censo-2022.json Show response
json.gazetadopovo.com.br/republica/breves/ 22 KB
5 KB 70ms
46ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/maioria-do-stf-votam-para-execucao-do-censo-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1787d30c7b57614a1da484249fc76c37ecc2689632e00d15b67a9323893a0da9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4a7ac0427b41ac340c6ccafcc160febc"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 20:26:26 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: vqNHi4NQZZPY9ntDNULUrmLFcXv8FvP6G4w4SKan2wiovdM04pTndA==

GET
H2 200 pix-cobranca-comeca-funcionar-brasil.json Show response
json.gazetadopovo.com.br/gazz-conecta/ 20 KB
4 KB 71ms
47ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/gazz-conecta/pix-cobranca-comeca-funcionar-brasil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 927370ca96008d4f1bd354184395ae799d15db183a2e8fc97ce4985132000b55

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1ab22b4fb5ddc4bfea96dfbcf3e9c218"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:19:43 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: fvU__iHwzIKIqaf-srbifN_icmozz6lfgDirsb1nS3usaTtMjye7eA==

GET
H2 200 huck-caminha-para-novo-contrato-com-a-globo-e-pode-nao-disputar-presidencia.json Show response
json.gazetadopovo.com.br/republica/breves/ 16 KB
4 KB 71ms
47ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/huck-caminha-para-novo-contrato-com-a-globo-e-pode-nao-disputar-presidencia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6df7ecbe045a73f8b8ed311209c62615a82f1ffbc2fe078d494c3fcabe663988

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1ac350a5e1be78487a5fa60dc444d4f7"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 13:12:13 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: wOHzl9IlL76-IhRptEhg2wJZ20uMnz6tSYpF1igk2EO615jUArXkqA==

GET
H2 200 rodrigo-garcia-troca-dem-psdb-doria.json Show response
json.gazetadopovo.com.br/republica/breves/ 17 KB
4 KB 77ms
55ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/rodrigo-garcia-troca-dem-psdb-doria.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c85e12c4e0afead9fb197776091f1dbde9d01529110ca3d5840fdc68dd9ad6b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"be10c2ffc10ab69f5170de8c1e1de3e0"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:44:48 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: P048G6YvPUdUv0pY77OgqSHNAU-J_CaVDHn8k07FfS26yHQTr0lACQ==

GET
H2 200 mortes-de-gravidas-ate-maio-de-2021-supera-todo-o-ano-de-2020.json Show response
www.semprefamilia.com.br/json/saude/ 17 KB
17 KB 600ms
548ms XHR
application/json 2600:9000:211a:b400:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/mortes-de-gravidas-ate-maio-de-2021-supera-todo-o-ano-de-2020.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7759db8c8da0bafd704c3b22034a0c445a9c273a605dee0dc7d05517d456f636

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
etag: "d3945b4b148145c444417963a6fe2718"
x-amz-cf-pop: VIE50-C2
x-cache: RefreshHit from cloudfront
content-length: 17065
last-modified: Fri, 14 May 2021 20:01:48 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:17 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: 97-t14NBNAP7O4sVDS8j8zBYX0S47nTCvYlNW1n5970TVzt6AEMH-A==

GET
H2 200 investigacao-ataque-creche-sc-insanidade-mental.json Show response
json.gazetadopovo.com.br/republica/breves/ 16 KB
4 KB 66ms
44ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/investigacao-ataque-creche-sc-insanidade-mental.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1456ae4c1cab243608aabf692d71b64f76238cbf392d5e5343e1ae59e072ae34

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"881f1bc7f82a945d3748f4c24768d0b7"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:45:10 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: JAOxZojulqv7z-TpPZzrqUryJCvjEjckX9ofDeIi6YmIsJDPlsypIA==

GET
H2 200 curitiba-vacina-contra-covid-pessoas-51-anos-comorbidades.json Show response
json.gazetadopovo.com.br/curitiba/ 20 KB
5 KB 66ms
45ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/curitiba/curitiba-vacina-contra-covid-pessoas-51-anos-comorbidades.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80703c852a090d76117e0966facfbd8405852c7c26d322e1c6035870756293c7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d26a775ee8a9181263510af70b05d28f"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 20:43:30 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: k6XnHe0Fd_Rv-dkwT2qdHiJvWNQVwTvssczFITjlWxc0Dk8Sfm24uw==

GET
H2 200 casos-confirmados-coronavirus-boletim-sesa-14-05-2021.json Show response
json.gazetadopovo.com.br/parana/breves/ 19 KB
4 KB 65ms
45ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/breves/casos-confirmados-coronavirus-boletim-sesa-14-05-2021.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 466b63bc739c4058a11b3f3833951a511607727bc8a9434348ea56f557667e53

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9e82d277a6e46c11d73ac4c92d261f07"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 18:51:48 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: nhMuFZdAe02VO-2nhittvpOX8MfgDNkcjfVn39ijH6k1eNkwQpBhNw==

GET
H2 200 curitiba-registra-novo-perfil-internados-covid.json Show response
json.gazetadopovo.com.br/curitiba/ 16 KB
4 KB 64ms
44ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/curitiba/curitiba-registra-novo-perfil-internados-covid.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 395a94187831774a94fd00c542682ecc497896d074620cb614068d0a3fed3e37

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"03bbad8d07687323c67630136df746b0"
age: 33
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 00:01:25 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:19:43 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: sZ2qSK8DKVxJ3OzTIeK-PfzBFRO04BwOnCqUxQAuzFYfz18GY7bY2g==

GET
H2 200 governo-parana-decreto-medidas-restritivas-pandemia-coronavirus.json Show response
json.gazetadopovo.com.br/parana/ 21 KB
6 KB 67ms
48ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/governo-parana-decreto-medidas-restritivas-pandemia-coronavirus.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56beef9225a16124caf0ace09bd7a74e39d1133af314b8c0203e641e176e5c82

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"77eb9d5ae7949da810793c71cf77ec1c"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 20:19:04 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: iB2cO3T_4-RnX6PV-s3RuWKuCYTKYG86qrmRSGz8ZInXfqwYlPw40g==

GET
H2 200 gas-natural-industria-quer-participar-novo-contrato.json Show response
json.gazetadopovo.com.br/parana/ 30 KB
7 KB 68ms
49ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/gas-natural-industria-quer-participar-novo-contrato.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2c4bbea0a24d1787b10b390e43c898b94666054f438aed545a07fed23da3cbc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1c27389e70a35f81bf84fcb16287e0c9"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 12:14:16 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: XSAMi0h18GwRVs2uuG4t5GISywbJgaE9JIQJtSq1KHsWYOwtm-F6BA==

GET
H2 200 curitiba-ganha-maior-jardim-de-esculturas-do-brasil-memorial-paranista-joao-turin.json Show response
json.gazetadopovo.com.br/haus/arquitetura/ 149 KB
12 KB 68ms
49ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/haus/arquitetura/curitiba-ganha-maior-jardim-de-esculturas-do-brasil-memorial-paranista-joao-turin.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0c4c91151f68acb0575709f749d075394b36ff4f6bdaa85e1a46a5bfe34274

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"39de759560264af7c13213c4289b9d7e"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 15:52:21 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: eFkgVSjhTjbGeOzLYzQ7kNilsCFjClq7QSXE7lg8iUES4K8UtvOepQ==

GET
H2 200 arte-na-cidade-panorama-geral-do-cenario-cultural-de-curitiba.json Show response
json.gazetadopovo.com.br/pino/ 90 KB
16 KB 64ms
45ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/pino/arte-na-cidade-panorama-geral-do-cenario-cultural-de-curitiba.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a15e7f11f5fca5aac1bf66295da8c0b91d0aba36bc9de38fe55bdc5edbfcc7c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9e5248578951d78f47d3039a7c8a51d7"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 20:43:30 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: vm7gMi4_rCemEh1fQ5-oVhwWihPvan2XpFsih8t-MmevWaTkme7MsQ==

GET
H2 200 mrv-intensifica-lancamentos-no-parana-e-aposta-em-cidades-da-regiao-norte.json Show response
json.gazetadopovo.com.br/vozes/parana-sa/ 63 KB
8 KB 67ms
49ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/parana-sa/mrv-intensifica-lancamentos-no-parana-e-aposta-em-cidades-da-regiao-norte.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1239b36b4c819d0db0be3f49f55017fac8006d4243f013ed6c03ba1dfaab4a2f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"693a47f9e0422a0877ccf44b1e1a8ebe"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 18:34:29 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: LMZ5zCmgj_GXTjbajiNRzk6Zu1x8KDQGrZXWez9zs71oxPjGsYTz-A==

GET fc-cascavel-pede-efeito-suspensivo-no-stjd-e-estadual-corre-risco-de-paralisacao.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/campeonatos/paranaense/ 0
0

GET paranaense-suspensao-cascavel-cr-mata-mata.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/campeonatos/paranaense/ 0
0

GET rio-branco-x-coritiba-coxa-tem-volta-de-titulares-na-escalacao.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/ 0
0

GET coritiba-r-4-milhoes-matheus-cunha.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/ 0
0

GET escalacoes-parana-operario-desfalques-times.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/parana-clube/ 0
0

GET carneiro-neto-chegou-a-hora-de-o-athletico-mostrar-sua-cara.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/ 0
0

GET aucas-vence-e-segura-o-melgar-no-grupo-do-athletico-torcedores.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/ 0
0

GET
H2 200 mundo-bom-gourmet-mundo-livre-fm.json Show response
json.gazetadopovo.com.br/bomgourmet/tendencias/ 23 KB
4 KB 67ms
52ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/bomgourmet/tendencias/mundo-bom-gourmet-mundo-livre-fm.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a86b3aac4a20cb62d1d0aaf219216caadc478f80175c970be2267d0dc2347c0c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9abcde1a046cc4e091d44d35e3001380"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 20:10:26 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: -kfyE3yTN2LFVxjcYESDLJUqqrfO9b7dPSba8mu3G8FdZ5tqHJd_gA==

GET
H2 200 texto-unico-fatiado-rumos-reforma-tributaria-congresso.json Show response
json.gazetadopovo.com.br/economia/ 29 KB
7 KB 65ms
51ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/texto-unico-fatiado-rumos-reforma-tributaria-congresso.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59df371bf5a3fe381933993836f515e64c8b8f0b0d81b04a417c645700b6d369

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"015495f22ec0beb9be3c411ca8b0f723"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 10:50:06 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: mdB38cuLMGVmUoFKViKCVgsfWGo3RBiJv2PEEONL8TUBzdV2MxnaPg==

GET
H2 200 pf-troca-superintendentes-em-8-estados-e-distrito-federal.json Show response
json.gazetadopovo.com.br/republica/breves/ 14 KB
3 KB 66ms
52ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/pf-troca-superintendentes-em-8-estados-e-distrito-federal.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb9c4f797f49f770331b0ef661e6914e33461c7a34ad1d3934ae54957dac0163

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"366d274c67d79d05e45790bf349282a5"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:27:29 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: JlWnAoanrwBxKYEELpDigKRvOtIAKJfe0pXqz_WCkp7XvZiRnP88TA==

GET
H2 200 mourao-diz-que-alteracao-no-licenciamento-ambiental-e-medida-de-desburocratizacao.json Show response
json.gazetadopovo.com.br/republica/breves/ 15 KB
4 KB 68ms
54ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/mourao-diz-que-alteracao-no-licenciamento-ambiental-e-medida-de-desburocratizacao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cff8204d026661543e2c7e4945d824871a987a85c27336a91cc4bdcece788ba

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d25c7d7b465cca77a14a59262f5f8401"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 14:27:44 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: fpIblmK-7RsKF6YnZqb_ORM7AqZxt36MAErj6jdthE_idKvUwE5ubw==

GET
H2 200 unica-certeza-que-temos-mudanca.json Show response
json.gazetadopovo.com.br/vozes/nova-economia-com-joao-kepler/ 66 KB
9 KB 64ms
52ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/nova-economia-com-joao-kepler/unica-certeza-que-temos-mudanca.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4294e6162abad6a414ca4c2040e353a7b77af05a64b5dfa1e9de3a094d4277cd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"509f37b6e6e95109d0e0d660d8b48839"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 16:59:57 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ATmTYGRCvYwdvAz2quyT7iremAgbP3UjnZNPOuJ9ljXPqnL84ckM8A==

GET
H2 200 e-commerce-docile-aumento-consumo-indulgencia.json Show response
json.gazetadopovo.com.br/bomgourmet/negocios-e-franquias/ 36 KB
6 KB 65ms
53ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/bomgourmet/negocios-e-franquias/e-commerce-docile-aumento-consumo-indulgencia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfaec9d4683bee495cf7a343719fea1838892747070d3f5844eb535e9f1043d1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"915d2a67a03b7945ecba0141d94489da"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 13:10:46 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 05tZ-gY3zOuSqoftXRrOq0HLWpXOZ-acqCTxZTuqF3JQC0Cx7uG3aw==

GET selecao-convocacao-ao-vivo-acompanhe.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/futebol/ 0
0

GET jardine-convoca-abner-do-athletico-para-a-selecao-olimpica-veja-lista.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/futebol/ 0
0

GET
H2 200 a-administracao-biden-zomba-da-sabedoria-dos-antigos.json Show response
json.gazetadopovo.com.br/ideias/ 18 KB
5 KB 69ms
58ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/a-administracao-biden-zomba-da-sabedoria-dos-antigos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31bfdda51e6285e41e3aaca520a7408df73abff1337d0d66ca683bd0154d574b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1323280c433e16977375d6d3ad63f3d6"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:55:56 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 8Bm12WfuiMbRUTiR_kAJkuMyWIy2mYYflZvyp0Gj4mGbQ6zG-PnJpg==

GET
H2 200 em-tres-sessoes-comissao-da-anistia-vai-analisar-820-pedidos-de-indenizacao.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/breves/ 18 KB
4 KB 65ms
54ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/breves/em-tres-sessoes-comissao-da-anistia-vai-analisar-820-pedidos-de-indenizacao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef7710bb2689aa833157f10a000490f601f98da0d1264327db0f661cc2bc5c59

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b65935b778d50927ae0648c66dc2ccfb"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:00:58 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: flmYqYrwx3R-mYa-pZ7mcn4Mt7jzl-2X2t3gYeijwLt7BCjYbFfssw==

GET
H2 200 cidade-de-pernambuco-promove-2o-festival-pro-vida-online.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/breves/ 15 KB
4 KB 76ms
66ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/breves/cidade-de-pernambuco-promove-2o-festival-pro-vida-online.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a69449df719f82093480256440555f0b8ae379c0684688706903dee6afd40da

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:16:17 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 239
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:14:50 GMT
server: AmazonS3
etag: W/"3a716c0cf2dca657596bfa23d7bae97c"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
content-type: application/json
x-amz-cf-id: w6ix0ZLnA-pDq5d6hJUPk06YNR1GpXC_ZSqXvGvsqyC-2ccqIsRW7Q==

GET
H2 200 cancelamento-classicos.json Show response
json.gazetadopovo.com.br/ideias/ 20 KB
6 KB 66ms
57ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/cancelamento-classicos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ee816da0a15b921ef5177f4d8f86f7e242195d2af6f957e54536a45b4e1ef1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"3aed37c22e9c55a26ca19fbe19f2a5c7"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 18:01:14 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: QNleqCkumt80QnBRpOCNkY0XLszOJjpP0huzkdFoc9BkZgr1OmjnMg==

GET
H2 200 flavio-bolsonaro-renan-calheiros-vagabundo.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 65 KB
10 KB 65ms
56ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/flavio-bolsonaro-renan-calheiros-vagabundo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b61732db2252c5000c223750a5fde6d290135839617aece803ad5026de775851

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a3c9ca5aa585b4197c27abadc611c939"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 16:12:33 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: DLDI4Yzx7c1Bs8FQxkR7yybXgMzFPJuujsJSrYVVd5f3hvKXRDj71Q==

GET
H2 200 quando-se-tornou-comum-chamar-de-fascista-qualquer-um-que-nao-seja-extrema-esquerda.json Show response
json.gazetadopovo.com.br/ideias/ 38 KB
8 KB 68ms
59ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/quando-se-tornou-comum-chamar-de-fascista-qualquer-um-que-nao-seja-extrema-esquerda.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d17c1b927bf5aba2498c98a958a48132ed6b2639b6f91fb222f994b017f520ac

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ae7976feb950804c04ff8fa003140833"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 15:28:54 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: DmUnQFUSk2V4qHpvsI_kAiqx3a3io8JoOZpuJd6xheLq4BumyN39aA==

GET
H2 200 leitor-pare-de-bater-na-sua-mae.json Show response
json.gazetadopovo.com.br/vozes/bruna-frascolla/ 68 KB
11 KB 75ms
66ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/bruna-frascolla/leitor-pare-de-bater-na-sua-mae.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c2a735c02b323ab7ce99fc8809019769dd053c420982d43db03df4834a262d7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d851c86f0a147da2a333334a20d1e133"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 14:14:39 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 7uvqR7rINK0VYI4VfTJVDYjb16jqgwhybyJOYh4tmmgFhJYgNE6-EA==

GET
H2 200 nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade.json Show response
www.semprefamilia.com.br/json/saude/ 20 KB
21 KB 470ms
432ms XHR
application/json 2600:9000:211a:b400:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/nao-e-so-o-acucar-conheca-mais-alimentos-que-tambem-aumentam-a-ansiedade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d6fe15fe35d33f37ea9711b85b071960d8aff36e275f19b4c2463143a1715cc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
etag: "525fcfaaa899b04395aa1c8da3c52a5f"
x-amz-cf-pop: VIE50-C2
x-cache: RefreshHit from cloudfront
content-length: 20873
last-modified: Fri, 14 May 2021 12:27:45 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:16 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: n_DPDrI7Cv9DijDzjB_ShxBn1Sa1HUsZH8eKdx1KAWbjiHb9XNUP0w==

GET
H2 200 comunicacao-assertiva-dentro-do-casamento-como-falar-e-ser-realmente-ouvido-pelo-outro.json Show response
www.semprefamilia.com.br/json/casamento-e-compromisso/ 23 KB
24 KB 515ms
478ms XHR
application/json 2600:9000:211a:b400:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/casamento-e-compromisso/comunicacao-assertiva-dentro-do-casamento-como-falar-e-ser-realmente-ouvido-pelo-outro.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6ee798d37136ab6f224fc050be6177284eabaa2d1655969598a9cc1113413f9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
etag: "21cc33d26ac38ce0723516e8e5a829ee"
x-amz-cf-pop: VIE50-C2
x-cache: RefreshHit from cloudfront
content-length: 23875
last-modified: Thu, 13 May 2021 19:33:20 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:17 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: qaePYCQBn513RXz461z8McPHR5NgUb5jdHdy3-3LcVvRhjUglP4m3w==

GET
H2 200 perfil-genetico-torna-paciente-mais-suscetivel-a-covid-19-diz-estudo.json Show response
www.semprefamilia.com.br/json/saude/ 19 KB
19 KB 475ms
440ms XHR
application/json 2600:9000:211a:b400:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/perfil-genetico-torna-paciente-mais-suscetivel-a-covid-19-diz-estudo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f9907a3b9fec959cbb6fb52f357f3f861bc26bab4f2a40ffecd8e2d9741703d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
etag: "39e5406ecd0e81cfad2aeaeaea4dc6ce"
x-amz-cf-pop: VIE50-C2
x-cache: RefreshHit from cloudfront
content-length: 19115
last-modified: Thu, 13 May 2021 18:18:37 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:16 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: ezpZE_OgO0HA5L6UGpwwTtiYavSsmJNbX9P1k-QnB63Ptw7di2_DMA==

GET
H2 200 refluxo-e-fator-para-maior-probabilidade-de-cancer-de-esofago.json Show response
www.semprefamilia.com.br/json/saude/ 21 KB
22 KB 497ms
462ms XHR
application/json 2600:9000:211a:b400:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/refluxo-e-fator-para-maior-probabilidade-de-cancer-de-esofago.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 514bace22806bab147f52ba18cbc1cb6c0672409da466b71d2799aa6b464f4a0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 4de71b0a42267b098ed30fff0d8a660a.cloudfront.net (CloudFront)
etag: "588e31a0331aafd283c39226690c6eca"
x-amz-cf-pop: VIE50-C2
x-cache: RefreshHit from cloudfront
content-length: 21982
last-modified: Thu, 13 May 2021 12:22:18 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:17 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: xSoqvAGimebzVYiOhP1Ztlb36G1V1ms7POfDmdw6BqImOdF364X6IA==

GET
H2 200 ideias-198-era-das-trevas-a-verdadeira-historia-da-iluminada-idade-media.json Show response
json.gazetadopovo.com.br/ideias/ 14 KB
3 KB 60ms
55ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/ideias-198-era-das-trevas-a-verdadeira-historia-da-iluminada-idade-media.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7f3f11c7dc946d768710ef63ab41344d69f8112d19123c346d3f56fcc95e1b5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"794a24fe1498df04f2ed24e07c3f9021"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:18:52 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: uJ4pmd2jOl3cZbRddqgoOv575Ec2fqhgKCuCO_dVDycld69HvyQwow==

GET
H2 200 lava-jato-stf-congresso-contra-ataque.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 58ms
54ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lava-jato-stf-congresso-contra-ataque.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acd98206b576b8f71d5f658eba383fe662814156290ab60c56f9e63935df618f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1396c90ebbe44657c5740335cb7e4f46"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 14:14:16 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: O4u5qgRsLJdEme1I3PFfiy9oiHKT6SK1q-cyLXOcj-oihHhfKnEkdw==

GET
H2 200 quarentena-cult-50-o-tigre-branco-mostra-a-ascensao-financeira-num-mundo-sem-moral.json Show response
json.gazetadopovo.com.br/ideias/ 14 KB
3 KB 68ms
65ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/quarentena-cult-50-o-tigre-branco-mostra-a-ascensao-financeira-num-mundo-sem-moral.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6437fefcd5a8ed1fc150bcb0cb5beeea3dc6346a68b2bcb773a6efe0ca95265a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c7d11cf5ec1546c6c778ce99d60e4ea8"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:28:49 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 6PXRk4MW9_m9Mr2qy4BPiiuwRweYH6gzVDaSDObZBQM6RNuVuX4FQw==

GET
H2 200 lula-lava-jato-operacao-historia.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 61ms
58ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/lula-lava-jato-operacao-historia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10ebb3e0760ada317a54cba370a08d133552db2caee5b7e6acf4f52a641eecc1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"7948ed8bdcb7e206658bc677bbb05c5a"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 19:33:25 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: yVJhDaT8BqE9gUcr-9sqsApYn03lAKNetqGpPaShZ0nWfmtsGf9iaA==

GET
H2 200 historia-lava-jato-prisao-empreiteiros-politicos.json Show response
json.gazetadopovo.com.br/republica/ 20 KB
5 KB 59ms
57ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/historia-lava-jato-prisao-empreiteiros-politicos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc054e0b4c733e72b82622b2c82b7a6decc18d83e9133952b906ecb6eb4943ae

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ecddcd034ad89b96bbbc5e34f87d8128"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 18:58:20 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ppBJywmqbU-Fosz6KuWm3y1E-Q5JD6SkH06QUcQDSNo6DuGAIgh3zA==

GET
H2 200 produzir-insumos-para-vacina-contra-a-covid-19.json Show response
json.gazetadopovo.com.br/republica/ 22 KB
5 KB 60ms
58ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/produzir-insumos-para-vacina-contra-a-covid-19.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c45936acb85087e8a5ae92fc4ebc184e7d08ed6227541427a3bb62caa9b2922

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4ebf1d9173ac9dbe78f7507f160db0c1"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 19:14:11 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jwo2dbxZAR2Q5EBBBqYyd2TiLSELlqf8sQS0PzMYfnQkZSTRiAx6mQ==

GET
H2 200 defesa-da-vida-jovens-se-unem-para-salvar-bebes-da-cultura-do-aborto.json Show response
json.gazetadopovo.com.br/vozes/cristina-graeml/ 77 KB
13 KB 60ms
58ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cristina-graeml/defesa-da-vida-jovens-se-unem-para-salvar-bebes-da-cultura-do-aborto.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75546486c61ac18ce6730ab1e1b8b091598cf8e17eb226628c713c45dd77b3a4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6c3da31d169069e19251c46b7d2b6bea"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 22:08:44 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: kv_KhAkuUCmh5yuoVAMqmfTZ497SATfH13lQ3488yfmTyfdCoSysBA==

GET
H2 200 lula-x-bolsonaro-um-pais-dividido.json Show response
json.gazetadopovo.com.br/vozes/alexandre-borges/ 58 KB
7 KB 62ms
61ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-borges/lula-x-bolsonaro-um-pais-dividido.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6d5c75ef2890b569b6f795bead913ea2b87ee173cfb7547af76d543b1d46757

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9b3e42227f5de16855758ce85d7656d2"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 16:03:51 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 3ZSvStJVv_azxIRrusR0fe_-R19X8fBEWXf23gDF_o3azmZ1Yx6eJA==

GET
H2 200 o-que-explica-a-briga-interna-no-mercosul.json Show response
json.gazetadopovo.com.br/republica/ 21 KB
4 KB 63ms
61ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/o-que-explica-a-briga-interna-no-mercosul.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a21525f3b01371cf5cd313f733dee7148a4c0d9fe7126384aed6fa3aeb9b0c29

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"12e437155dac6bd985d95e96df6a4825"
age: 239
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 12:19:31 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:16:17 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: qmmhwzUrkZomxbxrfKe4y0nj35ZJ_QUA3NixNflxgySOXg2mgxKAgg==

GET
H2 200 8-leiloes-setor-saneamento-31-bilhoes-2021-2022.json Show response
json.gazetadopovo.com.br/economia/ 27 KB
7 KB 58ms
56ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/8-leiloes-setor-saneamento-31-bilhoes-2021-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33b3ec1b600ad6625d0e55a3acf2e1c5cfcf9ffd503d2b2dd4cd7bbd112a4c2e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e812e9dda5cc90301569874862c8d2e4"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:56:56 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: QegxIKSLdpB8n693UcQCifJKeljsGFhvTh7GAl7DEUJfnsArNJwtAw==

GET
H2 200 texto-unico-fatiado-rumos-reforma-tributaria-congresso.json Show response
json.gazetadopovo.com.br/economia/ 29 KB
7 KB 54ms
53ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/texto-unico-fatiado-rumos-reforma-tributaria-congresso.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59df371bf5a3fe381933993836f515e64c8b8f0b0d81b04a417c645700b6d369

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"015495f22ec0beb9be3c411ca8b0f723"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 10:50:06 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 5JBw5Vr-WeHbaeyGqlCj-MzBZlYCZcOTyZt4dmm3b-lNl0JiaAbqlA==

GET
H2 200 privatizacao-eletrobras-relatorio-medida-provisoria-idas-vindas.json Show response
json.gazetadopovo.com.br/economia/ 38 KB
9 KB 59ms
58ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/privatizacao-eletrobras-relatorio-medida-provisoria-idas-vindas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c15f3c137dbf8e1c26ec2f2820e22a7eaec4f5478df4f332a61247e21834e570

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"925bf24634e818327fd6499e70310cd2"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 15:51:41 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Pi-BfchSbBF8CdLET0LAGB_bOyEIWcsUZO7yK1P2xAtEnNsBYl5_9Q==

GET
H2 200 pt-negociacoes-com-partidos-que-apoiaram-impeachment-de-dilma.json Show response
json.gazetadopovo.com.br/republica/ 35 KB
7 KB 61ms
61ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/pt-negociacoes-com-partidos-que-apoiaram-impeachment-de-dilma.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61ebdcfc029336852d749f06fd3d15752e5b5ff11714dd35a3953859fdb4be81

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a5f5e45b362df79b01e83ec9e0973b9b"
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 13:04:47 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: DX1xoBuH_ReJLW86hFpveCBuCHgPCtnt8i1prN4yIYMzhKTaZBHpGQ==

GET cxense.json
apps.gazetadopovo.com.br/cxense/ 0
0

GET
H2 200 / Show response
comments.gazetadopovo.com.br/content/count/comments/ 2 KB
3 KB 163ms
163ms XHR
application/json 2600:9000:211a:e00:4:5c96:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%2268629ee0-b4eb-11eb-80a9-d7630b3898f0%22,%227192a5d0-b4f7-11eb-b497-2b2353b9a2f3%22,%2242b9bb30-b7b6-11e9-96d3-6195e13c2fd4%22,%22541432b0-b4cc-11eb-a5e9-572d78fb9593%22,%22808e2860-b4c1-11eb-a9ed-898d61679f0e%22,%22c54518d0-b4f1-11eb-beb9-31e7484add5a%22,%2223182130-b4e0-11eb-b17a-b3a0b02878ce%22,%2248ad61b0-b4d8-11eb-893d-bfc914b5ec37%22,%223276b1e0-b4d7-11eb-a5e9-572d78fb9593%22,%22976a5a70-b4d7-11eb-a5e9-572d78fb9593%22,%227501e880-b4e2-11eb-b17a-b3a0b02878ce%22,%22cacb2c90-b4e7-11eb-80a9-d7630b3898f0%22,%22b5132ad0-b4b3-11eb-8141-453b26660345%22,%222cf77390-b4ef-11eb-beb9-31e7484add5a%22,%22d986be20-b4ec-11eb-80a9-d7630b3898f0%22,%22ffe37a10-b4f4-11eb-beb9-31e7484add5a%22,%22653eb150-b4e5-11eb-80a9-d7630b3898f0%22,%2234e05580-b4f0-11eb-80a9-d7630b3898f0%22,%223cd424d0-b4ad-11eb-a4b4-871cc25db5a5%22,%2251ef56e0-b4cc-11eb-a5e9-572d78fb9593%22,%22f9ec8cd0-b4e2-11eb-bb1b-3ff4c1ce9ad4%22,%2298820370-b4c0-11eb-b7d5-37c03f3b7778%22,%2249648970-b4e8-11eb-80a9-d7630b3898f0%22,%2246e77b80-b4e8-11eb-80a9-d7630b3898f0%22,%22eb138c30-b4b1-11eb-b7d5-37c03f3b7778%22,%222d1618c0-b4e7-11eb-80a9-d7630b3898f0%22,%22608c6990-b445-11eb-996a-57f8a776742d%22,%223facd8c0-b4d8-11eb-893d-bfc914b5ec37%22,%226903e900-b41c-11eb-8d21-55e545bfcd50%22,%22c0a98ef0-b4b5-11eb-b7d5-37c03f3b7778%22,%22f9d66140-b428-11eb-875b-7746cbd8ec2f%22,%22cacf07c0-b424-11eb-84fb-6f574c5dc335%22,%22c6f49400-b4e5-11eb-bb1b-3ff4c1ce9ad4%22,%22ddd80820-b4f2-11eb-beb9-31e7484add5a%22,%22a5c71960-b34b-11eb-abee-03f5385d5ff5%22,%221a655b40-b3fd-11eb-a187-db5066d085d8%22,%227f65d320-b34f-11eb-9e49-ed09bdae7c6a%22,%2256cab430-b32c-11eb-a9f4-171e5a40a72b%22,%2295da72d0-b4af-11eb-b7d5-37c03f3b7778%22,%22073d07a0-b422-11eb-84fb-6f574c5dc335%22,%2200122a10-b417-11eb-8d21-55e545bfcd50%22,%22d04afc70-b3e5-11eb-8e1e-696d85600db1%22,%226e8ae520-b428-11eb-875b-7746cbd8ec2f%22,%227f93bc80-b3f5-11eb-bfa9-6d75d86756d2%22,%22b0a61680-b420-11eb-84fb-6f574c5dc335%22,%2232608ea0-b262-11eb-9664-8bedfda48389%22,%2220920d30-b25c-11eb-a8f5-cf15ee40fcd5%22,%226597b8c0-b41f-11eb-8d21-55e545bfcd50%22,%22731cc630-b360-11eb-a21b-751ed1246604%22,%22a40845a0-b33b-11eb-8284-272359f31f7c%22,%224d353180-b31c-11eb-b2f2-a9b0dc1a9d89%22]
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:e00:4:5c96:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 4023d551d192c8216628d45cf7f363a9f8b8b686e72973f3ee19c5e3e17517a8

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront), 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
etag: W/"8dc-6AhVXcN95vSavGCFI6WWT3CLbMc"
x-amzn-remapped-content-length: 2268
x-amzn-remapped-date: Fri, 14 May 2021 21:20:16 GMT
x-amz-cf-pop: VIE50-C2, VIE50-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fVluiE0coAMFVRA=
content-length: 2268
x-amzn-requestid: 12bba6f8-c767-4533-ad2f-b5330a01184d
x-amzn-trace-id: Root=1-609ee990-3422ef271f4a23221cc1b147;Sampled=0
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: LAfMXouIyFWAXbAYvWZdBXfKTgG39gOurAQRzXGg1tvrxf2LWvUgpg==
x-amzn-remapped-connection: close

GET
H2 200 saiba-agora.json Show response
www.gazetadopovo.com.br/json/ 48 KB
7 KB 403ms
398ms XHR
application/json 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/saiba-agora.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4aa78711c45fc339506b71571783052946207f63cff4121ad09224fe7c61bf4a

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1622044111.1621027213; _gid=GA1.3.1523808297.1621027213; _gat=1; _gcl_au=1.1.4886979.1621027213; cX_S=kootqz1tsnd76yb9; cX_P=kootqz1vibwnzest; _gat_UA-23088598-1=1; _fbp=fb.2.1621027213624.1717082381; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQqjbw0jme_suH8GZlRkYLrgbt-bv_oPzWlCPNuj65WgbBdNDcNXOlKQKkrSKLF0A6ZiZsjmSrH58QAulSvUNMK0XFSI1pW_JmoNsYrxPQKSl_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=3bf4e6f7-6959-4a55-8658-f87966bcff25; _hjFirstSeen=1; _gat_trackerInfocoder=1; __pvi=%7B%22id%22%3A%22v-2021-05-14-23-20-13-694-BE8FV6Sla533f0CB-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621027214620%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_TKTID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/saiba-agora.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 14 May 2021 19:04:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"22809ebf16e07966ebda2c4e0e3335ba"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Fri, 14 May 2021 21:20:17 GMT
x-amz-cf-id: HA8xjVUt-FAh_JE9cjkBv-DGpzgbN24Rsp-1xdzGtF2SI9fBtC9NfA==

GET
H2 200 mais-lidas.json Show response
www.gazetadopovo.com.br/json/ 2 KB
1 KB 412ms
407ms XHR
application/json 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/mais-lidas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77ff5a3dff4d011736dd855a064d5b952fc34e27937970453b827e4f45b42fd0

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1622044111.1621027213; _gid=GA1.3.1523808297.1621027213; _gat=1; _gcl_au=1.1.4886979.1621027213; cX_S=kootqz1tsnd76yb9; cX_P=kootqz1vibwnzest; _gat_UA-23088598-1=1; _fbp=fb.2.1621027213624.1717082381; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQqjbw0jme_suH8GZlRkYLrgbt-bv_oPzWlCPNuj65WgbBdNDcNXOlKQKkrSKLF0A6ZiZsjmSrH58QAulSvUNMK0XFSI1pW_JmoNsYrxPQKSl_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=3bf4e6f7-6959-4a55-8658-f87966bcff25; _hjFirstSeen=1; _gat_trackerInfocoder=1; __pvi=%7B%22id%22%3A%22v-2021-05-14-23-20-13-694-BE8FV6Sla533f0CB-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621027214620%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_TKTID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/mais-lidas.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:17 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 21:19:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"c7da85613a205632021db8192ef0247a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
x-amz-version-id: null
x-amz-cf-id: d_b20GtuSdL12hjKZQ2t2-CYrYMrNe9YkCDvPtO401BSW9621mD0fA==

GET
H2 200 config.json Show response
www.gazetadopovo.com.br/json/ 59 KB
7 KB 14ms
13ms XHR
application/json 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/config.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0071c7a900a92904c5b673d2ae6b025d09a732028ebc2929e089628edbd0c64a

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1622044111.1621027213; _gid=GA1.3.1523808297.1621027213; _gat=1; _gcl_au=1.1.4886979.1621027213; cX_S=kootqz1tsnd76yb9; cX_P=kootqz1vibwnzest; _gat_UA-23088598-1=1; _fbp=fb.2.1621027213624.1717082381; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQqjbw0jme_suH8GZlRkYLrgbt-bv_oPzWlCPNuj65WgbBdNDcNXOlKQKkrSKLF0A6ZiZsjmSrH58QAulSvUNMK0XFSI1pW_JmoNsYrxPQKSl_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=3bf4e6f7-6959-4a55-8658-f87966bcff25; _hjFirstSeen=1; _gat_trackerInfocoder=1; __pvi=%7B%22id%22%3A%22v-2021-05-14-23-20-13-694-BE8FV6Sla533f0CB-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621027214620%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_TKTID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/config.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 13 May 2021 21:13:38 GMT
server: AmazonS3
age: 43
etag: W/"4daeb589c170de247d95656d19bd392a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
date: Fri, 14 May 2021 21:19:33 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 03FqSPDDqyRm76wPv1QjJJneNzUSgu6hzCiSO1TssohCoWnb1T3KGQ==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 190ms
190ms XHR
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 688e988524e58814d1eff0c0a0cba700961b8abb3fc2655cc10a8fb6814d6605

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
etag: W/"4df-8aKYLERbIJzZ1pNDWFoSwLDPddw"
x-amzn-remapped-content-length: 1247
x-amzn-remapped-date: Fri, 14 May 2021 21:20:16 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fVluiFMeoAMFodw=
content-length: 1247
x-amzn-requestid: 4c210756-d583-47a0-81d9-9d5f08728521
x-amzn-trace-id: Root=1-609ee990-053981065b6c51b34d9e1a6f;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: WW5C0U7OgGrsjxziA-lj25AhtkSJMXmtYlYJ63UL7PQtQaYYTrBmAw==
x-amzn-remapped-connection: close

GET
H2 200 reactions-rank.json Show response
www.gazetadopovo.com.br/json/ 12 KB
4 KB 409ms
409ms XHR
application/json 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/reactions-rank.json?_=1621027213418
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1ca1ef0c827c87b8e042a49a16eda97c774fe261e69a2f4bfbe2f17c400ad9f

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1622044111.1621027213; _gid=GA1.3.1523808297.1621027213; _gat=1; _gcl_au=1.1.4886979.1621027213; cX_S=kootqz1tsnd76yb9; cX_P=kootqz1vibwnzest; _gat_UA-23088598-1=1; _fbp=fb.2.1621027213624.1717082381; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQqjbw0jme_suH8GZlRkYLrgbt-bv_oPzWlCPNuj65WgbBdNDcNXOlKQKkrSKLF0A6ZiZsjmSrH58QAulSvUNMK0XFSI1pW_JmoNsYrxPQKSl_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=3bf4e6f7-6959-4a55-8658-f87966bcff25; _hjFirstSeen=1; _gat_trackerInfocoder=1; __pvi=%7B%22id%22%3A%22v-2021-05-14-23-20-13-694-BE8FV6Sla533f0CB-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621027214620%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_TKTID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/reactions-rank.json?_=1621027213418
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:17 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 21:19:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"88867caa9354914b5cbc35864d6b00f4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
content-type: application/json
x-amz-cf-id: wtdOecD58HqQq_N3acSH8uNrABQ-pWjQ1wC3-w7VnseOm2e28Pte2g==

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 164 KB
30 KB 26ms
8ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-b3eeb35c5cd968c95b53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 93c29356b85925ff806adbda076c942a77335fecee4715df51b86f50ba64082d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:51:47 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 19:52:28 GMT
server: marrakesh 1.16.6
age: 1708
etag: c9f18369ec081ccab71eb48cf99e40a5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 30230
x-amz-cf-id: jtBC4ns07dPYVKYVf0V4I_RZsRMlFxa2YGZXqnhfq-QKz0GQmAmoJw==
expires: Fri, 14 May 2021 21:51:47 GMT

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
457 B 22ms
21ms Image
image/png 2600:9000:206e:5e00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5e00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 8175731
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: pozIMhhmXVhUG8-1PuHtCNDYnF5xR9ZSogLYjcqbNqxXhcPBEv1n4w==

GET
H2 200 escolha-do-editor.json Show response
www.gazetadopovo.com.br/json/ 52 KB
8 KB 415ms
415ms XHR
application/json 2600:9000:20eb:2800:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/escolha-do-editor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2800:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 699bbb6103429ae6c5982e7e2e98024c1d598a677ead87041f86ea109327ab97

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1622044111.1621027213; _gid=GA1.3.1523808297.1621027213; _gat=1; _gcl_au=1.1.4886979.1621027213; cX_S=kootqz1tsnd76yb9; cX_P=kootqz1vibwnzest; _gat_UA-23088598-1=1; _fbp=fb.2.1621027213624.1717082381; __tbc=%7Bjzx%7DmTYUm08lJyHEWAs9ALXKQqjbw0jme_suH8GZlRkYLrgbt-bv_oPzWlCPNuj65WgbBdNDcNXOlKQKkrSKLF0A6ZiZsjmSrH58QAulSvUNMK0XFSI1pW_JmoNsYrxPQKSl_ClXXX7wZd7xhwozNxHCCQ; __pat=-10800000; _hjTLDTest=1; _hjid=3bf4e6f7-6959-4a55-8658-f87966bcff25; _hjFirstSeen=1; _gat_trackerInfocoder=1; __pvi=%7B%22id%22%3A%22v-2021-05-14-23-20-13-694-BE8FV6Sla533f0CB-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621027214620%7D; xbc=%7Bjzx%7DybbjiQtYOerZwoeutfi8N04FNJHCdJwUBJVbp4vnTFTBhuMmQDpJTaeKRGnLebZz2-myOUy_oUpEyMXOTpSNxMyhe9y76bDP68urqiS9YxQxfyTBqb2KBPyikr1v9ysplQwrYuhZkJJA572c5ih8mH445R0_QbnxBP8Bxol_4d2D9soHPOqhzDXRQIPMCAUELvkcBkkk7r_H028_w8lIX0a8MNxErZhFrX_QxWW4MnbEPN-2oZdIfMccmck0z-D7RjuFl6i_QVPc2BXRiLHeMOA1uRsQZYuirY9txGJI_IULEw8AMaK3dWsXU7PHsLVv; _pc_onp_anticorrupcao=true; GPSDK_SESID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_TKTID=us-east-1-2cde4540-b4fa-11eb-b349-7fd477d6b8b4; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/escolha-do-editor.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 14 May 2021 17:26:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"6b82f7a2390711a3b717ee78c946cc66"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Fri, 14 May 2021 21:20:17 GMT
x-amz-cf-id: aSgrvwj2NRJVTG4ymnOi0EKC3tbaJ9LeZoYHSeODcSYv0JYoGHWcew==

POST
H2 200 / Show response
www.semprefamilia.com.br/cookie-exchanger/ 4 B
1 KB 423ms
378ms XHR
application/json 2600:9000:211a:b400:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:b400:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront), 1.1 ed5d8b8e3a8c20eaabbb29c087f04c66.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Fri, 14 May 2021 21:20:16 GMT
x-amz-cf-pop: VIE50-C1, VIE50-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fVlulE8wIAMF-vA=
content-length: 4
x-amzn-requestid: 348dba1b-390c-47ec-8d98-19bc5a17c597
x-amzn-trace-id: Root=1-609ee990-3a2b535234994cda0ae56f61;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: BeQKV3LUDqUrsTAZNGZep3eaQxxKgYuZiC0HfyRtaDnTUrjVLZLhrw==
x-amzn-remapped-connection: close

POST
H2 200 / Show response
www.umdoisesportes.com.br/cookie-exchanger/ 4 B
1 KB 146ms
127ms XHR
application/json 2600:9000:20eb:ac00:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ac00:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 14 May 2021 21:20:15 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront), 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Fri, 14 May 2021 21:20:15 GMT
x-amz-cf-pop: FRA2-C2, FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fVlugHBnIAMFx1w=
content-length: 4
x-amzn-requestid: 5742b1e3-a512-46c4-b6cb-72a3e873c355
x-amzn-trace-id: Root=1-609ee98f-5c3e6f9368bd2d73103a462a;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: O9SZQ_j64_bYvo6_knHrlxS8qg29r5puszPsT0_fCQhrkUW3FhFdAg==
x-amzn-remapped-connection: close

GET
H2 200 FF_Ministro-Gilberto-kassab-e-Eduardo-Paes-visitam-obras-do-VLT-Rio-2016_07032016007-1-960x540.jpg
media.gazetadopovo.com.br/2021/05/14163553/ 88 KB
89 KB 11ms
9ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14163553/FF_Ministro-Gilberto-kassab-e-Eduardo-Paes-visitam-obras-do-VLT-Rio-2016_07032016007-1-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfd2b34e62d51529f9e6941e63672c539a9c3e55f663132352f64303318ca289

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:21:57 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 19:35:54 GMT
server: AmazonS3
age: 3499
etag: "51654fe50dc49d805e89e295e3cc1c12"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 90211
x-amz-cf-id: CyqSv2BCMmDg8hiAsoYcMJ0B8_6Sz-7QSZrNQw4SbfmMsVDajP2Jlg==
expires: Sat, 14 May 2022 19:35:53 GMT

GET
H2 200 185150907_4182742275081176_5177986830996875391_n-660x372.jpg
media.gazetadopovo.com.br/2021/05/13144543/ 62 KB
63 KB 11ms
9ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13144543/185150907_4182742275081176_5177986830996875391_n-660x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fa9acf616fbc8ba4d173470b1d1450faca1dcff11546fd94cf779cec9c4afce

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 18:00:30 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 17:45:44 GMT
server: AmazonS3
age: 98386
etag: "5773286344627e3b0d4a6e5bef0de54e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 63884
x-amz-cf-id: mAu6KSCmj6TplgyoVv_T1itiAN7vx1VgPHAUQqeAq9Vtt9tYzkLmuA==
expires: Fri, 13 May 2022 17:45:43 GMT

GET
H2 200 gif-14-original-crop-20210514201254.gif
media.gazetadopovo.com.br/2021/05/ 854 KB
855 KB 12ms
9ms Image
image/gif 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/gif-14-original-crop-20210514201254.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b047be252ee083f5e2ecc6d5a6ffb273eba8a3574738c114659e3c9c00f8d2be

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:21:57 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 20:13:07 GMT
server: AmazonS3
age: 3499
etag: "019af672ed13ca4e99cf7bca303378a2"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 874161
x-amz-cf-id: PdOxfzaWmO4phSqgU2fWfLKCAI3aVgsGhF4UVaRTUdeFuMm570invw==

GET
H2 200 saneamento-crop-20210513185947-660x372.jpg
media.gazetadopovo.com.br/2021/05/13160238/ 445 KB
446 KB 12ms
10ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13160238/saneamento-crop-20210513185947-660x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fab395c2e4dcd2fff441237b4a86a9852a37a0452946458880278d4c9386225

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 15:54:50 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 19:02:40 GMT
server: AmazonS3
age: 19526
etag: "b6bd05282e419ebee85883e085900dba"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 455735
x-amz-cf-id: oqQAk-tanxlN_HLYtyvxTK2hmXeY4SH8ke2ZiY003aS5yYez172vtA==
expires: Fri, 13 May 2022 19:02:38 GMT

GET
H2 200 crimes-sexuais-contra-criancas-luiz-walmocyr-policia-federal-darknet-372x372.jpg
media.gazetadopovo.com.br/2021/05/12095706/ 20 KB
20 KB 13ms
11ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12095706/crimes-sexuais-contra-criancas-luiz-walmocyr-policia-federal-darknet-372x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e795c5930ba9a2f4522f34535f2697ac875ef1d3787e6b4345f7f2efb7591f97

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:03:09 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 12:57:07 GMT
server: AmazonS3
age: 1027
etag: "ef555316aa57151ecd9782c72a55ff0c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20453
x-amz-cf-id: T1fEIZwJM18GJaRLNRsihpnToeKFJ7xjs4VOy2mTjWYSG1t-ACIB4w==
expires: Thu, 12 May 2022 12:57:06 GMT

GET
H2 200 obras-br-080-goias-divulgacao-dnit-372x372.jpg
media.gazetadopovo.com.br/2021/05/14170443/ 32 KB
32 KB 12ms
11ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14170443/obras-br-080-goias-divulgacao-dnit-372x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16eeb0c91246ec4e54166e02ecb52aa85889e985f0202205d4de4268ce9f417b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:03:09 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 20:04:44 GMT
server: AmazonS3
age: 1027
etag: "a9e2f9ee3f2c90e3ec642587954b1a8b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 32720
x-amz-cf-id: VwWKeSKJ3BoA9UA5DJmmVJrfx2C2swy6wC9Cw0VyvmJ0oEe7snCE1Q==
expires: Sat, 14 May 2022 20:04:43 GMT

GET
H2 200 renan-calheiros-foto-agencia-senado-540x540.jpeg
media.gazetadopovo.com.br/2021/04/27175144/ 47 KB
48 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/27175144/renan-calheiros-foto-agencia-senado-540x540.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6c0797789e54bed7943c3f000bc1ef8c1008ceb42f66b902c9b7a62c2389b17

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:32:11 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 20:51:45 GMT
server: AmazonS3
age: 10085
etag: "0bb36e04e72184ac430fd2c2517e8729"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 48365
x-amz-cf-id: 3GhP5pbxqOlIbvREQ2fCgX9sd9VsCLq0GNBbJP2uFMQQBTQG4usAEQ==
expires: Wed, 27 Apr 2022 20:51:44 GMT

GET
H/1.1 200
OK geolocalizacao.php Show response
apps.gazetadopovo.com.br/geolocalizacao/ 146 B
725 B 979ms
249ms XHR
application/json 54.94.201.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.gazetadopovo.com.br/geolocalizacao/geolocalizacao.php?inf=cidade
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.94.201.92 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-201-92.sa-east-1.compute.amazonaws.com
Software: Apache/2.4.10 (Amazon) PHP/5.4.37 / PHP/5.4.37
Resource Hash: 48f54c863039f91f3c092d58c8b4722045ae462eede3ff803fa0363e1fd61982

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 14 May 2021 21:20:40 GMT
Server: Apache/2.4.10 (Amazon) PHP/5.4.37
Connection: keep-alive
X-Powered-By: PHP/5.4.37
Content-Length: 146
Content-Type: application/json; charset=utf-8

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 7995 197 B
687 B 227ms
205ms Document
text/html 2600:9000:20eb:3000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /mercurio.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 19:37:57 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Fri, 14 May 2021 21:20:16 GMT
expires: Fri, 14 May 2021 21:30:16 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: RefreshHit from cloudfront
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: uRyIeQ-5mRvWs-4_mRc4fHvyFEgoQSmthxlN7zFY6HuGi7-lYV90Vw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 147ms
52ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

80145010fadb828df3c16d025301d9f7c9511f26a67721692727f7ecb0ce4fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "872 / 597 of 1000 / last-modified: 1620990757"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21432
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:16 GMT

GET
H2 200 / Show response
t.dynad.net/script/ 115 KB
31 KB 990ms
390ms Script
text/javascript 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE6 / DynAd.net
Resource Hash: f948af3ff94dd25fe4afd93d136108d2461ca1d0a1d592d1915210c5a0e0b67e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
server: D3-FE6
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Fri, 14 May 2021 21:20:16 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 8ms
8ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:57:16 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 13:45:52 GMT
server: marrakesh 1.16.6
age: 1379
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 5277
x-amz-cf-id: G13f45Nbcj9G2P0ySt1mjthBVdXsfnh7tmQQGFmYay2ojy9zknyCaA==
expires: Fri, 14 May 2021 21:57:16 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 127 KB
17 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: b8e0a46f1a28e4a7adc668158241a0748b4664b5e2fdf5d2e325936a5f09df36

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:57:16 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 20:46:28 GMT
server: marrakesh 1.16.6
age: 1379
etag: 7d6dcbe636a8358dfbd22b243ec5e0c8
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 17151
x-amz-cf-id: dSo3aM7hWMc7qE8itX4lxqMVHLN87wR4F35z2ZVnJVeC5qKYhHVRJg==
expires: Fri, 14 May 2021 21:57:16 GMT

GET
H2 200 gazetadopovo.js Show response
me.jsuol.com.br/aud/ 15 KB
6 KB 598ms
199ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:50
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/gazetadopovo.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 16:36:12 GMT
server: marrakesh 1.16.6
etag: 3259e7f0de5880d1a62dfaa532afdb24
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 6355
expires: Fri, 14 May 2021 22:20:16 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 6 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 187724f70ee4b0489797a1e57b7851448eb8f44705ae4e27f1877aee681b3294

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:22:22 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 05:07:09 GMT
server: marrakesh 1.16.6
age: 3473
etag: 3f49e0c04db03daf3e6521b90eda5f55
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 2098
x-amz-cf-id: x0BtsgMsBRrM_0mAvVbg1qNbnfuD7djpIQW0A9DXSMdr20rc-KFyYQ==
expires: Fri, 14 May 2021 21:22:22 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 587ms
196ms Script
application/javascript 2804:49c:3104:401:ffff:ffff:ffff:34
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3104:401:ffff:ffff:ffff:34 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:16 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Fri, 14 May 2021 21:20:15 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 6BE4 213 B
701 B 7ms
7ms Document
text/html 2600:9000:20eb:3000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 17:11:31 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Fri, 14 May 2021 21:14:46 GMT
expires: Fri, 14 May 2021 21:24:46 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kIBHPbIpJ98XP-9sDmh7a4DSt5DEgP66WLIzKDYySmHq1cpC9LMiMw==
age: 329

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 5AD0 213 B
701 B 8ms
8ms Document
text/html 2600:9000:20eb:3000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Sun, 17 Jan 2021 17:14:18 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Fri, 14 May 2021 21:14:46 GMT
expires: Fri, 14 May 2021 21:24:46 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: -ZxLPEZuJiCjmhepLX5eBGFY7dBJAO74DJRbcq69agdGkUPz0nY8ZA==
age: 329

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
499 B 230ms
141ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 6BE4 42 KB
9 KB 8ms
7ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:37:20 GMT
content-encoding: gzip
age: 2574
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: pMvLwwhVNdlKS33AWcnzXJGd3KZm1LfTYtLzWif8XBif179eHeW0xw==
expires: Fri, 14 May 2021 21:37:20 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 5AD0 42 KB
9 KB 8ms
7ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:37:20 GMT
content-encoding: gzip
age: 2574
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: 7pIdTSkwY_MsSFl9K_0EIqPITYWGu9uYZ-HI6c9j4qNd-zcYf8wfxg==
expires: Fri, 14 May 2021 21:37:20 GMT

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:33:37 GMT
content-encoding: gzip
last-modified: Sun, 17 Jan 2021 16:37:03 GMT
server: marrakesh 1.16.6
age: 2799
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 6125
x-amz-cf-id: UsDHo6ugHYvAXl-P-XBgElVuHu2fYmdtbvXvH1rmj0ADQ-wkY9TjBg==
expires: Fri, 14 May 2021 21:33:37 GMT

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 7ms
7ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:57:16 GMT
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 17:11:33 GMT
server: marrakesh 1.16.6
age: 1379
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 8357
x-amz-cf-id: 1oaBDLUXAcMcUDI0Up6_R7jsK8ajFacCRZPuLhEPaCc1C4vVERd3iQ==
expires: Fri, 14 May 2021 21:57:16 GMT

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
460 B 181ms
141ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:gazetadopovo:1&tK=1621027216&tM=referral&tL=referral&tN=referral&tY=3&tZ=44708124
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
480 B 230ms
139ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: dd398b623b76054d518a0c4c60c6bbf562a4390e5472d934e2157f7618d99d16

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 pubads_impl_2021051301.js Show response
securepubads.g.doubleclick.net/gpt/ 306 KB
108 KB 104ms
52ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 08:39:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110161
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:16 GMT

GET
H2 200 FF_Ministro-Gilberto-kassab-e-Eduardo-Paes-visitam-obras-do-VLT-Rio-2016_07032016007-1-214x214.jpg
media.gazetadopovo.com.br/2021/05/14163553/ 18 KB
19 KB 11ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14163553/FF_Ministro-Gilberto-kassab-e-Eduardo-Paes-visitam-obras-do-VLT-Rio-2016_07032016007-1-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24c504f179bd61b312fcef2ce3c1d1b9564010b44a0ae451828083ff9d6b4be8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:36:25 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 19:35:55 GMT
server: AmazonS3
age: 2632
etag: "3bc4ef228c8dd030df94e13087c9f25e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 18725
x-amz-cf-id: TCOhVddaY1McCCWqSNIE24cegya4AYAJWS0Pxuvfv-gFVbw3N8Kg7g==
expires: Sat, 14 May 2022 19:35:53 GMT

GET
H2 200 beto_preto_aen-214x214.jpg
media.gazetadopovo.com.br/2021/05/14170417/ 36 KB
37 KB 11ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14170417/beto_preto_aen-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35d5abbd0c941fb2b299fedb372f0b0967d7b89d6eb1478e774ce47daf8a0a6a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:54:20 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 20:04:19 GMT
server: AmazonS3
age: 1557
etag: "a7c4bf341c20f9a61ae530d2188f889b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 37192
x-amz-cf-id: Ji9VxoFdyPsuE7usnk3YAzqlmahiyRTGZ2vbRBA3q8vQP1_cofqsxg==
expires: Sat, 14 May 2022 20:04:17 GMT

GET
H2 200 g%C3%AAnero-2-214x214.jpg
media.gazetadopovo.com.br/2021/05/05113641/ 7 KB
7 KB 10ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/05113641/g%C3%AAnero-2-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2e4f59748b59c4715b90efb01442658bdeeb5ecc48cca7e1c170121e94ea20

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:06:40 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Wed, 05 May 2021 14:36:43 GMT
server: AmazonS3
age: 11617
etag: "c478adcec9d51ed07a208240c5020698"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 6748
x-amz-cf-id: evbmYeYVvzsJziqVXZvY4OILPL-_bhOnWUOJ4E6ewDkV_Mq_t140BQ==
expires: Thu, 05 May 2022 14:36:41 GMT

GET
H2 200 pix_0411202553-crop-20201113131612-214x214.jpg
media.gazetadopovo.com.br/2020/11/13111646/ 9 KB
9 KB 10ms
9ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/11/13111646/pix_0411202553-crop-20201113131612-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c43b5cf131c9ab4a3fbb007262904524feab44469dfa508d021ca4f9c53e8b6

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 19:52:19 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 13:16:50 GMT
server: AmazonS3
age: 5278
etag: "20062be9e21471a166893155f3fd8546"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 9153
x-amz-cf-id: EXUIamP5UYHBRIgvbnn2iSETRd5_kN3NjiGK2g0GS9H-T45XVkyi4w==
expires: Sat, 13 Nov 2021 13:16:46 GMT

GET
H2 200 51176463066_4d8fb2ba47_b-214x214.jpg
media.gazetadopovo.com.br/2021/05/13213505/ 10 KB
10 KB 11ms
9ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13213505/51176463066_4d8fb2ba47_b-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2097ec0e1b73fb43f4d483c98d7d0650f589ee5a29711a4c9c72785dd2cbc4a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:56:51 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 00:35:07 GMT
server: AmazonS3
age: 69806
etag: "dfc2f2ef90292130b57c766b675a750b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10047
x-amz-cf-id: 7-sWieFG88pgSvPAgsbiZ0PeZ_PIIE4Of2bT4x2fwc40l3swMkhWPA==
expires: Sat, 14 May 2022 00:35:05 GMT

GET
H3-29 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:06:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:07:15 GMT
server: sffe
age: 83640
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19152
x-xss-protection: 0
expires: Fri, 13 May 2022 22:06:16 GMT

GET
H2 200 guaido-380x214.jpg
media.gazetadopovo.com.br/2021/05/13175419/ 14 KB
14 KB 9ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13175419/guaido-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d05cb6e8a85929d190b71c1b13ed52870280c3b5e5835b39a64c65a66c82b06

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:16:33 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 20:54:20 GMT
server: AmazonS3
age: 72224
etag: "a4f6f06d6e84861a82adcc9c57565819"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 14455
x-amz-cf-id: hbPp1GwhRz5Kd--TtTAq7ppisfopGoBoDrXq5RdxNVqlmHiyuQubkw==
expires: Fri, 13 May 2022 20:54:19 GMT

GET
H2 200 E1L8cSfXMAAU6LQ-380x214.jpg
media.gazetadopovo.com.br/2021/05/12141151/ 25 KB
25 KB 10ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12141151/E1L8cSfXMAAU6LQ-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 401044a217dc17c1ecb74e6a117098fe09e6f048fd32825e7c1b0894c2735662

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 20:07:04 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 17:11:52 GMT
server: AmazonS3
age: 177193
etag: "0a47d7ce2e135ad9ad76fa51009466c8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 25373
x-amz-cf-id: jvRCgE7V-Xu36sdk0SsJValQ_9cOKKFQioBhhHRnuHQokKfFQE7WFQ==
expires: Thu, 12 May 2022 17:11:51 GMT

GET
H2 200 eletrobras-mp-crop-20210513181514-380x214.jpg
media.gazetadopovo.com.br/2021/05/13151750/ 30 KB
30 KB 10ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13151750/eletrobras-mp-crop-20210513181514-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 890bf6cf5b41a9c22c3181423d29c1df243324b6b4f4df46a7df5dd0c8847d53

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 18:50:32 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 18:17:51 GMT
server: AmazonS3
age: 95384
etag: "e27d2179558aaba281867faea60d5046"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 30754
x-amz-cf-id: y5-FChgT8Zx0qwzWkFIhbfAgvd9qs58uz7PhmeSBVcEkkq5AzyhRXQ==
expires: Fri, 13 May 2022 18:17:50 GMT

GET
H2 200 Lula-Sarney-380x214.jpg
media.gazetadopovo.com.br/2021/05/06224329/ 17 KB
18 KB 9ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/06224329/Lula-Sarney-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87caa07094d5c8b229d5dc7075919208eff26570f2c3b3b6bd4f58baf4752bfd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:16:57 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 01:43:31 GMT
server: AmazonS3
age: 108200
etag: "6f17ecfe4b3a7f11c6e88367f5e0636b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17511
x-amz-cf-id: xjcC_Sh5oyFnFYfxWO4xJXge9nNWgTNrcqegdUT53QWiajHMTCUBmQ==
expires: Sat, 07 May 2022 01:43:29 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 7995 4 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:20eb:a400:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a400:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:11:13 GMT
content-encoding: gzip
age: 543
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 13:45:52 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: BOcKZabsQoL8x_EYEgt7Wi83jy8RenBIIF2wCTrupUryzg4XY3_hZw==
expires: Fri, 14 May 2021 22:11:13 GMT

GET
H2 200 E1L8cSfXMAAU6LQ-380x214.jpg
media.gazetadopovo.com.br/2021/05/12141151/ 25 KB
25 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12141151/E1L8cSfXMAAU6LQ-380x214.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 401044a217dc17c1ecb74e6a117098fe09e6f048fd32825e7c1b0894c2735662

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 20:07:04 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 17:11:52 GMT
server: AmazonS3
age: 177193
etag: "0a47d7ce2e135ad9ad76fa51009466c8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 25373
x-amz-cf-id: 6OOKZE2gydbh9HiZ_aLnBE5MJQuqKbbfgRo7oqvG1_UNnHW15a9SJw==
expires: Thu, 12 May 2022 17:11:51 GMT

GET
H2 200 guaido-380x214.jpg
media.gazetadopovo.com.br/2021/05/13175419/ 14 KB
14 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13175419/guaido-380x214.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d05cb6e8a85929d190b71c1b13ed52870280c3b5e5835b39a64c65a66c82b06

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:16:33 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 20:54:20 GMT
server: AmazonS3
age: 72224
etag: "a4f6f06d6e84861a82adcc9c57565819"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 14455
x-amz-cf-id: jdVgH8udEenxtVLWnvk6HFEx88y2rf8pWWW8_eWoXErXJLpeHJN8Jw==
expires: Fri, 13 May 2022 20:54:19 GMT

GET
H2 200 51176463066_4d8fb2ba47_b-380x214.jpg
media.gazetadopovo.com.br/2021/05/13213505/ 13 KB
13 KB 12ms
8ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13213505/51176463066_4d8fb2ba47_b-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a58cea2c106380b60a89c7b0fc665db69f87bebc3e5b9354e90bbecc90be6f2

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 10:05:38 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 00:35:07 GMT
server: AmazonS3
age: 40479
etag: "97c3df6c0d79418241628b744960bc65"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12936
x-amz-cf-id: bT0dJ37G2hXBKjUTaUgJb_JSyAG_XR6l6BwRWtUzTrRUeHmzsz1ljg==
expires: Sat, 14 May 2022 00:35:05 GMT

GET
H2 200 renancalheiros2-380x214.jpg
media.gazetadopovo.com.br/2021/05/13101139/ 12 KB
13 KB 16ms
12ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13101139/renancalheiros2-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b146b7a69eef9b064e5064b481322e7e1fb28b6409360785a9a2f0cdfceb31b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:17:56 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 13:11:40 GMT
server: AmazonS3
age: 108141
etag: "00abc327d5e7cebb409a73f7ed722d53"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12535
x-amz-cf-id: nKAYVn9pXWzDWmqQax2r2IHYqFHFJEIUD7m3zSYNfaR-uX2bJBoCCg==
expires: Fri, 13 May 2022 13:11:39 GMT

GET
H2 200 Submarino-Bolsonaro-Humait%C3%A1-380x214.jpg
media.gazetadopovo.com.br/2021/05/13163513/ 18 KB
19 KB 17ms
13ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13163513/Submarino-Bolsonaro-Humait%C3%A1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbdc327c10d965d84fd27553baefc98be48b2235177ddefb2180f698d1075bcb

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 21:11:34 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 19:35:14 GMT
server: AmazonS3
age: 86923
etag: "6c08186019aaf7a9f6fd25890d971110"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 18579
x-amz-cf-id: 9HslsTuAvd6EF__3dfWUey0UsWULI5El3owS_0_hx6xTdlnrhh7CKQ==
expires: Fri, 13 May 2022 19:35:13 GMT

GET
H2 200 andr%C3%A9-faria-380x214.jpg
media.gazetadopovo.com.br/2021/05/07164722/ 15 KB
16 KB 17ms
14ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/07164722/andr%C3%A9-faria-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2101046cf9bf0cf72b6b8aca4af7935b48b909d6625f6a9ab10bffed7b5b7a67

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 01:58:34 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 19:47:23 GMT
server: AmazonS3
age: 588103
etag: "f8facb2f70d389635971d0c050c7514a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15682
x-amz-cf-id: YOJOHMveP7wOdlnwuOopNAjZ9HTQedvtB5EOz6biFB6ZLdp5fbmjdg==
expires: Sat, 07 May 2022 19:47:22 GMT

GET
H2 200 sao-francisco-em-oracao-cigoli-380x214.jpg
media.gazetadopovo.com.br/2021/05/13191556/ 25 KB
25 KB 17ms
14ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13191556/sao-francisco-em-oracao-cigoli-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0b52e7733fd544d99d4fa0164d7f86a7cfc3a941ce93d83f8d3b2f468a133ed

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:47:15 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 22:15:58 GMT
server: AmazonS3
age: 73982
etag: "0173050eec9f1af3818b99f08e89ece7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 25199
x-amz-cf-id: aZw08NpUhwSMLCA-aZrZRlQw6RBiLio6j-LIjz50WydbDajRtK6zqg==
expires: Fri, 13 May 2022 22:15:56 GMT

GET
H2 200 jair-bolsonaro-lula-380x214.jpg
media.gazetadopovo.com.br/2021/05/13144612/ 16 KB
17 KB 17ms
14ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13144612/jair-bolsonaro-lula-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 416ddcfc1983be12677dd45e2f758799c776da388cecc4c11179acc9462a803f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 18:56:24 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 17:46:13 GMT
server: AmazonS3
age: 95033
etag: "3b48e55226066271d57b1e536d6cb647"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16579
x-amz-cf-id: pkaPeUC6YOBwzUDb-l_hPwYFVSIU8HApn29ePGnVlSvjYarj-EvNcg==
expires: Fri, 13 May 2022 17:46:12 GMT

GET
H2 200 coronavirus-gerd-altmann-pixabay-380x214.jpg
media.gazetadopovo.com.br/2021/05/12171508/ 20 KB
21 KB 18ms
14ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12171508/coronavirus-gerd-altmann-pixabay-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 263895180fbd196bdf0b4a6e0785a374f8a2b14f1bfb83c48b83a2aad67618bb

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 23:52:21 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 20:15:09 GMT
server: AmazonS3
age: 163676
etag: "5714223a57117c385bb7a453e4d1be4c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 20720
x-amz-cf-id: dxZQZYv4VFcA_UwGfdGfASwOyDOlZqSsrPmeXVIKmWKC6ysd4Tn2Tw==
expires: Thu, 12 May 2022 20:15:08 GMT

GET
H2 200 biden-1-380x214.jpeg
media.gazetadopovo.com.br/2021/05/13110903/ 15 KB
16 KB 19ms
16ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13110903/biden-1-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3dc9740720c16432f3e0d1f263ca71b58facff3977067676b4435ddb8c99cb4

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:58:59 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 14:09:05 GMT
server: AmazonS3
age: 91278
etag: "eca7433100b7b694c76df411db516ab4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15864
x-amz-cf-id: uPD062_kE8ZxU4mHu9Cfi_XMHOvbGRlncohyfySy1R2OfvWh3xZ8Bg==
expires: Fri, 13 May 2022 14:09:03 GMT

GET
H2 200 vacina_smcs-380x214.jpg
media.gazetadopovo.com.br/2021/05/12181543/ 31 KB
32 KB 21ms
18ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12181543/vacina_smcs-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2f2c8cb92a66ecd38c297020bdf0e121836f3da280f2fd7ab47dc9a334942d6

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 22:40:52 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 21:15:45 GMT
server: AmazonS3
age: 167965
etag: "443b7607b1ce70a92ffba6e2f204f310"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 31950
x-amz-cf-id: KHCKFxQemFaPiu-__gxffVSbTjjIkvlXAuOD7o_z9irYZR2_Jt-Keg==
expires: Thu, 12 May 2022 21:15:43 GMT

GET
H2 200 internados_smcs-380x214.jpg
media.gazetadopovo.com.br/2021/05/13205615/ 31 KB
32 KB 20ms
17ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13205615/internados_smcs-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d2ff32a42b137abac2bfefac2d02be11215c0f592b9c215902459877893eb8f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 00:36:49 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 23:56:17 GMT
server: AmazonS3
age: 74608
etag: "b32d90de77e1b14401c15aa7ed229176"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 32226
x-amz-cf-id: UYwftclBggfrW0ekgJmlYuiiyYY1Ki84YD3k53D7ZtrWbnNhrq40MQ==
expires: Fri, 13 May 2022 23:56:15 GMT

GET
H2 200 iron-dome-380x214.jpg
media.gazetadopovo.com.br/2021/05/12190117/ 11 KB
11 KB 20ms
18ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/12190117/iron-dome-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b93585ae8a31d1fdb0a88f71b85505d11baf4edcbf0c2f6f6303b357b6b653a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 23:39:45 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Wed, 12 May 2021 22:01:19 GMT
server: AmazonS3
age: 164432
etag: "3643387ed3cb247766cf20de5db473d4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 10912
x-amz-cf-id: G09t4UG5t33SWXLqNPopXqjOIAjFGYyn1lTXcwLmQe14KOTIwb8t5w==
expires: Thu, 12 May 2022 22:01:17 GMT

GET
H2 200 Bolso-x-Lula-380x214.jpg
media.gazetadopovo.com.br/2021/05/14142530/ 13 KB
13 KB 22ms
19ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/14142530/Bolso-x-Lula-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 024512554b3bab56cd0b41c6afc93d67a9202fb5bc2ccfae07d568a9909f8a33

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:09:21 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 17:25:32 GMT
server: AmazonS3
age: 656
etag: "a6e3aeef2c138ab9538f7cc61210e8c4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12889
x-amz-cf-id: 3OvE4mLbA6tpYog4hVTGn_APNusB5bQZr6ckAD3pIeqIuqqj8mGs5A==
expires: Sat, 14 May 2022 17:25:30 GMT

GET
H2 200 Adicionar-um-t%C3%ADtulo-1-1-380x214.jpg
media.gazetadopovo.com.br/2021/05/13155332/ 16 KB
16 KB 22ms
19ms Image
image/jpeg 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13155332/Adicionar-um-t%C3%ADtulo-1-1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 507d5645810e335701bd030095522b569876b85eec73d247b52cb2d2f31e9364

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:10:49 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 18:53:33 GMT
server: AmazonS3
age: 94168
etag: "c58a1830f5d7b08d79cb9bdaddf49998"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16254
x-amz-cf-id: y-McgqRoMx2EkYmFpNAdR1vCDo1-AcYNbNzlqDV91ZnOniJV2iapFg==
expires: Fri, 13 May 2022 18:53:32 GMT

GET
H2 200 youtube-shorts-380x214.png
media.gazetadopovo.com.br/2021/05/13144322/ 13 KB
13 KB 25ms
22ms Image
image/png 2600:9000:2156:800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13144322/youtube-shorts-380x214.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a57e944329333b5591f4aa74e038fb10ea98bd095b2f316fb01dfb8ffaaac0a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:14:04 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 17:43:24 GMT
server: AmazonS3
age: 93973
etag: "10ff4cff387a67801ed00547b5561652"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12877
x-amz-cf-id: ItjOYCN0T3S7qHy0iho1vEk9hoN4VHCBk8SVlTHwSNnavLS44YEPSQ==
expires: Fri, 13 May 2022 17:43:22 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 138 B
569 B 142ms
141ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=4&tU=0100007F90E99E607E068A790288691B&tX=b.52&tZ=610523151&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: aa2016b60165a5185a357ec0a89e8c0dfddf2ffd7e5622c367feecc730a7ba28

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 14 May 2021 22:02:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 35ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 37ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
446 B 24ms
24ms Image
image/png 2600:9000:206e:5e00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-19c4d622d6a1aee75230.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5e00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 8175732
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: qbbKfWDWmeHSQdxLln1OG5eBb-Oo_CcK-QGDl8lCoA65rW2uDAfQtQ==

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 446ms
445ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=909074286390332&correlator=920693024589306&output=ldjh&impl=fifs&eid=31060437%2C31060784%2C31060853%2C31061163%2C31061022&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210514&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-5%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621026153&dt=1621027216435&dlt=1621027213057&idt=3304&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4230&adks=1274092517&ucis=1&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1622044111.1621027213&ga_sid=1621027216&ga_hid=70970493&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

c756b47ce92c7b87ed868385927a9f12a99088c04c223e4f2727697f1640f0e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8950
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 1932ms
1931ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=909074286390332&correlator=920693024589306&output=ldjh&impl=fifs&eid=31060437%2C31060784%2C31060853%2C31061163%2C31061022&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210514&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-4%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621026153&dt=1621027216441&dlt=1621027213057&idt=3304&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=3417&adks=1274092522&ucis=2&ifi=2&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1622044111.1621027213&ga_sid=1621027216&ga_hid=70970493&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

3db84048869efcee2bcabea4021f028761016236377931a536ead8c9b5e183c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
google-lineitem-id: 5690180333
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349142507
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 801ms
801ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=909074286390332&correlator=920693024589306&output=ldjh&impl=fifs&eid=31060437%2C31060784%2C31060853%2C31061163%2C31061022&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210514&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-3%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621026153&dt=1621027216443&dlt=1621027213057&idt=3304&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=2415&adks=1274092523&ucis=3&ifi=3&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1622044111.1621027213&ga_sid=1621027216&ga_hid=70970493&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

1d05f6195ec941089302052a1b7315792e52dfe4cba4da1fa9c6152e50a5c90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8530
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 1240ms
1240ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=909074286390332&correlator=920693024589306&output=ldjh&impl=fifs&eid=31060437%2C31060784%2C31060853%2C31061163%2C31061022&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210514&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-2%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621026153&dt=1621027216445&dlt=1621027213057&idt=3304&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=1583&adks=2044746413&ucis=4&ifi=4&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1622044111.1621027213&ga_sid=1621027216&ga_hid=70970493&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

9a3e12500636879f9470fed2da8692a8be9f697eea4811e01117833ce7118ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11592
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 1489ms
1489ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=909074286390332&correlator=920693024589306&output=ldjh&impl=fifs&eid=31060437%2C31060784%2C31060853%2C31061163%2C31061022&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210514&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C1190x150&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621026153&dt=1621027216447&dlt=1621027213057&idt=3304&frm=20&biw=1600&bih=1200&oid=3&adxs=205&adys=311&adks=1651446792&ucis=5&ifi=5&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x50&msz=1190x0&ga_vid=1622044111.1621027213&ga_sid=1621027216&ga_hid=70970493&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

29755efc0bb7bd744c16838897a4d0690fbea0eeae5f0a920eaf1171ef692f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8778
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
11 KB 2363ms
2363ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=909074286390332&correlator=920693024589306&output=ldjh&impl=fifs&eid=31060437%2C31060784%2C31060853%2C31061163%2C31061022&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210514&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-footer-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621026153&dt=1621027216449&dlt=1621027213057&idt=3304&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1190&adks=2713759382&ucis=6&ifi=6&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1148x-1&ga_vid=1622044111.1621027213&ga_sid=1621027216&ga_hid=70970493&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

38026ad61d28a57e3b9a371f050079a5a1668593a911faf2a14f82ecce51284e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11453
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
354 B 142ms
142ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=903030055&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 37c8f4afc2b7c27042409573dfe98605fa9929c3a2c0612ad5f9893d35ea7341

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gazetadopovo.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6620
date: Fri, 14 May 2021 19:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 14 May 2021 21:29:56 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
4 KB

52ms
51ms

Script
application/javascript

99.86.242.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-79.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:12:33 GMT
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
etag: "5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 491
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 3690
x-amz-cf-id: XN9XVu4OAMUKZyDMyoRwvF7aHS0FqZ3KVElY9UzpXrGHMnqPG2ImCw==

Redirect headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: tyu3wy7a414DTOtptnrPR-oO67LhzJNgn13Be8AbBfbYjqSxhEq_QQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 17ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=70970493&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAEALQAAAAC~&jid=318974605&gjid=137350450&cid=1622044111.1621027213&tid=UA-97689914-251&_gid=1523808297.1621027213&_r=1&_slc=1&cd1=Parceiros&cd2=Gazeta%20do%20Povo&cd3=Gazeta%20do%20Povo&cd11=normal&cd4=1622044111.1621027213&cd66=1621027216606.tbr06zegf&cd85=none&cd87=none&cd88=none&z=769102752

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-97689914-251&cid=1622044111.1621027213&jid=318974605&gjid=137350450&_gid=1523808297.1621027213&_u=6GDAAEALQAAAAC~&z=1516487042

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 21:20:16 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-97689914-251&cid=1622044111.1621027213&jid=318974605&_u=6GDAAEALQAAAAC~&z=1634573670

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-97689914-251&cid=1622044111.1621027213&jid=318974605&_u=6GDAAEALQAAAAC~&z=1634573670

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 77ms
76ms Image
text/plain 99.86.242.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621027216743&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-79.vie50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: I_oxiWzg0ml3H8xGV-jflqZThHdbz1b5x_id5nePsDZt-phdhpqUlQ==
x-cache: Miss from cloudfront

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 141ms
140ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_zurich_zurich_ch_1621027216370_1410413975&tJ=&tQ=gazetadopovo&tU=0100007F90E99E607E068A790288691B&tX=b.52&tY=1&tZ=27809076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 31ms
17ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a90753e49e65629a8e0e05a0ce52ccc8e85c447918cb596db530fe8807f518db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7648
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:16 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2A7D 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 14 May 2021 19:35:33 GMT
expires: Sat, 14 May 2022 19:35:33 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6283
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A7D 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 9144
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 14 May 2022 18:47:53 GMT

GET
H2 200 psd-se-afasta-de-bolsonaro-afaga-lula-e-mira-estados-eleicoes-2022.json Show response
json.gazetadopovo.com.br/republica/ 36 KB
8 KB 11ms
11ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/psd-se-afasta-de-bolsonaro-afaga-lula-e-mira-estados-eleicoes-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bfdbf2a7af9a8153d6ddaf5ae47a8e9b63199713c32fb8d08c00b704e8cdcce

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:19:41 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 37
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 21:18:35 GMT
server: AmazonS3
etag: W/"50bf08514764141667d16228836e9600"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
content-type: application/json
x-amz-cf-id: TymRRnzxP77IRW4bPqsnX8zh7Wk8n4EMEJKHEpgYKE3RnqIiD_pL2Q==

GET
H2 200 governo-parana-decreto-medidas-restritivas-pandemia-coronavirus.json Show response
json.gazetadopovo.com.br/parana/ 21 KB
6 KB 9ms
8ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/governo-parana-decreto-medidas-restritivas-pandemia-coronavirus.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56beef9225a16124caf0ace09bd7a74e39d1133af314b8c0203e641e176e5c82

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"77eb9d5ae7949da810793c71cf77ec1c"
age: 34
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 20:19:04 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: CgQRYncn2gPQI7tetEuhWYkTyyJE5Wqo8op6nOnWMAzrHqkeLovb_A==

GET
H2 200 franca-proibe-linguagem-de-genero-neutro-nas-escolas-arbitraria-e-contraproducente.json Show response
json.gazetadopovo.com.br/vozes/madeleine-lacsko/ 81 KB
12 KB 15ms
15ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/madeleine-lacsko/franca-proibe-linguagem-de-genero-neutro-nas-escolas-arbitraria-e-contraproducente.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc2e053bd9064752827a5196e0834ffc13fe7ea863a45e8b43a69edabd0f4a98

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"131f62835e38d01f4854e246f5f5479f"
age: 241
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 17:23:52 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 8CE_e8vM_XuP7pSg8thPvoj8y_iXuT1GFiKD9wejcaAJa79YJEK0qw==

GET
H2 200 pix-cobranca-comeca-funcionar-brasil.json Show response
json.gazetadopovo.com.br/gazz-conecta/ 20 KB
4 KB 9ms
9ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/gazz-conecta/pix-cobranca-comeca-funcionar-brasil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 927370ca96008d4f1bd354184395ae799d15db183a2e8fc97ce4985132000b55

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"1ab22b4fb5ddc4bfea96dfbcf3e9c218"
age: 241
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 19:19:43 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 4O2YXCI5U93QXYvIJTR6B-4Ik6uHoH4Hsja8Z3FDlWF2McgOMxGbZQ==

GET
H2 200 depoimento-de-executivo-da-pfizer-na-cpi-da-covid-esclarecedor.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 74 KB
11 KB 8ms
8ms XHR
application/json 2600:9000:21f3:3c00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/depoimento-de-executivo-da-pfizer-na-cpi-da-covid-esclarecedor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3c00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8100849e1803ada0fc217cbaf5c1b4e5d0d7355c49db8b177b2894ee93c596bc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"be97d01169f80b700277afe3ba3d597f"
age: 241
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 14 May 2021 01:23:21 GMT
server: AmazonS3
date: Fri, 14 May 2021 21:20:15 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: l2OMPKbIG2vy8LgbU74bzErNZXgqRxRw_kZjCTQOWoogXjhQu_SZdg==

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame CB56 6 KB
3 KB 916ms
243ms Document
text/html 200.147.166.107
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.107 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-166-107.tlm.acessobol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=347901621027216650
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Fri, 14 May 2021 21:20:17 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Fri, 14 May 2021 22:20:17 GMT
pragma: cache
last-modified: Thu, 13 May 2021 01:33:31 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 492.000h
x-varnish: 79942948 58542431
age: 157607
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame 7566 53 KB
18 KB 1114ms
442ms Document
text/html 200.147.166.107
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.147.166.107 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-147-166-107.tlm.acessobol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=347901621027216650
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Fri, 14 May 2021 21:20:17 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Fri, 14 May 2021 22:20:17 GMT
pragma: cache
last-modified: Fri, 14 May 2021 17:18:38 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 582.000h
x-varnish: 77067437 77481043
age: 14500
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 41ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051301&jk=909074286390332&bg=!VValVhLNAAY59bwoOfU7ACkAdvg8WrzxCW8cfzJRdROPsKpAcZz24ePoUeZCRKC2r43ICeoEDoVgowIAAAFKUgAAAENoAQcKAI9Mxe02IGipVPtlE_4yBaOHosdPz79cuE8DHuKVWmrxiMN5mZGUlClFoOsVZlVRUYqZhptNaRkEkI5oqikygiJFYh1fif3ZMntHPC1hkaYm8Lc7c-qnGd5cGlDHw4HgZlalKV1pT5ZhB0tM7vgKcHzwcZqDRPLZJ9a-tdivSexwSA-oHT6UINt2soYpxEdK6ZkCPr5a2dIIjyEfbdeOnH2ZnvwkijReKtOI_RXZa5vNzbx0ZxSoNj8kYIalabgBqUrAZMzwnySwhGnXrVo8sE48y2mYcp4Yg23Bbx_th74qakn3pvv5uOlIV3EihlFpPy8v41f8bhAUr2-Rfj7AUHj37ShU1cFa52hu2_unpFNgYAniqNfafdXkbDZ-Ac2Ah50qP5NPvq4AMrPRUd65YqznxjXt1D2U5SOTmTKVhETlR63dfDn06XJ7guKaQ7OEpDSsmdDBAaWM-25IjtdhIbAhyeCOVs0taZpdmOWOJ9gRLHSaL50SyM9NN_cf2u2OnXIgWnz-Be3cdGxULjeYm30uHj5INbuAOtAiXfVLN1jpKUuytG7f27WIgrsW03hKKkrtOY1RXSQ8RMHcsDBJZt-bdHskQdLhjcVq2ilBecuVPdwZ0VAvVjEH4cEVB1v7B9zlaxj_K2QeuSE0YFvCgf4yzegvt8WTJCRKIyN4_NV1SYnBW7ZumPdA-yYV3E5QpEDCnkne6euxJ-Ks-TnGtE6v40D-hMIIFTkUDspj644HGlh_6f1KF-FIn3Ef2dfHn193U4hgPL0siN7zxt6UoKgz9WbT8a7a9D4nop339O72G8OGKj-i5Z1NfE5sSWpoh_lODdMzkcNScD-HBPny3l9qb9GXOTIl8__1h9BUIvsa39p0ecmONl4AGigsLlBNFEECgckmyZdkO9mGYsQLctJg5kHjkLIEqNHaK5WLXPz0dR_k64lwCuZLIuYYofxq9Zk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
116 B 13ms
12ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=1510848913&gjid=2123201377&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&_r=1&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=PF%20troca%20superintendentes%20em%208%20estados%20e%20Distrito%20Federal&il1pi1id=3facd8c0-b4d8-11eb-893d-bfc914b5ec37&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=1&z=1548329113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Butantan%20paralisa%20produ%C3%A7%C3%A3o%20de%20vacinas%3B%20Fiocruz%20diz%20que%20vai%20parar%20por%20%E2%80%9Calguns%20dia...&il1pi1id=976a5a70-b4d7-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=2&z=1551628688

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Vereadora%20trans%20de%20Niter%C3%B3i%20alega%20amea%C3%A7as%20e%20deixa%20o%20pa%C3%ADs&il1pi1id=3a5aa0e0-b4cf-11eb-a3b1-715327116be6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=3&z=1617165257

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Petrobras%20diz%20que%20n%C3%A3o%20h%C3%A1%20frequ%C3%AAncia%20definida%20para%20reajuste%20e%20ritmo%20ser%C3%A1%20mantido&il1pi1id=996b8d30-b4cd-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=4&z=1183277814

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
16ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=breaking-news&il1pi1nm=PSD%20se%20afasta%20de%20Bolsonaro%2C%20afaga%20Lula%20e%20mira%20governos%20de%20SP%2C%20MG%20e%20RJ%20em%202022&il1pi1id=68629ee0-b4eb-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=5&z=1210582600

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
15ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Rodrigo%20Maia%20encaminha%20pedido%20de%20desfilia%C3%A7%C3%A3o%20do%20DEM%20ao%20TSE%2C%20diz%20jornal&il1pi1id=61af7cd0-b4f5-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=6&z=1038694445

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
13ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Por%20que%20os%20dist%C3%BArbios%20internos%20entre%20%C3%A1rabes%20e%20judeus%20s%C3%A3o%20a%20maior%20amea%C3%A7a%20a%20Israel&il1pi1id=7192a5d0-b4f7-11eb-b497-2b2353b9a2f3&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=7&z=1641541079

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
11ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Especial%20Lava%20Jato%3A%20inspira%C3%A7%C3%A3o%20italiana%20e%20os%20recados%20da%20Justi%C3%A7a%20e%20dos%20pol%C3%ADticos&il1pi1id=42b9bb30-b7b6-11e9-96d3-6195e13c2fd4&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=8&z=1713412073

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
9ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Oito%20leil%C3%B5es%20no%20setor%20de%20saneamento%20devem%20movimentar%20R%24%2031%20bilh%C3%B5es%20at%C3%A9%202022&il1pi1id=541432b0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=9&z=117729100

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=%E2%80%9CGuerra%20a%20crimes%20sexuais%20contra%20crian%C3%A7as%20%C3%A9%20cada%20vez%20mais%20tecnol%C3%B3gica%E2%80%9D%2C%20diz%20especialista%20em%20cibercrimes&il1pi1id=808e2860-b4c1-11eb-a9ed-898d61679f0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=10&z=591569093

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Licenciamento%20ambiental%3A%20o%20que%20muda%20nas%20regras%20pelo%20projeto%20aprovado%20na%20C%C3%A2mara&il1pi1id=c54518d0-b4f1-11eb-beb9-31e7484add5a&il1pi1pr=0.00&il1pi1br=economia&il1pi1ca=republica&il1pi1ps=11&z=1687016143

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
11ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=%E2%80%9CNegar-se%20a%20responder%20%C3%A0%20CPI%20equivale%20a%20esconder%20do%20povo%20brasileiro%E2%80%9D%2C%20diz%20Renan%20sobre%20Pazuello&il1pi1id=23182130-b4e0-11eb-b17a-b3a0b02878ce&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=12&z=572713117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
25ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=%E2%80%9CSe%20esse%20cara%20voltar%2C%20nunca%20mais%20vai%20sair%E2%80%9D%2C%20diz%20Bolsonaro%20sobre%20Lula&il1pi1id=3e1fb8d0-b4c7-11eb-8d1a-1b545f0bd138&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=13&z=1313392897

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
25ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=N%C3%A3o%20existe%20a%20menor%20possibilidade%20de%20um%20corrupto%20ser%20feliz&il1pi1id=48ad61b0-b4d8-11eb-893d-bfc914b5ec37&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=polzonoff&il1pi1ps=14&z=1964138818

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
25ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Fran%C3%A7a%20pro%C3%ADbe%20linguagem%20de%20g%C3%AAnero%20neutro%20nas%20escolas%3A%20arbitr%C3%A1ria%20e%20contraproducente&il1pi1id=3276b1e0-b4d7-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=madeleine-lacsko&il1pi1ps=15&z=231708844

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
25ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Depoimento%20de%20executivo%20da%20Pfizer%20na%20CPI%20da%20Covid%20%C3%A9%20esclarecedor&il1pi1id=f0772470-b452-11eb-80a1-0f02a961d01e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-garcia&il1pi1ps=16&z=678412616

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
25ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Se%20em%202022%20o%20cen%C3%A1rio%20for%20Lula%20contra%20Bolsonaro%2C%20a%20culpa%20n%C3%A3o%20ser%C3%A1%20dos%20eleitores&il1pi1id=d5f813c0-b4d9-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=guilherme-macalossi&il1pi1ps=17&z=917864883

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
26ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Jerusal%C3%A9m%2C%20a%20crise%20pol%C3%ADtica%20em%20Israel%20e%20a%20torcida%20mais%20racista%20do%20mundo&il1pi1id=921cc930-b49c-11eb-ac1a-93438e64d2c9&il1pi1pr=0.00&il1pi1br=mundo&il1pi1ca=filipe-figueiredo&il1pi1ps=18&z=1208817710

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
26ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Pessoa%20de%20bem&il1pi1id=412b4930-b419-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=luis-ernesto-lacombe&il1pi1ps=19&z=164446396

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
26ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Guaid%C3%B3%20prop%C3%B5e%20di%C3%A1logo%20com%20Maduro.%20Qual%20%C3%A9%20sua%20estrat%C3%A9gia%20agora%3F&il1pi1id=642933d0-b44f-11eb-80a1-0f02a961d01e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=20&z=1512547031

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 51ms
26ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Os%20foguetes%20do%20terror%2C%20a%20resposta%20de%20Israel%20e%20a%20paz%20distante&il1pi1id=0a8ee960-b430-11eb-b296-9f9e42652543&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=21&z=262161219

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
27ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Relat%C3%B3rio%20controverso%2C%20cr%C3%ADticas%20e%20recuos%3A%20em%20que%20p%C3%A9%20est%C3%A1%20a%20privatiza%C3%A7%C3%A3o%20da%20Eletrobras&il1pi1id=745d04c0-b418-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=22&z=272762803

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
28ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=PT%20ignora%20tese%20do%20%E2%80%9Cgolpe%E2%80%9D%20e%20tenta%20atrair%20MDB%20e%20outros%20partidos%20que%20derrubaram%20Dilma&il1pi1id=a524de50-b3ed-11eb-8e1e-696d85600db1&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=23&z=1936537732

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Butantan%20paralisa%20produ%C3%A7%C3%A3o%20de%20vacinas%3B%20Fiocruz%20diz%20que%20vai%20parar%20por%20%E2%80%9Calguns%20dias%E2%80%9D&il1pi1id=976a5a70-b4d7-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=24&z=2003069585

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Recusa%20de%20vacina%20contra%20Covid-19%20pode%20gerar%20justa%20causa%2C%20decide%20Justi%C3%A7a%20do%20Trabalho&il1pi1id=1bf0a100-b4bf-11eb-8d1a-1b545f0bd138&il1pi1pr=0.00&il1pi1br=justica&il1pi1ca=vida-e-cidadania&il1pi1ps=25&z=2118042611

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Maioria%20do%20STF%20vota%20por%20obrigar%20o%20governo%20a%20realizar%20o%20Censo%20apenas%20em%202022&il1pi1id=7501e880-b4e2-11eb-b17a-b3a0b02878ce&il1pi1pr=0.00&il1pi1br=economia&il1pi1ca=republica&il1pi1ps=26&z=1636504140

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
28ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=%E2%80%9CBoleto%202.0%E2%80%9D%3A%20PIX%20Cobran%C3%A7a%20come%C3%A7a%20a%20funcionar%20no%20Brasil&il1pi1id=cacb2c90-b4e7-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=gazz-conecta&il1pi1ps=27&z=531968943

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
28ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Huck%20caminha%20para%20novo%20contrato%20com%20a%20Globo%20e%20pode%20n%C3%A3o%20disputar%20Presid%C3%AAncia&il1pi1id=b5132ad0-b4b3-11eb-8141-453b26660345&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=28&z=852903645

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Ap%C3%B3s%20perder%20Rodrigo%20Garcia%20para%20o%20PSDB%2C%20DEM%20chama%20Doria%20de%20%E2%80%9Cdespreparado%E2%80%9D&il1pi1id=215719d0-b4ec-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=29&z=1770507207

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Mortes%20de%20gr%C3%A1vidas%20em%202021%20supera%20todo%20o%20ano%20de%202020&il1pi1id=2cf77390-b4ef-11eb-beb9-31e7484add5a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=30&z=680717185

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Autor%20de%20ataque%20em%20creche%20de%20SC%20n%C3%A3o%20apresenta%20insanidade%20mental%2C%20diz%20pol%C3%ADcia&il1pi1id=d986be20-b4ec-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=31&z=878569837

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Una-se%20ao%20movimento%20anticorrup%C3%A7%C3%A3o%20e%20n%C3%A3o%20deixe%20essa%20bandeira%20ser%20esquecida&il1pi1id=cea109ba-e58b-48c0-8b80-4197022161c2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=32&z=847935614

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
28ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=N%C3%BAmeros%20da%20Covid-19%3A%20acompanhe%20o%20avan%C3%A7o%20da%20doen%C3%A7a%20no%20Brasil%20e%20no%20mundo&il1pi1id=b92fa6f1-e32b-4096-be30-99217fe7a2f2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=33&z=2056096032

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Curitiba%20abre%20vacina%C3%A7%C3%A3o%20para%20pessoas%20de%2051%20anos%20com%20comorbidades%20nesta%20segunda&il1pi1id=ffe37a10-b4f4-11eb-beb9-31e7484add5a&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=curitiba&il1pi1ps=34&z=317307513

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
28ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Infectados%20pelo%20coronav%C3%ADrus%20no%20Paran%C3%A1%20passam%20de%20um%20milh%C3%A3o%20desde%20o%20in%C3%ADcio%20da%20pandemia&il1pi1id=653eb150-b4e5-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=35&z=1329588081

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Com%20avan%C3%A7o%20da%20vacina%C3%A7%C3%A3o%2C%20Curitiba%20registra%20novo%20perfil%20de%20internados&il1pi1id=1ece0cf0-b447-11eb-b0c1-d9cabfa7836c&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=curitiba&il1pi1ps=36&z=1762333053

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Governo%20do%20Paran%C3%A1%20far%C3%A1%20novo%20decreto%20com%20medidas%20de%20enfrentamento%20%C3%A0%20pandemia&il1pi1id=34e05580-b4f0-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=37&z=1593775043

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=G%C3%A1s%20natural%3A%20ind%C3%BAstria%20teme%20que%20nova%20concess%C3%A3o%20repita%20%E2%80%9Ccontrato%20ruim%E2%80%9D%20por%2030%20anos&il1pi1id=3cd424d0-b4ad-11eb-a4b4-871cc25db5a5&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=parana&il1pi1ps=38&z=1743127591

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Curitiba%20inaugura%20maior%20jardim%20de%20esculturas%20do%20Brasil%20e%20memorial%20com%20quase%20100%20obras%20de%20Jo%C3%A3o%20Turin&il1pi1id=51ef56e0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=arquitetura&il1pi1ps=39&z=1404595795

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 55ms
29ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Curitiba%20tem%20arte%3F%20Confira%20um%20panorama%20do%20cen%C3%A1rio%20cultural%20da%20cidade&il1pi1id=de9f9260-b1c7-11eb-b143-3de2e131df8a&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=pino&il1pi1ps=40&z=910469012

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
18ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=MRV%20intensifica%20lan%C3%A7amentos%20no%20Paran%C3%A1%20e%20aposta%20em%20cidades%20da%20regi%C3%A3o%20Norte&il1pi1id=f9ec8cd0-b4e2-11eb-bb1b-3ff4c1ce9ad4&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=parana-sa&il1pi1ps=41&z=1878772353

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=FC%20Cascavel%20pede%20efeito%20suspensivo%20no%20STJD%20e%20Estadual%20corre%20risco%20de%20paralisa%C3%A7%C3%A3o&il1pi1id=98820370-b4c0-11eb-b7d5-37c03f3b7778&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=42&z=1117148599

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Suspens%C3%A3o%20do%20Cascavel%20CR%20mexe%20com%20a%20briga%20pelo%20mata-mata.%20Entenda&il1pi1id=82f73690-b468-11eb-a9f3-4d23f0131caf&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=43&z=2044396254

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Coritiba%20tem%20retorno%20de%20titulares%20contra%20o%20Rio%20Branco%3B%20veja%20prov%C3%A1vel%20time&il1pi1id=49648970-b4e8-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=44&z=2133504141

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Coritiba%20pode%20lucrar%20quase%20R%24%204%20milh%C3%B5es%20com%20ida%20de%20revela%C3%A7%C3%A3o%20para%20a%20Inglaterra&il1pi1id=47fd1f60-b426-11eb-b296-9f9e42652543&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=45&z=1923611273

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Sem%20Juninho%20e%20com%20time%20desgastado%2C%20Maur%C3%ADlio%20vai%20mexer%20no%20Paran%C3%A1%3B%20veja%20o%20time&il1pi1id=46e77b80-b4e8-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=46&z=1427264427

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=No%20Estadual%20e%20na%20Sul-Americana%2C%20chegou%20a%20hora%20de%20o%20Athletico%20mostrar%20a%20sua%20cara&il1pi1id=eb138c30-b4b1-11eb-b7d5-37c03f3b7778&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=47&z=756708878

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Sul-Americana%3A%20Aucas%20vence%20e%20%E2%80%9Csegura%E2%80%9D%20o%20Melgar%20no%20grupo%20do%20Athletico&il1pi1id=74142df0-b4b2-11eb-8141-453b26660345&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=48&z=1891105689

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Bom%20Gourmet%20estreia%20programa%20de%20gastronomia%20na%20r%C3%A1dio%20Mundo%20Livre%20FM&il1pi1id=2d1618c0-b4e7-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=tendencias&il1pi1ps=49&z=457560567

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Texto%20%C3%BAnico%20ou%20fatiado%3A%20quais%20os%20rumos%20da%20reforma%20tribut%C3%A1ria%20no%20Congresso&il1pi1id=608c6990-b445-11eb-996a-57f8a776742d&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=50&z=10931438

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=PF%20troca%20superintendentes%20em%208%20estados%20e%20Distrito%20Federal&il1pi1id=3facd8c0-b4d8-11eb-893d-bfc914b5ec37&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=51&z=1842430697

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Mour%C3%A3o%20diz%20que%20altera%C3%A7%C3%A3o%20no%20licenciamento%20ambiental%20%C3%A9%20%E2%80%9Cmedida%20de%20desburocratiza%C3%A7%C3%A3o%E2%80%9D&il1pi1id=b9387410-b4bf-11eb-b7d5-37c03f3b7778&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=52&z=1959264315

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=A%20%C3%BAnica%20certeza%20que%20temos%20%C3%A9%20a%20mudan%C3%A7a&il1pi1id=6903e900-b41c-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=gazz-conecta&il1pi1ca=nova-economia-com-joao-kepler&il1pi1ps=53&z=531149607

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=E-commerce%20da%20Docile%20cresce%20202%25%20com%20aumento%20do%20consumo%20de%20indulg%C3%AAncia&il1pi1id=c0a98ef0-b4b5-11eb-b7d5-37c03f3b7778&il1pi1pr=0.00&il1pi1br=bomgourmet-negocios&il1pi1ca=negocios-e-franquias&il1pi1ps=54&z=1913420861

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Tite%20convoca%20a%20sele%C3%A7%C3%A3o%20para%20jogos%20contra%20Paraguai%20e%20Equador%20pelas%20Eliminat%C3%B3rias%3B%20veja%20os%20nomes&il1pi1id=f9d66140-b428-11eb-875b-7746cbd8ec2f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=55&z=1556688966

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Veja%20os%20nomes%20convocados%20para%20a%20sele%C3%A7%C3%A3o%20ol%C3%ADmpica&il1pi1id=26e158d0-b4cd-11eb-a3b1-715327116be6&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=56&z=465697784

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=A%20administra%C3%A7%C3%A3o%20Biden%20zomba%20da%20sabedoria%20dos%20antigos&il1pi1id=cacf07c0-b424-11eb-84fb-6f574c5dc335&il1pi1pr=0.00&il1pi1br=mundo&il1pi1ca=ideias&il1pi1ps=57&z=399659025

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Em%20tr%C3%AAs%20sess%C3%B5es%2C%20Comiss%C3%A3o%20da%20Anistia%20vai%20analisar%20820%20pedidos%20de%20indeniza%C3%A7%C3%A3o&il1pi1id=c6f49400-b4e5-11eb-bb1b-3ff4c1ce9ad4&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=vida-e-cidadania&il1pi1ps=58&z=860779410

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Cidade%20de%20Pernambuco%20promove%202%C2%BA%20Festival%20Pr%C3%B3-vida%20online&il1pi1id=ddd80820-b4f2-11eb-beb9-31e7484add5a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=59&z=993924685

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 58ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Ningu%C3%A9m%20quer%20cancelar%20os%20cl%C3%A1ssicos%20%E2%80%93%20exceto%20a%20elite%20acad%C3%AAmica&il1pi1id=a5c71960-b34b-11eb-abee-03f5385d5ff5&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=60&z=595943811

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Entidade%20processa%20Fl%C3%A1vio%20Bolsonaro%20por%20chamar%20Renan%20Calheiros%20de%20%E2%80%9Cvagabundo%E2%80%9D&il1pi1id=1a655b40-b3fd-11eb-a187-db5066d085d8&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=polzonoff&il1pi1ps=61&z=1640472605

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Quando%20se%20tornou%20comum%20chamar%20de%20fascista%20qualquer%20um%20que%20n%C3%A3o%20seja%20extrema-esquerda%3F&il1pi1id=7f65d320-b34f-11eb-9e49-ed09bdae7c6a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=62&z=1836976006

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Leitor%2C%20pare%20de%20bater%20na%20sua%20m%C3%A3e&il1pi1id=56cab430-b32c-11eb-a9f4-171e5a40a72b&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=bruna-frascolla&il1pi1ps=63&z=2140054189

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=N%C3%A3o%20%C3%A9%20s%C3%B3%20o%20a%C3%A7%C3%BAcar!%20Conhe%C3%A7a%20mais%20alimentos%20que%20aumentam%20a%20ansiedade&il1pi1id=95da72d0-b4af-11eb-b7d5-37c03f3b7778&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=64&z=617044390

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Comunica%C3%A7%C3%A3o%20assertiva%20dentro%20do%20casamento%3A%20como%20falar%20e%20ser%20realmente%20ouvido%20pelo%20outro%3F&il1pi1id=073d07a0-b422-11eb-84fb-6f574c5dc335&il1pi1pr=0.00&il1pi1br=comportamento&il1pi1ca=casamento-e-compromisso&il1pi1ps=65&z=752484157

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Perfil%20gen%C3%A9tico%20torna%20paciente%20mais%20suscet%C3%ADvel%20%C3%A0%20Covid-19%2C%20diz%20estudo&il1pi1id=00122a10-b417-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=66&z=1187126960

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Refluxo%20%C3%A9%20fator%20para%20maior%20probabilidade%20de%20c%C3%A2ncer%20de%20es%C3%B4fago&il1pi1id=d04afc70-b3e5-11eb-8e1e-696d85600db1&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=67&z=1785417096

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Era%20das%20Trevas%3F%20A%20verdadeira%20hist%C3%B3ria%20da%20iluminada%20Idade%20M%C3%A9dia&il1pi1id=6e8ae520-b428-11eb-875b-7746cbd8ec2f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=68&z=1949350474

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20o%20%E2%80%9Ccontra-ataque%E2%80%9D&il1pi1id=7f93bc80-b3f5-11eb-bfa9-6d75d86756d2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=69&z=83333955

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=%E2%80%9CO%20Tigre%20Branco%E2%80%9D%20mostra%20a%20ascens%C3%A3o%20financeira%20num%20mundo%20sem%20moral&il1pi1id=b0a61680-b420-11eb-84fb-6f574c5dc335&il1pi1pr=0.00&il1pi1br=cultura&il1pi1ca=ideias&il1pi1ps=70&z=1438585186

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20os%20conflitos%20entre%20Lula%20e%20a%20Opera%C3%A7%C3%A3o&il1pi1id=32608ea0-b262-11eb-9664-8bedfda48389&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=71&z=258926716

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Especial%20Lava%20Jato%3A%20os%20%E2%80%9Cpeixes%20grandes%E2%80%9D%20presos%20na%20Opera%C3%A7%C3%A3o&il1pi1id=20920d30-b25c-11eb-a8f5-cf15ee40fcd5&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=72&z=223074594

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=O%20que%20falta%20para%20o%20Brasil%20produzir%20insumos%20da%20vacina%20contra%20Covid-19%3F%20Entenda%20em%201%20Minuto&il1pi1id=6597b8c0-b41f-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=saude&il1pi1ca=republica&il1pi1ps=73&z=2146142271

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
24ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Defesa%20da%20vida%3A%20jovens%20se%20unem%20para%20denunciar%20a%20cultura%20do%20aborto%20e%20salvar%20beb%C3%AAs&il1pi1id=731cc630-b360-11eb-a21b-751ed1246604&il1pi1pr=0.00&il1pi1br=vida-e-cidadania&il1pi1ca=cristina-graeml&il1pi1ps=74&z=578075218

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
23ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Por%20dentro%20das%20pesquisas%3A%20Lula%20x%20Bolsonaro%20e%20um%20pa%C3%ADs%20dividido&il1pi1id=a40845a0-b33b-11eb-8284-272359f31f7c&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-borges&il1pi1ps=75&z=1451293045

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=O%20que%20explica%20a%20briga%20interna%20no%20Mercosul.%20Assista%20a%20Entenda%20em%201%20Minuto&il1pi1id=4d353180-b31c-11eb-b2f2-a9b0dc1a9d89&il1pi1pr=0.00&il1pi1br=mundo&il1pi1ca=republica&il1pi1ps=76&z=185405125

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
19ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=PSD%20se%20afasta%20de%20Bolsonaro%2C%20afaga%20Lula%20e%20mira%20governos%20de%20SP%2C%20MG%20e%20RJ%20em%202022&il1pi1id=68629ee0-b4eb-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=77&z=1919744415

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Governo%20do%20Paran%C3%A1%20far%C3%A1%20novo%20decreto%20com%20medidas%20de%20enfrentamento%20%C3%A0%20pandemia&il1pi1id=34e05580-b4f0-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=78&z=523410479

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Fran%C3%A7a%20pro%C3%ADbe%20linguagem%20de%20g%C3%AAnero%20neutro%20nas%20escolas%3A%20arbitr%C3%A1ria%20e%20contraproducente&il1pi1id=3276b1e0-b4d7-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=madeleine-lacsko&il1pi1ps=79&z=680927228

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=%E2%80%9CBoleto%202.0%E2%80%9D%3A%20PIX%20Cobran%C3%A7a%20come%C3%A7a%20a%20funcionar%20no%20Brasil&il1pi1id=cacb2c90-b4e7-11eb-80a9-d7630b3898f0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=gazz-conecta&il1pi1ps=80&z=372617034

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
20ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=mais%20lidas&il1pi1nm=Depoimento%20de%20executivo%20da%20Pfizer%20na%20CPI%20da%20Covid%20%C3%A9%20esclarecedor&il1pi1id=f0772470-b452-11eb-80a1-0f02a961d01e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-garcia&il1pi1ps=81&z=789994529

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
21ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Oito%20leil%C3%B5es%20no%20setor%20de%20saneamento%20devem%20movimentar%20R%24%2031%20bilh%C3%B5es%20at%C3%A9%202022&il1pi1id=541432b0-b4cc-11eb-a5e9-572d78fb9593&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=82&z=369375015

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
21ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Texto%20%C3%BAnico%20ou%20fatiado%3A%20quais%20os%20rumos%20da%20reforma%20tribut%C3%A1ria%20no%20Congresso&il1pi1id=608c6990-b445-11eb-996a-57f8a776742d&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=83&z=469983227

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
21ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Relat%C3%B3rio%20controverso%2C%20cr%C3%ADticas%20e%20recuos%3A%20em%20que%20p%C3%A9%20est%C3%A1%20a%20privatiza%C3%A7%C3%A3o%20da%20Eletrobras&il1pi1id=745d04c0-b418-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=84&z=515125706

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
21ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=PT%20ignora%20tese%20do%20%E2%80%9Cgolpe%E2%80%9D%20e%20tenta%20atrair%20MDB%20e%20outros%20partidos%20que%20derrubaram%20Dilma&il1pi1id=a524de50-b3ed-11eb-8e1e-696d85600db1&il1pi1pr=0.00&il1pi1br=2022&il1pi1ca=republica&il1pi1ps=85&z=1605380226

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 25ms
0ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=1510848913&gjid=2123201377&_gid=401367693.1621027218&_u=6GjAAEALQAAAAC~&z=1093286347

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 21:20:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=1510848913&_u=6GjAAEALQAAAAC~&z=1800372137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1622044111.1621027213&jid=1510848913&_u=6GjAAEALQAAAAC~&z=1800372137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 07D9 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 14 May 2021 21:20:16 GMT
expires: Sat, 14 May 2022 21:20:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f874ff88caab3c7b634468acfc642a6bdca8bb2e9499e8f8271555b29e2129f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620837820103308"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27989
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:18 GMT

GET
H3-29 200 container.html Show response
cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B2A 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 14 May 2021 21:20:16 GMT
expires: Sat, 14 May 2022 21:20:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7566 334 KB
115 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117163
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:18 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 65C1 478 B
303 B 19ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKeYyqABMAE&v=APEucNXet-A-J4CawDCmEpmvSM5VlSDuVavA1UDfqYMCdP0XDB34qma_Z5_fQyuUpLt5RYT7-qn3fEmp_9PK6Fqzr5VS9GRqWVAYE2lLFD6n7A9zdwbg1nXJYoF2KHymmTVHq12FcDqy9p53pV4-FfgfVSvtjRU8qH9ph0OclIcUfRTEMZXUD_RYjMUTWeuUxPzpkuuQDVei-KsVfBc0Wdp7-MSMxf3_CQ

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COWiHhDhjN4CGKeYyqABMAE&v=APEucNXet-A-J4CawDCmEpmvSM5VlSDuVavA1UDfqYMCdP0XDB34qma_Z5_fQyuUpLt5RYT7-qn3fEmp_9PK6Fqzr5VS9GRqWVAYE2lLFD6n7A9zdwbg1nXJYoF2KHymmTVHq12FcDqy9p53pV4-FfgfVSvtjRU8qH9ph0OclIcUfRTEMZXUD_RYjMUTWeuUxPzpkuuQDVei-KsVfBc0Wdp7-MSMxf3_CQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0-g9R36musG9XMRopDKZfcx5YrmXjhvhGOC8UsxjnPE76AQJFJbXbE9aDSc0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 14 May 2021 21:20:18 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 07D9 63 KB
25 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7ZEGktIGyzU1MqoGHIjkkrsEbfhH2RVXJuOTipajG9UQMXXwUgjtYjZuOZh0zbGDTUsUF_3YFTnALgYd8sDVpZxKeGvvx3vaVQWUXfW_4T_uc_sYPE9Jr1FhiHrg5_a19qT5k0McGOhfIuPCB87hU36GZ1g&dbm_d=AKAmf-DWC6YIoAjFsBwStVjEAifNrP1Vry6S-ZidjnIMS45GGe10pY28ptmmMz1uB4soqyoNPxc3ZYM8lNg--eSSXvqw9JYhVQ9fJa8rAjskmB13Edcez-dipjDAWLVbXfru6mdhO3j6ktFyO1oJb5-r-fKdnpt5Aw-kYsuBYinvQeSrx38BSKxY2Be97FFqeYPmkxLwMIvsOwt9nVqVoT2E0MhufDlda5R9N_dL3LetCQd1gumOINnJI1CLKmfRySxhF1-byBcReYJoCTKbn0YKAAJKLcuiqImCmlmhzmuav9a-L3Uf4xHRhzczOsA-421gE_hHJPjzrceqR_O7inapKHsOWUad4uMs3iPh4i1-8KZeU1AfvKJKOAtQOOdlT8mW323IiIIs34KswiXoTMEoo9x47-mj36kXm1NELEFMS-9CuFRPw21rCA3RJii02O_PlnQXyJ9QPPBVTah9Q1_-xi86i7uyZZ_yPTQndAqwDAOo3t8OH2Hfst5hJ1qU7AV7Yt-j0Tc6tOrSbXT7qaEIl_2K4ylINAgI6w0Z2q1akbMVueusliSHCHVgrK6F6aFlo8f-X4JMeOqVqsj_oXe2S7ECBtQi1exa6AIaZXwN0TMd2Ktx3fj9SIu7PJFvAfKIhY7tSha50HXp41cxnDoZRn8jkijbadFs19nx6S_dKuWfGJ1h2tcjKse4dakX9_yKSGCDnUYgGFmkl8x36JqcieqJOCj0D4VzbdSoJa4TD7cLlKtbP-jQ0l855f3--FYmyybDiMpZgXwFSVLl5ScobMG-hZw1d5Ymr2SZQysso2vOdAYZ-sHk8x53N0ffuamPGH1-Ywle_ZcTQ8amGsVYGdfspsAYSLWDEg1iMTexFuWTdFksUmGFhf70UkrF8PYSig9pUgK6dWZ1mkAUTfGLaIt1h2GcFRBvIlYZwgyht3xxB6bU79wZOHOk6Dvn8I6EiStbJqAxo5CUl4LzUB7-lHa8t4alax4JF2beOSvhU6Yt0aOnbo1qrnlWvRKsiG06DvQOkPjrrUDB7O8wW9aElzZ0A6TKQ4RGZ8Bhe94tGp3hJ3O6B_-HAW11wqol61HU8AtTVxc0qKDiXW5HSEDxJQlW4r8RudEEvuil4duSMALP__TkDnbdZN4nv5BFdRTTDDXK_SVP_B22_XLtXXjRbr2MM8FT-vlEKjuHJ_mOJEukmntkpNGoVWC2Q5UZDe-hQVVsBqDw9mH-O9U3ZyjvIIv-ZVJOfML9b8f0tTkbpk_6--Bc59-vQWf8ja54_B2Oq8NS5psSvTGBEw-LlMJvTZ-_-oNI3_v_i0ikyJEQU4Pedl788dFFZ9_ZuyrKS9oNpVUhWJqyQ0LkyRLpUm5wNtUpxj--VbIGWZTSPJ6ta2-7PETZVfxTZ04QHFAE4eRFW2UiYnuy6OzDO1sjRz4uTpvU81GbFnb2nHBxmkAbUYfDP1b8qnsY72Q6hgt85Jd7zJeVGIgonRtR8HwpQBe7Uu8WR_z5Lixhv6yYEl6uKnACvOQsYG4wFdT_oHCPG6B8xhn6G5LPo0gJBlrO_6HQZZNKqWy3d_7I9r8V5LQz9ltiZcK3cWqwd03iiL6A--ai7OGNsNyCb50t1f7CRqSfGTbbcqRJ8L8AVK8BdUcbnnSswUItek45Ac0yshNZM9wDtaryMgtr2gVbQM9yeVGGQsidJgPzTuhRXa94i5YO0NfuXCeLCykQftoayTcTERfQhbbzLVpVTQVS-k4tO0TQ2-6indeQyCnthfablMh2aXY2LikS7DSmSuaahzgE85TCxtjsfEzbcMo7ScPhkJri4j1PHrQymyeVYRaAeh_uLIlUkUaeR5DVkqUFTm0_B2y0PiOSujkIWf4-usqd7i2Nxph9iQgNQomPeGDYtJ-E0k51Ov3nU6bsIFyOD9pe4bkuWSA_Jb6BouZBNUPUwmEpBJLueg7slQXypv_TVdMrlybtBUs_3PCRzr3E8tYfru9T5-pm-Kke13dVKr1ql_ibB1X_CNNjQfv1Ow95O4DLMK0SVnNxAP5u2IsqmB6bLwyy8eP3xZEJnlgCaG-CW6hGq5Qzv8MemFDMPZovQiONWQo-qaHcwhLSWyFQrvqbJQIZ1Fn3pkoMVjGMe3JHv9_bFQl8TtOl_fOVU9593ob6sT5e9zZTZda9sqJRxpFrvUMGxMO3EutN4tGUvRU9NayI2_5-05FZ0VLE9y_rQV_4DmPh4mjdFtZ3LtvySZVuqGgCbRZNikV5svJfgEoocvuMj-GNa3hj5hl4gO2v-GvV4Iuffn-aEPyJ_0YUlyN5lxLpvAPIOVyOrpjmZECiotYQTDSRFzbcX42fdVXHPlKdMLlI4K74n62hVQrUNlT57ePF6sbZ1kbuI_xH4ka7l-0UUgynobLAFT6Lgq8ly_q23tKEnpCKYpR1Fiqmz_jGSFvyOTO6-0iPYL4sVp0J9_-7blk1CGH7F7k6RZLsM-KuTmZYXsV7qvZR4zuqC_bC5wbk_t8tvmtewKUz7DRc6Sup4Bg7dYdorpq6nLI7qMZY1Pa5zVgEcexbDDHVgbF2YASdZd0gzCpHK8SsaLyAy7TppHebZLBN9E54aeechyH5AYB-QqhKSEODn00inEvd3nrTnP_Yl7_J3Nrige0khRPK4Jp3cqiQU6w0Ixet1UziN-8gkIPy2MOGGA5Dibw-N3fErxCQOhiCRqfs8CN7d21jXSQVgp1ec2z3o04jEYugi5-r11vnX9ssxxTcoKxcfyqDBMxMN1C2oWcc2W3mRYKiYO8Vc1G2I89w-r-PeqiOqqMJz9x42Bdf2CaH7JS8wVnfRaUGyZqaEeZMyP9VZf2XYuzFN1DMA-lWAVx5qSW7v4J5X3FktxPDf9QFJzsZEWaxVYp7eRGvXpEtePfjB_qD-1uHe94t1pxszscKoYlZ2FEHiVY42FAC-2A_TE1u8Cq6M2cBp1k-FEI9kGZbLXLiHHLqKbQyXxUZqcUp3CbgSg_rV4O4rRfTEg35gitmL6ub_gO6GEnG4g8hsiA9R-LyOlcVb5UO2tlKYiRnxzCJOKaT6iQxPCG2U0eBz9IG4lo_NXs4K2mv&cid=CAASEuRoQTjYGxZi3WDjkT2-K1q16w&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61277b792c3951bab82122f2883f8bd289152bf2da46e5fe1f607f817dd2a6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25171
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07D9 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CatZEYE371NWYrWWZXMPky0T8c__PQvLCh5uFAmtHrlhOfRUKfrG2jEJCwktb64b6VrOXjSTtqhuEpHCZ48DLx4SdTj7FmJKf0SiQz3Q51jMTaI6k

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 07D9
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/663882/53780618/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
258 B

270ms
93ms

Image
image/gif

54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:19 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 5076882
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
x-server-name: app31.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 07D9 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07D9 116 KB
35 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f711976feb745d0a181437d8d6b31bd07213c35cddb8c1e53c99aef0635d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620837837546646"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 07D9 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:20:00 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 07D9 0
0 15ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZgPLTGh5_8dfSi0oO4GKe31436w_zi3V_WpETiIIx2GbRhp-Omjyy54nLBGiDEJSzHlvrSoqLxuYKex3HUsk8_Tbprg
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1730 611 B
363 B 19ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGhoipATAB&v=APEucNVDRUc0y_wmJCQLn9KWix_SRQi72pAUyOvr4G7ZqInVdMVXlBV26DiBF-rvZVK1IG7ykTiUAOh3m9SWFD8b0dAjMuprVTOgh0MwS2lQEUslzgoLGYPbzcle-VOd23NgplqQJfSlPIEAB8bjnkMyd8sHF_MKm331U-kQCBM2DxiW2n8borBkusnUC1YYy9tDCcYwOfYBsPPzMiAbmqWRrCC6S2q2FQ

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfnugEQw7j0ARjGhoipATAB&v=APEucNVDRUc0y_wmJCQLn9KWix_SRQi72pAUyOvr4G7ZqInVdMVXlBV26DiBF-rvZVK1IG7ykTiUAOh3m9SWFD8b0dAjMuprVTOgh0MwS2lQEUslzgoLGYPbzcle-VOd23NgplqQJfSlPIEAB8bjnkMyd8sHF_MKm331U-kQCBM2DxiW2n8borBkusnUC1YYy9tDCcYwOfYBsPPzMiAbmqWRrCC6S2q2FQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0-g9R36musG9XMRopDKZfcx5YrmXjhvhGOC8UsxjnPE76AQJFJbXbE9aDSc0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 14 May 2021 21:20:18 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1B2A 23 KB
12 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXSS9tVrLCnjIW9EQxWcrM6bNQD9PnrVmdakMWAZiOs7lEEv0DUcYZ9QBaqox72PbcI4_stOPrZ-h5FIYJ7B6V2g1aBqFVA1Sk4SQEsEJxGvSIU1p1PJnf2oLbhnetk4-VsmzGiA7jUt8AktOjd4zZw2dLFw&cry=1&dbm_d=AKAmf-DhxXW8XTh5c07wNWMgTd8su6uRkRHRvYL_atxLdCp_NCLFkPMzHDE2YF6RdadOALBljkkd2BjxPgRZgSx8hLZ27Qk_2ZDBjVfL7bypdpjAG4BrNo6jT0fKnHICmzT7BUMd1khUE3XSaQHC1P5hjCC_h4v0zdw4xYeqEzeQusylYb_pxYm7EYVvhwP_4XxpyyyFzYNuGTQ9w-GeWccIzvLUG5QwfK7ojxsezwRRpDL6BysZNnLD2IgvOU4agi97n3N-Ogulko59Z3E8Q5lmu9RiD-KZ9aRnLAnuTVr_Ts76GbwQrvmIWAZUsfxVbFvDK1CWg8jGf0nnHFhtuxYe-nVzaw25ItyT2XXb25ijBh5sqkzJDVa3L8vG7Xbq_WkIBkMUeLtQHAGqi3Dxby_8-45x3kygRMUXN6jxw5cYjq1SGaPL5iesDi_tqjG_JjbYoZBalLSqimwp5nxsA_8yP41MYlKhHkofqGPIcC-c618nnIxBCuhgNB_HmAkIE8EyQYlsawWON8pZTcHLNiE0vSo9Z2KG6HWniinaZaH-o4eidEgQR8PycJM98oHuX4K1i5FXBNf0XfmFaO7A1amNAMNgCIvAKSfQqadI5m0QyYBIKl_utGEy2Pwm2FQAWbhMwHUgTd24XiFXJnNfjmYcbndotSf0-vwTi1VKJ8O4cZKE2Nq61jDY02TfuHv8H88EwKhxlkpsZaBiL0DKAz0HWU9OyBJD-ncalPjRA4WXtBrfkV6YlIy1LropvVNfMvLotLXwFK_Rki2wfKpmC6z5k5Oqf6yeRvnbdue7a4Ifb53oTkYEOlrlkjIKfxzB6E0KSjlOrhQToZnGV-6BR54ojKb8gL7LwVxDKhhWIdJyAUwTgHwwGy7u4eU4uk1egiLlMDIIHeh7sVxITIDpPyV-C6mPVhXS7rna-dBix95G14SDerer6Nr6Bxd5Ij-YXu8xHT1sacbmkpo2G9n44aJuLd9cvsYYBpKzPoJWf8oC8JH4cauUQD4fGNGbOWsglApoZ-VNrzrZI_v2a5bbH9iCcoNdaOEvHIB2vflM482uyHkH9bHfs6OGkPbYSeTML8zLujFLj24W_Tktv-gAB0SSqVCAV3feG00o8RB2z3naQ4cetguEjdUR0aiWLeY4gbuA2OG8FWjfu1nt18xblZtnFlWoax-UHazh959ZZzbiKz9pTk4ElxyoUy7UGMhnHeqCOA5pDk1MCuUuqwWUBudWU8NoGGgjqoxnIia-_LOW_uUnnvvdhH7sVxAP2Fqu_U-PMwlNrwY54mMmdl1cW193KNNPVdSCBDbCbBWeZq_WSrcyJEpO7ieDVYNLk_jEb_XQb1mHiNBrbnbFGZaOi9OvB7dA1LNzQtoPTf7I4xiYOQ9wDdpqBaKWiKCzKBMEvTlomIsGIwmN5I8l9c0d2ILtXr2j-qJlB0yBW5iB1e0PT6s4_JmcBmMq9Egcyxb-mtidzMnlentHiFvW0lAgyNU9f-odj7NQ7CzNk782j8be8mMA0bzWqdtVpqh84VH08w3j-o2IsNdeQJxVzPVLjZ_CN0L-pkeX1seG6IrxKmHbL6akv98JqwK0t2XUCXc5TiiWlacw4vs_3VFfqEinOjHUzgXrWibVO5opkdkwPoEwHgdCJOT4lwEjmWgVfalLKfAgksB0kDMphlfxvk6iyCo4qI-7_HlVE-JjA1Kch9eLKZZ9nOqBV7XdffYA3yxUhFjhzszXZFaqxww4FmkLyfjFRf12VLPXUrWBli_3T3CRxq_wCJgBH4Onm8brv7F0oEAkM_y6EE9VC2Cxtlfdf0rLVhtR2IKT7wLFteMTcWRGKrYR9BpJpwpyi3ixnFb4Rgn-TKiG8IqxzuluAJAcXNGnurnQVJBmqjxNScbwLm84CEKFq1273xYPEMYC6G1KqsvC0QJAbk7xxHoYK4y29-JwQnEDICXWf_ozi3jcoQ26xg6_33w0hc3hMEcsPa1R79GrKwmTBN2h1opxak1XeqBxVlPu_i_ZUqOrrApUkXugsiUENKvLg2GQOgVpTc3z9zQ0sDi8Ft6HRWIiUKUnHhBSLn-fOnbuQHwvOtEfwrRLzbLv8Envccz_nRvKAWISPOj_pzKNyo0VrYQtDMmFdA-FnuSG-01M5s9i_iX-iGDiekR-PWTT3ql_qC01yacuEaKCfRolnKAZ3vrW3g8QZZLQgUGhxwT-04bUsUEeMcG7Ho7XZOjIRAD5N9LtDEl8llzOIUsakmUVUCy3p6iq633PLg73DFh1VTgGGtMxJITj8_WcOPluc0FeFUjxrrxgZesYLaCWLBypJ83WYo-m3HwgHAHDy7yao4j56ATt-tS8CYW3Gm1t1U4jNiQ1NzdQFZbykPp40-Q1gsGYUJER9fG43SF0NGvfB459wsZ9JTC1ZCuA4l3C1JdYnlqCiy9SbeIuaABOg-DINil0bYdUn9dAyR2--gRfFQV53YGusP00ExvJ-eL_iaZKx3O9YbY8_exHaXhRKcLUJZYsdSCVa_YO_gA1JqQByNtFqK1KH9BXOER9STJLZbl-I8BHxCqlh6U1oLOscblmFkW15B-CEXh-_s9SAcCnvfNWWIRIWmzhFgR5VptFQQP75YcCGtd1TzvfTffgM5snUi-kU-DORNTN8xQz7ICAw3grDfyOqN7DUQMr-kTzEp2uj1eBjVs_XcyDDfRBZ2UfRK4eHpLGDa1jCJUwOSVCQwGzKKgsu27Ou0_5yzaZZiND7uEsecUNiH9Ka_KXaH3DcNUP4YOMCaI2t43a0mGKr0xhyc2FNp1z8CDfVbuGiMJ7KDaN1s1viPthgm8JzKfbI6-Ub3VxZYPRi5JirtNEQsw-U2AAtDAQoxeMBJ0J6fypJDHmSv1Wi_LLrLQZQjSaVuoVKwWF3OEvV5JF-nmy8dzk403z8kR2LTs43tQ7CeqTKJTkFQ92w4Ym5fmUfKqtzLdRf7l_C4mGjBV_8STYwXfP0Zjqvhqgz_FxL7ZzL-30HxdI5VgarCh_b1QzJRolG_9S-cshxAKCS4PbCVJq82DVjp_l8oTDyzhYhb7PVc4&cid=CAASEuRoaPaSXBPJvPg6Ce5stz0WBA&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73ca82cdf8f9e3f2387ae7bed10bd9d201327a138f42ddf8498e818c0ef23e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B2A 42 B
63 B 41ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmBB_pX1LwQUtNJfDvjhwb6ylcdGcgzTR3_RfUZfLzgT5WEWKVGRUdKCYakBCZy0dtH9-Wnlb67tbEttaNu6Lnwm-Xc0WQsRakEJhIzH4xQA0KFIs

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 1B2A 2 KB
2 KB 25ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=151983&plc=5573058&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hTYBIkin29maQWo57HtY8Z&DVP_DBM_1=3060631&DVP_DBM_2=20152640&DVP_DBM_3=50785673&DVP_DBM_4=354550598&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18017767848&turl=https://www.gazetadopovo.com.br/&DVP_PP_BUNDLE_ID=
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 68af7d95d32570af49c8988fa9285f76add19e574354b0d7136b65b205d2f5da

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 May 2021 09:20:07 GMT
Server: Microsoft-IIS/10.0
ETag: "82d9bc15942d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 1B2A 7 KB
3 KB 24ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hTYBIkin29maQWo57HtY8Z&DVP_DBM_1=3060631&DVP_DBM_2=20152640&DVP_DBM_3=50785673&DVP_DBM_4=354550598&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18017767848&turl=https://www.gazetadopovo.com.br/&DVP_PP_BUNDLE_ID=
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7c3e4f7379ab36145201000303ce7b35f6862e261d7a362b0491454278d81354

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 May 2021 17:26:02 GMT
Server: Microsoft-IIS/10.0
ETag: "031fab68a46d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 1B2A 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B2A 116 KB
35 KB 26ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f711976feb745d0a181437d8d6b31bd07213c35cddb8c1e53c99aef0635d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620837837546646"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame 1B2A 13 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:20:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 65C1 170 B
506 B 175ms
60ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKeYyqABMAE&v=APEucNXet-A-J4CawDCmEpmvSM5VlSDuVavA1UDfqYMCdP0XDB34qma_Z5_fQyuUpLt5RYT7-qn3fEmp_9PK6Fqzr5VS9GRqWVAYE2lLFD6n7A9zdwbg1nXJYoF2KHymmTVHq12FcDqy9p53pV4-FfgfVSvtjRU8qH9ph0OclIcUfRTEMZXUD_RYjMUTWeuUxPzpkuuQDVei-KsVfBc0Wdp7-MSMxf3_CQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 65C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHpVFO5gyKo_E0hi-3n6ReE&google_cver=1

43 B
1014 B

138ms
51ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHpVFO5gyKo_E0hi-3n6ReE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKeYyqABMAE&v=APEucNXet-A-J4CawDCmEpmvSM5VlSDuVavA1UDfqYMCdP0XDB34qma_Z5_fQyuUpLt5RYT7-qn3fEmp_9PK6Fqzr5VS9GRqWVAYE2lLFD6n7A9zdwbg1nXJYoF2KHymmTVHq12FcDqy9p53pV4-FfgfVSvtjRU8qH9ph0OclIcUfRTEMZXUD_RYjMUTWeuUxPzpkuuQDVei-KsVfBc0Wdp7-MSMxf3_CQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 14 May 2021 21:20:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHpVFO5gyKo_E0hi-3n6ReE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 65C1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJ7pknOlCylwzk2IydeRkgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNGF5KYMKcyRWt6G5yBM0s&google_cver=1

43 B
1014 B

51ms
50ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNGF5KYMKcyRWt6G5yBM0s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKeYyqABMAE&v=APEucNXet-A-J4CawDCmEpmvSM5VlSDuVavA1UDfqYMCdP0XDB34qma_Z5_fQyuUpLt5RYT7-qn3fEmp_9PK6Fqzr5VS9GRqWVAYE2lLFD6n7A9zdwbg1nXJYoF2KHymmTVHq12FcDqy9p53pV4-FfgfVSvtjRU8qH9ph0OclIcUfRTEMZXUD_RYjMUTWeuUxPzpkuuQDVei-KsVfBc0Wdp7-MSMxf3_CQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 14 May 2021 21:20:19 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNGF5KYMKcyRWt6G5yBM0s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7566 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1730
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBh182s6-CO0u7_XU6HHiL4&google_cver=1

43 B
1020 B

63ms
56ms

Image
image/gif

185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBh182s6-CO0u7_XU6HHiL4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGhoipATAB&v=APEucNVDRUc0y_wmJCQLn9KWix_SRQi72pAUyOvr4G7ZqInVdMVXlBV26DiBF-rvZVK1IG7ykTiUAOh3m9SWFD8b0dAjMuprVTOgh0MwS2lQEUslzgoLGYPbzcle-VOd23NgplqQJfSlPIEAB8bjnkMyd8sHF_MKm331U-kQCBM2DxiW2n8borBkusnUC1YYy9tDCcYwOfYBsPPzMiAbmqWRrCC6S2q2FQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:18 GMT
X-Proxy-Origin: 84.17.53.151; 84.17.53.151; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid: fe358e88-81bb-423e-be3e-e767b9c0dcdb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBh182s6-CO0u7_XU6HHiL4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1730
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3Njg2ODg2ODM2NjgxNzI5

170 B
188 B

102ms
94ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3Njg2ODg2ODM2NjgxNzI5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:18 GMT
X-Proxy-Origin: 84.17.53.151; 84.17.53.151; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid: 400813b7-5a2b-4060-8341-1b76a9209a4f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM3Njg2ODg2ODM2NjgxNzI5
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1730
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGq5LZdQOG8-RSTwp-O9zew&google_cver=1

43 B
180 B

61ms
60ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGq5LZdQOG8-RSTwp-O9zew&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGhoipATAB&v=APEucNVDRUc0y_wmJCQLn9KWix_SRQi72pAUyOvr4G7ZqInVdMVXlBV26DiBF-rvZVK1IG7ykTiUAOh3m9SWFD8b0dAjMuprVTOgh0MwS2lQEUslzgoLGYPbzcle-VOd23NgplqQJfSlPIEAB8bjnkMyd8sHF_MKm331U-kQCBM2DxiW2n8borBkusnUC1YYy9tDCcYwOfYBsPPzMiAbmqWRrCC6S2q2FQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGq5LZdQOG8-RSTwp-O9zew&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1730
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGUzNzBkYTYtNmVlNS0yMDJmLWY3N2ItYzhlZDY1OTJmZGRl

170 B
188 B

182ms
98ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGUzNzBkYTYtNmVlNS0yMDJmLWY3N2ItYzhlZDY1OTJmZGRl

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGUzNzBkYTYtNmVlNS0yMDJmLWY3N2ItYzhlZDY1OTJmZGRl
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Guaid%C3%B3%20prop%C3%B5e%20di%C3%A1logo%20com%20Maduro.%20Qual%20%C3%A9%20sua%20estrat%C3%A9gia%20agora%3F&il1pi1id=642933d0-b44f-11eb-80a1-0f02a961d01e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=86&z=929354313

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Os%20foguetes%20do%20terror%2C%20a%20resposta%20de%20Israel%20e%20a%20paz%20distante&il1pi1id=0a8ee960-b430-11eb-b296-9f9e42652543&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=87&z=1750504225

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Relat%C3%B3rio%20controverso%2C%20cr%C3%ADticas%20e%20recuos%3A%20em%20que%20p%C3%A9%20est%C3%A1%20a%20privatiza%C3%A7%C3%A3o%20da%20Eletrobras&il1pi1id=745d04c0-b418-11eb-8d21-55e545bfcd50&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=88&z=1487738751

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=70970493&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=6GjAAEALQAAAAC~&jid=&gjid=&cid=1622044111.1621027213&uid=&tid=UA-23088598-1&_gid=401367693.1621027218&gtm=2wg5c1WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=PT%20ignora%20tese%20do%20%E2%80%9Cgolpe%E2%80%9D%20e%20tenta%20atrair%20MDB%20e%20outros%20partidos%20que%20derrubaram%20Dilma&il1pi1id=a524de50-b3ed-11eb-8e1e-696d85600db1&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=89&z=1824800591

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 07:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 1B2A 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXSS9tVrLCnjIW9EQxWcrM6bNQD9PnrVmdakMWAZiOs7lEEv0DUcYZ9QBaqox72PbcI4_stOPrZ-h5FIYJ7B6V2g1aBqFVA1Sk4SQEsEJxGvSIU1p1PJnf2oLbhnetk4-VsmzGiA7jUt8AktOjd4zZw2dLFw&cry=1&dbm_d=AKAmf-DhxXW8XTh5c07wNWMgTd8su6uRkRHRvYL_atxLdCp_NCLFkPMzHDE2YF6RdadOALBljkkd2BjxPgRZgSx8hLZ27Qk_2ZDBjVfL7bypdpjAG4BrNo6jT0fKnHICmzT7BUMd1khUE3XSaQHC1P5hjCC_h4v0zdw4xYeqEzeQusylYb_pxYm7EYVvhwP_4XxpyyyFzYNuGTQ9w-GeWccIzvLUG5QwfK7ojxsezwRRpDL6BysZNnLD2IgvOU4agi97n3N-Ogulko59Z3E8Q5lmu9RiD-KZ9aRnLAnuTVr_Ts76GbwQrvmIWAZUsfxVbFvDK1CWg8jGf0nnHFhtuxYe-nVzaw25ItyT2XXb25ijBh5sqkzJDVa3L8vG7Xbq_WkIBkMUeLtQHAGqi3Dxby_8-45x3kygRMUXN6jxw5cYjq1SGaPL5iesDi_tqjG_JjbYoZBalLSqimwp5nxsA_8yP41MYlKhHkofqGPIcC-c618nnIxBCuhgNB_HmAkIE8EyQYlsawWON8pZTcHLNiE0vSo9Z2KG6HWniinaZaH-o4eidEgQR8PycJM98oHuX4K1i5FXBNf0XfmFaO7A1amNAMNgCIvAKSfQqadI5m0QyYBIKl_utGEy2Pwm2FQAWbhMwHUgTd24XiFXJnNfjmYcbndotSf0-vwTi1VKJ8O4cZKE2Nq61jDY02TfuHv8H88EwKhxlkpsZaBiL0DKAz0HWU9OyBJD-ncalPjRA4WXtBrfkV6YlIy1LropvVNfMvLotLXwFK_Rki2wfKpmC6z5k5Oqf6yeRvnbdue7a4Ifb53oTkYEOlrlkjIKfxzB6E0KSjlOrhQToZnGV-6BR54ojKb8gL7LwVxDKhhWIdJyAUwTgHwwGy7u4eU4uk1egiLlMDIIHeh7sVxITIDpPyV-C6mPVhXS7rna-dBix95G14SDerer6Nr6Bxd5Ij-YXu8xHT1sacbmkpo2G9n44aJuLd9cvsYYBpKzPoJWf8oC8JH4cauUQD4fGNGbOWsglApoZ-VNrzrZI_v2a5bbH9iCcoNdaOEvHIB2vflM482uyHkH9bHfs6OGkPbYSeTML8zLujFLj24W_Tktv-gAB0SSqVCAV3feG00o8RB2z3naQ4cetguEjdUR0aiWLeY4gbuA2OG8FWjfu1nt18xblZtnFlWoax-UHazh959ZZzbiKz9pTk4ElxyoUy7UGMhnHeqCOA5pDk1MCuUuqwWUBudWU8NoGGgjqoxnIia-_LOW_uUnnvvdhH7sVxAP2Fqu_U-PMwlNrwY54mMmdl1cW193KNNPVdSCBDbCbBWeZq_WSrcyJEpO7ieDVYNLk_jEb_XQb1mHiNBrbnbFGZaOi9OvB7dA1LNzQtoPTf7I4xiYOQ9wDdpqBaKWiKCzKBMEvTlomIsGIwmN5I8l9c0d2ILtXr2j-qJlB0yBW5iB1e0PT6s4_JmcBmMq9Egcyxb-mtidzMnlentHiFvW0lAgyNU9f-odj7NQ7CzNk782j8be8mMA0bzWqdtVpqh84VH08w3j-o2IsNdeQJxVzPVLjZ_CN0L-pkeX1seG6IrxKmHbL6akv98JqwK0t2XUCXc5TiiWlacw4vs_3VFfqEinOjHUzgXrWibVO5opkdkwPoEwHgdCJOT4lwEjmWgVfalLKfAgksB0kDMphlfxvk6iyCo4qI-7_HlVE-JjA1Kch9eLKZZ9nOqBV7XdffYA3yxUhFjhzszXZFaqxww4FmkLyfjFRf12VLPXUrWBli_3T3CRxq_wCJgBH4Onm8brv7F0oEAkM_y6EE9VC2Cxtlfdf0rLVhtR2IKT7wLFteMTcWRGKrYR9BpJpwpyi3ixnFb4Rgn-TKiG8IqxzuluAJAcXNGnurnQVJBmqjxNScbwLm84CEKFq1273xYPEMYC6G1KqsvC0QJAbk7xxHoYK4y29-JwQnEDICXWf_ozi3jcoQ26xg6_33w0hc3hMEcsPa1R79GrKwmTBN2h1opxak1XeqBxVlPu_i_ZUqOrrApUkXugsiUENKvLg2GQOgVpTc3z9zQ0sDi8Ft6HRWIiUKUnHhBSLn-fOnbuQHwvOtEfwrRLzbLv8Envccz_nRvKAWISPOj_pzKNyo0VrYQtDMmFdA-FnuSG-01M5s9i_iX-iGDiekR-PWTT3ql_qC01yacuEaKCfRolnKAZ3vrW3g8QZZLQgUGhxwT-04bUsUEeMcG7Ho7XZOjIRAD5N9LtDEl8llzOIUsakmUVUCy3p6iq633PLg73DFh1VTgGGtMxJITj8_WcOPluc0FeFUjxrrxgZesYLaCWLBypJ83WYo-m3HwgHAHDy7yao4j56ATt-tS8CYW3Gm1t1U4jNiQ1NzdQFZbykPp40-Q1gsGYUJER9fG43SF0NGvfB459wsZ9JTC1ZCuA4l3C1JdYnlqCiy9SbeIuaABOg-DINil0bYdUn9dAyR2--gRfFQV53YGusP00ExvJ-eL_iaZKx3O9YbY8_exHaXhRKcLUJZYsdSCVa_YO_gA1JqQByNtFqK1KH9BXOER9STJLZbl-I8BHxCqlh6U1oLOscblmFkW15B-CEXh-_s9SAcCnvfNWWIRIWmzhFgR5VptFQQP75YcCGtd1TzvfTffgM5snUi-kU-DORNTN8xQz7ICAw3grDfyOqN7DUQMr-kTzEp2uj1eBjVs_XcyDDfRBZ2UfRK4eHpLGDa1jCJUwOSVCQwGzKKgsu27Ou0_5yzaZZiND7uEsecUNiH9Ka_KXaH3DcNUP4YOMCaI2t43a0mGKr0xhyc2FNp1z8CDfVbuGiMJ7KDaN1s1viPthgm8JzKfbI6-Ub3VxZYPRi5JirtNEQsw-U2AAtDAQoxeMBJ0J6fypJDHmSv1Wi_LLrLQZQjSaVuoVKwWF3OEvV5JF-nmy8dzk403z8kR2LTs43tQ7CeqTKJTkFQ92w4Ym5fmUfKqtzLdRf7l_C4mGjBV_8STYwXfP0Zjqvhqgz_FxL7ZzL-30HxdI5VgarCh_b1QzJRolG_9S-cshxAKCS4PbCVJq82DVjp_l8oTDyzhYhb7PVc4&cid=CAASEuRoaPaSXBPJvPg6Ce5stz0WBA&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 13108869059872076478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:18:39 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B2A 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 08:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47018
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 08:16:40 GMT

GET
H2 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 07D9 176 KB
61 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 15:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20157
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 May 2021 15:44:21 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame 07D9 8 KB
3 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7ZEGktIGyzU1MqoGHIjkkrsEbfhH2RVXJuOTipajG9UQMXXwUgjtYjZuOZh0zbGDTUsUF_3YFTnALgYd8sDVpZxKeGvvx3vaVQWUXfW_4T_uc_sYPE9Jr1FhiHrg5_a19qT5k0McGOhfIuPCB87hU36GZ1g&dbm_d=AKAmf-DWC6YIoAjFsBwStVjEAifNrP1Vry6S-ZidjnIMS45GGe10pY28ptmmMz1uB4soqyoNPxc3ZYM8lNg--eSSXvqw9JYhVQ9fJa8rAjskmB13Edcez-dipjDAWLVbXfru6mdhO3j6ktFyO1oJb5-r-fKdnpt5Aw-kYsuBYinvQeSrx38BSKxY2Be97FFqeYPmkxLwMIvsOwt9nVqVoT2E0MhufDlda5R9N_dL3LetCQd1gumOINnJI1CLKmfRySxhF1-byBcReYJoCTKbn0YKAAJKLcuiqImCmlmhzmuav9a-L3Uf4xHRhzczOsA-421gE_hHJPjzrceqR_O7inapKHsOWUad4uMs3iPh4i1-8KZeU1AfvKJKOAtQOOdlT8mW323IiIIs34KswiXoTMEoo9x47-mj36kXm1NELEFMS-9CuFRPw21rCA3RJii02O_PlnQXyJ9QPPBVTah9Q1_-xi86i7uyZZ_yPTQndAqwDAOo3t8OH2Hfst5hJ1qU7AV7Yt-j0Tc6tOrSbXT7qaEIl_2K4ylINAgI6w0Z2q1akbMVueusliSHCHVgrK6F6aFlo8f-X4JMeOqVqsj_oXe2S7ECBtQi1exa6AIaZXwN0TMd2Ktx3fj9SIu7PJFvAfKIhY7tSha50HXp41cxnDoZRn8jkijbadFs19nx6S_dKuWfGJ1h2tcjKse4dakX9_yKSGCDnUYgGFmkl8x36JqcieqJOCj0D4VzbdSoJa4TD7cLlKtbP-jQ0l855f3--FYmyybDiMpZgXwFSVLl5ScobMG-hZw1d5Ymr2SZQysso2vOdAYZ-sHk8x53N0ffuamPGH1-Ywle_ZcTQ8amGsVYGdfspsAYSLWDEg1iMTexFuWTdFksUmGFhf70UkrF8PYSig9pUgK6dWZ1mkAUTfGLaIt1h2GcFRBvIlYZwgyht3xxB6bU79wZOHOk6Dvn8I6EiStbJqAxo5CUl4LzUB7-lHa8t4alax4JF2beOSvhU6Yt0aOnbo1qrnlWvRKsiG06DvQOkPjrrUDB7O8wW9aElzZ0A6TKQ4RGZ8Bhe94tGp3hJ3O6B_-HAW11wqol61HU8AtTVxc0qKDiXW5HSEDxJQlW4r8RudEEvuil4duSMALP__TkDnbdZN4nv5BFdRTTDDXK_SVP_B22_XLtXXjRbr2MM8FT-vlEKjuHJ_mOJEukmntkpNGoVWC2Q5UZDe-hQVVsBqDw9mH-O9U3ZyjvIIv-ZVJOfML9b8f0tTkbpk_6--Bc59-vQWf8ja54_B2Oq8NS5psSvTGBEw-LlMJvTZ-_-oNI3_v_i0ikyJEQU4Pedl788dFFZ9_ZuyrKS9oNpVUhWJqyQ0LkyRLpUm5wNtUpxj--VbIGWZTSPJ6ta2-7PETZVfxTZ04QHFAE4eRFW2UiYnuy6OzDO1sjRz4uTpvU81GbFnb2nHBxmkAbUYfDP1b8qnsY72Q6hgt85Jd7zJeVGIgonRtR8HwpQBe7Uu8WR_z5Lixhv6yYEl6uKnACvOQsYG4wFdT_oHCPG6B8xhn6G5LPo0gJBlrO_6HQZZNKqWy3d_7I9r8V5LQz9ltiZcK3cWqwd03iiL6A--ai7OGNsNyCb50t1f7CRqSfGTbbcqRJ8L8AVK8BdUcbnnSswUItek45Ac0yshNZM9wDtaryMgtr2gVbQM9yeVGGQsidJgPzTuhRXa94i5YO0NfuXCeLCykQftoayTcTERfQhbbzLVpVTQVS-k4tO0TQ2-6indeQyCnthfablMh2aXY2LikS7DSmSuaahzgE85TCxtjsfEzbcMo7ScPhkJri4j1PHrQymyeVYRaAeh_uLIlUkUaeR5DVkqUFTm0_B2y0PiOSujkIWf4-usqd7i2Nxph9iQgNQomPeGDYtJ-E0k51Ov3nU6bsIFyOD9pe4bkuWSA_Jb6BouZBNUPUwmEpBJLueg7slQXypv_TVdMrlybtBUs_3PCRzr3E8tYfru9T5-pm-Kke13dVKr1ql_ibB1X_CNNjQfv1Ow95O4DLMK0SVnNxAP5u2IsqmB6bLwyy8eP3xZEJnlgCaG-CW6hGq5Qzv8MemFDMPZovQiONWQo-qaHcwhLSWyFQrvqbJQIZ1Fn3pkoMVjGMe3JHv9_bFQl8TtOl_fOVU9593ob6sT5e9zZTZda9sqJRxpFrvUMGxMO3EutN4tGUvRU9NayI2_5-05FZ0VLE9y_rQV_4DmPh4mjdFtZ3LtvySZVuqGgCbRZNikV5svJfgEoocvuMj-GNa3hj5hl4gO2v-GvV4Iuffn-aEPyJ_0YUlyN5lxLpvAPIOVyOrpjmZECiotYQTDSRFzbcX42fdVXHPlKdMLlI4K74n62hVQrUNlT57ePF6sbZ1kbuI_xH4ka7l-0UUgynobLAFT6Lgq8ly_q23tKEnpCKYpR1Fiqmz_jGSFvyOTO6-0iPYL4sVp0J9_-7blk1CGH7F7k6RZLsM-KuTmZYXsV7qvZR4zuqC_bC5wbk_t8tvmtewKUz7DRc6Sup4Bg7dYdorpq6nLI7qMZY1Pa5zVgEcexbDDHVgbF2YASdZd0gzCpHK8SsaLyAy7TppHebZLBN9E54aeechyH5AYB-QqhKSEODn00inEvd3nrTnP_Yl7_J3Nrige0khRPK4Jp3cqiQU6w0Ixet1UziN-8gkIPy2MOGGA5Dibw-N3fErxCQOhiCRqfs8CN7d21jXSQVgp1ec2z3o04jEYugi5-r11vnX9ssxxTcoKxcfyqDBMxMN1C2oWcc2W3mRYKiYO8Vc1G2I89w-r-PeqiOqqMJz9x42Bdf2CaH7JS8wVnfRaUGyZqaEeZMyP9VZf2XYuzFN1DMA-lWAVx5qSW7v4J5X3FktxPDf9QFJzsZEWaxVYp7eRGvXpEtePfjB_qD-1uHe94t1pxszscKoYlZ2FEHiVY42FAC-2A_TE1u8Cq6M2cBp1k-FEI9kGZbLXLiHHLqKbQyXxUZqcUp3CbgSg_rV4O4rRfTEg35gitmL6ub_gO6GEnG4g8hsiA9R-LyOlcVb5UO2tlKYiRnxzCJOKaT6iQxPCG2U0eBz9IG4lo_NXs4K2mv&cid=CAASEuRoQTjYGxZi3WDjkT2-K1q16w&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:17:46 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame 07D9 22 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 13108869059872076478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:18:39 GMT

GET
H3-29 200 bridge3.458.0_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 6656 573 KB
188 KB 23ms
8ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e3b76bf5d88736c9b9656cf2810230a811e0e3b7a1e0de037f4345a3e971529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.458.0_pt_br.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.dynad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.dynad.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191996
date: Wed, 12 May 2021 02:16:50 GMT
expires: Thu, 12 May 2022 02:16:50 GMT
last-modified: Wed, 12 May 2021 01:31:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 241408
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7566 44 KB
17 KB 33ms
12ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7566 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 27DB 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 14 May 2021 18:47:55 GMT
expires: Sat, 14 May 2022 18:47:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9143
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6147 36 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2475
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Fri, 14 May 2021 21:39:03 GMT

GET
H/1.1 200
OK dvbs_src_internal85.js Show response
cdn.doubleverify.com/ Frame 1B2A 59 KB
19 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal85.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=151983&plc=5573058&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hTYBIkin29maQWo57HtY8Z&DVP_DBM_1=3060631&DVP_DBM_2=20152640&DVP_DBM_3=50785673&DVP_DBM_4=354550598&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18017767848&turl=https://www.gazetadopovo.com.br/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 6465809b86cc160bfa318016d2f5fd7fd262f468b3bbe9af742cb58f66a20c94

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 May 2021 09:20:22 GMT
Server: Microsoft-IIS/10.0
ETag: "04f1ea5942d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18792

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 07D9 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 08:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47018
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 08:16:40 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4E81 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 14 May 2021 03:14:09 GMT
expires: Sat, 15 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 65169
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 07D9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33f70a38fc1928509d63e439825abeaa3ff5cc536e702751d0f1a3e35481ae39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/ Frame D05C 36 KB
6 KB 27ms
14ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bfa995030896a16b7e6b1d1f9059192c0369af971aebabd5c393fce93da98eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5621
date: Fri, 14 May 2021 21:20:18 GMT
expires: Sat, 15 May 2021 21:20:18 GMT
cache-control: public, max-age=86400
last-modified: Fri, 11 Sep 2020 20:28:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 07D9 0
377 B 93ms
91ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0eZ5PgZBryX9QcWQFxMT7GWjXvGnsTrl4V1vKCWYTvc54M60WlnTFWlTc6AinbC9y0R-EV4Ac7-HN51xF0nwe4ZBb6DCzVWFe7sxtF4JMOdzhoZtIzphlkY6pSkOwdzZNidxB1L4k7C7gLa3paSg6Duuv-4D71Y0LTZbtja93qKgrKJXg4AfIRSIUpqy8MqF_T35U_bxhpCp0uwxu_B5FtYLoXdLd6ATsY0_ik2_TJDvPRJLlnEYoTksD1AUajShoqDgzs3mkUD122UF3kQ9lVu1V9HlOGnbCFyhltig1ciJZ81TKz9GZsgCVlHtFl9JymfC3GMcKcjnFCm_8usRHGQpN2tbc0Uz8tMylUa3Aoo0AgLof01kQ1rJ5WvQbxViQ_Q6TkjChF4NZeaBr6RTlIov5nGR8DKq1L1xTKGrsCSdL-e9mDBDsmxWpBYU7zEZVJCk8U0a8DoHiJdgM9b4OIPAK1pZyHaAzNjB2fmQI-E7ac82WpSHme6clUGWQqBl4zPmnHsMzsS8ikUGbSMyyyIRrUcXkVgDW8Fm3T5b-FyomZyeBihsoZGjzNoY0TnD5AEd2M9XDGDiX_F1-E7sgIBGnkb2rz0QCWbEBvkx14NBoX71JTsulc55CjnrqC_B8RzeG52AXJc4T8mPZUKPByZHZFdJQD7gqbhOrHhV_gNdXcNxoIK-_OJxYyG4B83o_O1jwJ23Isy3qNMpKs7sQMx4kx8In-yNAaeNwgZJcUIehCi-naBSA1jyEbI1_p9zWVpkPCLgJC_KejBVaXZDbbbW1eDuqluseDlHROl3Epeh37oiWVdFS78MhQ9Bme9FNTHhkDALqKlRpbu8xiAxJH9Afz-VDQ74cUFQHWstR9xAFrupKWhxhLYv7e6vkwcoRjiqh83qV_KnAPHIMT17qglaJmnloHUj2Rz6wGEfXreDgblSsEH8KO-I9DTfXKWacKeb_1S4iHddBTqKgOMZ4T4cch7OBFzwZzZjKdcebE8EQCsOCzO8OZc-hZYq2ALnx3ozODaBcKBabg3tbI3pV72idUQcq9KT0wrreV9uOtpcIcD9B4CVRr2l6MwN3VfxzCJxp3uI1LT5nVrB6jhFJ9LWLOBBvILLb48EkOxpLnHLzaPt8ynWtpUbMIl_9nhb02k_CDIcrb2u5mAIFRnccOlQPR0KTZf-bfMJ9LxqhhyXJtHX32b4ARF4lvwDfYUnq5jqs6LXyVFw&sai=AMfl-YQdNTEfggxPF-GppvnFzKqSzepIBeFORPrMmIIWCUsQ6AOGd-jUO7gFys0hyTQgrIu-xYO5mvCpNMasZjgdL9X0x5NZPJunKLculddCfwSl3LUEj1ScOk-dWMI-bqGRHkoRl8-WxuadxNuCexfcTcqmCyxPJw&sig=Cg0ArKJSzHxKGkB2l8n6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&cbvp=1&cstd=160&cisv=r20210511.05562&adurl=

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 14 May 2021 21:20:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 07D9
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961468&d_placement=298885926&d_campaign=25616010&d_bust=3932658238&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961468&d_placement=298885926&d_campaign=25616010&d_bust=3932658238&gdpr=&gdp...

42 B
997 B

75ms
75ms

Image
image/gif

34.246.133.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961468&d_placement=298885926&d_campaign=25616010&d_bust=3932658238&gdpr=&gdpr_consent=

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.133.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-133-154.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v006-0c049be51.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VU6kFdIaQJE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v006-0360d6806.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Y5wbHJnJTzI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961468&d_placement=298885926&d_campaign=25616010&d_bust=3932658238&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 07D9 43 B
1 KB 238ms
57ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=sky-dcm&extLi=25616010&extPm=298885926&extCr=131961468&subid=ADGapID_026_800138_540285701-502988235&rnd=3932658238&gdpr=&gdpr_consent=

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Bruggen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Fr, 14 Mai 2021 09:20:18 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 14 May 2021 21:20:18 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 9A4C 1 KB
1 KB 20ms
6ms Document
text/html 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal85.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=58595
Date: Fri, 14 May 2021 21:20:18 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 1B2A 3 KB
2 KB 190ms
50ms Script
text/javascript 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_468039761636&jsTagObjCallback=__tagObject_callback_468039761636&num=6&ctx=1828362&cmp=151983&plc=5573058&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=468039761636&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.48&dvpx_strhd=0.48&brid=0&brver=&bridua=3&dup=null&turl=https://www.gazetadopovo.com.br/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hTYBIkin29maQWo57HtY8Z&DVP_DBM_1=3060631&DVP_DBM_2=20152640&DVP_DBM_3=50785673&DVP_DBM_4=354550598&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18017767848&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=11&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=134&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D82K6E25%40A%40G%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D82K6E25%40A%40G%40%5D4%40%3E%5D3CTar9EEADTbpTauTau435322fg4%60543h425%602e622g4habgff6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=10.57
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal85.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b4093e53fe6f7ff4a948f4096de7f42865ae0fd5fb5be2426b64edaf8a3824c9

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Fri, 14 May 2021 21:20:18 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 5/13/2021 9:20:19 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 3515 4 KB
2 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=10409
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H3-29 200 container.html Show response
cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B574 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js?31061163

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 14 May 2021 21:20:16 GMT
expires: Sat, 14 May 2022 21:20:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FC27 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 14 May 2021 18:47:55 GMT
expires: Sat, 14 May 2022 18:47:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9143
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/ Frame D05C 6 KB
2 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caebfb6e968f13cbc1e05d1abf95e2bb18c578608bdbd3cf438a42fd636f0213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 05:41:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56306
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1675
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 20:28:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 May 2021 05:41:52 GMT

GET
H3-29 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame D05C 109 KB
37 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 20:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4306
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 May 2021 20:08:32 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame D05C 59 KB
22 KB 14ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1914357
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
cf-request-id: 0a0e597e050000636bbe173000000001
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X8AK%2B%2FkZ%2BjFzOQZwE59DVguf7tCEkiZC%2FV94HcTYySOMxbiAFr62JBALNF7%2Bhm7rXiv0pdJ9VpXc%2Fz5qdF8WaYbMPSXcCRbNA%2B0XsfRAVQgaEytNuIbOiX7CcmnbwC9sag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64f72b766be7636b-FRA
expires: Wed, 04 May 2022 21:20:18 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4E81
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEFTRl1XzBMLWEjcZIJThSA&google_cver=1&google_push=AQvitULxN5c5my4a9HVkYzFLQdniF26ZEc-9F6V4w7Z_CM63cMK97WNn7wZyJP1mQW0m5uAgoKqzHHNxFGo9YYSz50bczreF05We
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzIxOTYyNzkwMjgyNjg0NTA2MA==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOBBgf43Q-m0pWYcmM7zZ0E&google_cver=1

43 B
407 B

22ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOBBgf43Q-m0pWYcmM7zZ0E&google_cver=1
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOBBgf43Q-m0pWYcmM7zZ0E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4E81
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOkzHiotjE1D-yiGTFH1biY&google_cver=1&google_push=AQvitUIG9lt21EAhAosjp-VXo5t2dVwmLb1no0xhvgjvBWHv5Ak5qDFG81Ddv5UIhWcYA5cogjfgpH6qeX5optIY...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIG9lt21EAhAosjp-VXo5t2dVwmLb1no0xhvgjvBWHv5Ak5qDFG81Ddv5UIhWcYA5cogjfgpH6qeX5optIYVDcuN9NCSL1I

170 B
188 B

69ms
68ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIG9lt21EAhAosjp-VXo5t2dVwmLb1no0xhvgjvBWHv5Ak5qDFG81Ddv5UIhWcYA5cogjfgpH6qeX5optIYVDcuN9NCSL1I

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 May 2021 21:20:22 GMT
Server: MT3 3736 915c305 master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUIG9lt21EAhAosjp-VXo5t2dVwmLb1no0xhvgjvBWHv5Ak5qDFG81Ddv5UIhWcYA5cogjfgpH6qeX5optIYVDcuN9NCSL1I
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 14 May 2021 21:20:21 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4E81
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECquoKirtCEEEH-o-4dbkis&google_cver=1&google_push=AQvitULC8yXUaeK4INCbb5K3E_qNyzL_spD2f75k-cd9gsthpq4yDh9qZKKg8...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESECquoKirtCEEEH-o-4dbkis&google_cver=1&google_push=AQvitULC8yXUaeK4INCbb5K3E_qNyzL_spD2f75k-cd9gsthpq4yDh9qZKKg8...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=YA4SXoe4CxPO2Jsh_q_e0A&google_push=AQvitULC8yXUaeK4INCbb5K3E_qNyzL_spD2f75k-cd9gsthpq4yDh9qZKKg82yVV5mq4TEr9oJ5XlD-L...

170 B
188 B

77ms
77ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=YA4SXoe4CxPO2Jsh_q_e0A&google_push=AQvitULC8yXUaeK4INCbb5K3E_qNyzL_spD2f75k-cd9gsthpq4yDh9qZKKg82yVV5mq4TEr9oJ5XlD-LAVONu--KzvPVhfd8nHu

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=YA4SXoe4CxPO2Jsh_q_e0A&google_push=AQvitULC8yXUaeK4INCbb5K3E_qNyzL_spD2f75k-cd9gsthpq4yDh9qZKKg82yVV5mq4TEr9oJ5XlD-LAVONu--KzvPVhfd8nHu
Date: Fri, 14 May 2021 21:20:19 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 238
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame 4E81 43 B
63 B 20ms
17ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEBL3NmsTHAXeuy2RYyTgXUM&google_cver=1&google_push=AQvitUI3MlvmzmkzKuU5IjuUG9kUAGPx_SS6ur0GCMKyscDH67huGYlenwzYMNuSDvBFkKZLrX6L8FXnThnZOoWuQJ2Bda2YN5HE

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 15 May 2021 21:20:18 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4E81
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEF4-2Mbri5zY850df_5N82o&google_cver=1&google_push=AQvitULQpnim4zGwCDT3tAaVBl2VjOBUBClKDYrEMl2VqyhFI25OPylEAyZSib6yaL_S8LnNSIRQVfaXbXMdJ_VrW...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEF4-2Mbri5zY850df_5N82o&google_cver=1&google_push=AQvitULQpnim4zGwCDT3tAaVBl2VjOBUBClKDYrEMl2VqyhFI25OPylEAyZSib6yaL_S8LnNSIRQVfaXbXMdJ_VrW...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULQpnim4zGwCDT3tAaVBl2VjOBUBClKDYrEMl2VqyhFI25OPylEAyZSib6yaL_S8LnNSIRQVfaXbXMdJ_VrWg7kBzwrfQJD&google_hm=593bb66a72bfc26215e5256e

170 B
188 B

78ms
78ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULQpnim4zGwCDT3tAaVBl2VjOBUBClKDYrEMl2VqyhFI25OPylEAyZSib6yaL_S8LnNSIRQVfaXbXMdJ_VrWg7kBzwrfQJD&google_hm=593bb66a72bfc26215e5256e

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 May 2021 21:20:19 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULQpnim4zGwCDT3tAaVBl2VjOBUBClKDYrEMl2VqyhFI25OPylEAyZSib6yaL_S8LnNSIRQVfaXbXMdJ_VrWg7kBzwrfQJD&google_hm=593bb66a72bfc26215e5256e
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4E81
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAAa3V2yFYJHuCsjHmasiL8&google_cver=1&google_push=AQvitUIsGI-WCsbjhOcNr7OHMLP5phWoHsduSDpJYXNptV2WMFbfFJuZxh4ZUWAE3Hr-O8pwLy-9bXRjLUay8Wo6...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=dc00199a9381413ebfc1&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUIsGI-WCsbjhOcNr7OHMLP5phWoHsdu...

170 B
188 B

62ms
61ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=dc00199a9381413ebfc1&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUIsGI-WCsbjhOcNr7OHMLP5phWoHsduSDpJYXNptV2WMFbfFJuZxh4ZUWAE3Hr-O8pwLy-9bXRjLUay8Wo6prmoRkxhFj7L

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 May 2021 21:20:19 GMT
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=dc00199a9381413ebfc1&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUIsGI-WCsbjhOcNr7OHMLP5phWoHsduSDpJYXNptV2WMFbfFJuZxh4ZUWAE3Hr-O8pwLy-9bXRjLUay8Wo6prmoRkxhFj7L
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: YbYA4htp6I48onRXKUfNH3YrBPWj_uK3hzAP2TbedPTYVX0iR1OCCg==

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4E81
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBdhcrU7aNhLLrkYhVlhlPM&google_cver=1&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5Oo...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBdhcrU7aNhLLrkYhVlhlPM&google_cver=1&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5Oo...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBdhcrU7aNhLLrkYhVlhlPM&google_cver=1&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBdhcrU7aNhLLrkYhVlhlPM&google_cver=1&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyZjI3ZTc1Yi1iNGZhLTExZWItYmJkYS0wNjQ1Y2U2MDM1MDg%3D&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5OoORGiAJxYF6...

170 B
188 B

90ms
90ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyZjI3ZTc1Yi1iNGZhLTExZWItYmJkYS0wNjQ1Y2U2MDM1MDg%3D&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5OoORGiAJxYF6qOl0ehpe8pSTd25ZB1wek20D8bs0ZIQdzUKg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 May 2021 21:20:19 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAyZjI3ZTc1Yi1iNGZhLTExZWItYmJkYS0wNjQ1Y2U2MDM1MDg%3D&google_push=AQvitUJyHP5k_Zw8guaoRKjsF69Hz0I3X8C2CEOtsjQ_5b_O5E27u5OoORGiAJxYF6qOl0ehpe8pSTd25ZB1wek20D8bs0ZIQdzUKg
Connection: keep-alive
Content-Length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 4E81 0
12 B 116ms
59ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQ-R0co45XFTLAIC3TQgb46W7vMs14gNTTAqGDGIlliwfZ9vRbV0AL6MHeyFec2S0K77xZ4g

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 27DB 14 KB
6 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 9145
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 14 May 2022 18:47:53 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D6FB 478 B
251 B 52ms
48ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhjtyMueATAB&v=APEucNVYesqu9XVYMoHOcbK-MjA2mku0apR_ohmJuRmShBoSIskrhWn2p-iF59C4D0PBZxYKhdJAI4rQYBPm_BtYu8IvFA8Lc1TXdzvPL54WFoh4QerMsZwP9rZx0Xdr0LLusDn5nYrpdQOyGcvtnlZjVY4ZsZeyGK8bg-EzCIevSKGT3QNECbzJoDtdok5z6VuBGYp-WePjXHwDiW2PZQQlrP0YLnjWtA

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfwggIQpb6JAhjtyMueATAB&v=APEucNVYesqu9XVYMoHOcbK-MjA2mku0apR_ohmJuRmShBoSIskrhWn2p-iF59C4D0PBZxYKhdJAI4rQYBPm_BtYu8IvFA8Lc1TXdzvPL54WFoh4QerMsZwP9rZx0Xdr0LLusDn5nYrpdQOyGcvtnlZjVY4ZsZeyGK8bg-EzCIevSKGT3QNECbzJoDtdok5z6VuBGYp-WePjXHwDiW2PZQQlrP0YLnjWtA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUldAk92iCVg1c1G0tOGbtbF753CAbiSe13G9bJneqmQXqT7qjVa6BYgt4yNUnQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 14 May 2021 21:20:18 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B574 43 KB
21 KB 58ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEWqsRkmozw2ZGoPdd9bTy1qTHUmCWlaXsPZN0i78uOlt9Ua-E9VG92_nrW319eKSYvmi-3AOruEJpg7W8_UVcbFCAahaMyaozd1y9zXp8jT0U4wMtPsLgq-Ao7rImD1OPOTzUeC3Gi4rX1sB6Sf1jw7_aOg&dbm_d=AKAmf-DdM00l74zu8Dz9_VE9ryjWDiesI2E1OvPYv0nX4aVtgTU46Exjz6Na89PsphzMXPEtXa22zDz8xDvOW1pphWRPnkH6bmQH0uDi8ef4dhqQY_df5HN78rDR2TRhvAXdFcGmTdOLyBf0_M7bPL74pyJednbN1GFhUx7xHhLnsMEShgYcn36Msnz7KNwYtoi4z7k_Zz6aIqv4IxrrwbwpEpvw0je9goKesRVacvS1o9gtWLeoCPd8t9oFsO_8ajvZBTIHgRL0xhgTc-6kV6Kw1HMHS3wLcTcNwr2hEpYQds8vgx_Dv2qkp4CRpfoUvk34N62UbPbuVERsUVJww-DHqZLfVyz32unTQM0eN1w01plWGyrWI3N_v22GlHlX0e71irLTylgAcaxRP1-DLA1iEvlTzrKUPLqI1YBUwnbInRpGJbyZkMDsw4rZ6YLc-Cie0KiCnWIG2V2DN8MG6DnfWv2rd8OzlDX6vYOQH63p3VQLLyoabZGI_Xa29ME5SjMBDjSNfNEecRGuZCUotSoetsg8ywNw_Vx_rBx4HMrHHfzM0uSmXagze3QFlo7Z4GxwX1qwbklSQAEc_jOgdkr3x8aniZVpG1Vo3R5Zp4DYcn2rSiyJ21RmDvGR_RqpY4UALFY7N1P3BdTo-Yo7A_H7w28Rqub-Tnt2_LtzXsauH5MvG39KQjRYGfZtSAo2Xs7c5np3M0NPnpNSP-t41vJ4rgmQwpKo37qj8v5etQYmz2vUyPxFZTk5o1q9LStjycH1QeMVwp-vMNLmN_IjY8miu5IlYjzBOXC4HpEXzq0dRulPaukU_GgjTKaUAHOR60umiZYhHcuIYNa8Iezb3DmpFXGVwUCfWDBq__egPw8Z2AnG-x4dyEQAWrnrBGcj6DU2IzqrfCU59PivKsi4IXMuPsqj0f0pzcTrjFKcBgt4Nk5LxKN6D46CQhfPpVK48GFP5awEAwbu1CsiYFMtP8FN482xSuqW9SPgSeZLwwwy3DipuD4-D-q_qftoekrbQCq92YCWdnZ3xzCBt-nK8cfQpgPH0JvXCSxBCICalK468-272q5et1gbfs_NwoadvEXwUtFavplfjZSLQiGVn7GbwFRorAdJgVKJwET79ZwQ4_IzgHvxmvOZjrcQ1HLoQrFbhPayspwLa4N9y1r9BLdhH3zqNp1ggkabJ4fjZdlfYK3dIjtZTXAQySuqPyXLZiLWWqCIIIIBGkeyVbJjMc0emTaCVtX8tI-QohNhg8LaRwdSZ3JQ-e3BGbum8wFO3cDWWHYNqLwYGgJ1HkrMUE6AYehqCiyYU2l3Fat-8VFzQ1AVPhw8fVBHoqcZnako7kUXxNaP1MEw1rrja0IaAJAipPF59pcdu4x1vPEqKo4s9K-jX83vkxpNbz4Dtcz1zgYIhc1Krp5ZJQ8bAxuvJXbyzv3gqa87YVdvRWNEYS9iTYLfv0yjAV_i-IQxvnAx5Uqz6zhCd2uGWJk0PQX4hgKdPBGn2FimkqdYTs0PicvllSJVvEtYDffbUIth1UUNZcq3cFEE1RsmZUqt5kNxaPWSo9G9ZRGrs2yXF82-pYQoxplkaWKXnHEyo5a98tmTv7Daj3HkKc25kUU68caA-BJ_Vh-8q5O2srwwaO8_7Nr8d3VQEfcBze9MfcumPnVKKsjflH6I7KsDtBg_CMjEQQUhfu56P__Z59yF8FMve3NgrGw5P1MF59B3I-_mgnrSQ-orRUvEUw2MgFk5B17CuVkiunuPUefVVJhrYxXdgtz3__fR59I8mN2WnP4LXUly5I6QxfjDFMWeE7zOB3iAqy7YHQow8uewhU8eu15ykEth8oZrH6GOzCXA0q7FazRwMGTnk4T5HJfgOxdxXK3ektOUOxA5-BR0OFbfNvGeY-ap6DdeN-JjSpLw5a02hsHPJvp4x59mqKtfBEwOMZM1jL8RRm_tInYjVQP8Qz0F4bvHVSrY_vwT67ELYXvrpke90bD7aQKytFgHt6T75Ooo3VKDUvOPPZMIh2wXt4F-wnflUGbEKJ0320Z_wBWPPSnyxXBB8zrX-xe_O4ZXOEytRH-I-dK7Z08LLFP1MPLUBoaRtMc6YrT5GkDdd5h6P2BS4SwZ0svB_nrSdWTKBhdpujW0IJ4fbx2ODuoOgjfiHUJxVI-JymfCgCX9rrdCc1NCkB9nmagg2X_P2SMuH2HtNOevwaQ7FkkGjwGfim0-0T4rTvY6rNYSXV5eIcqL4EY3B0AkwqCaVEc-lFcF6JEAJTPCwabvkA3tUk-rglvNiYXXkvvK9tg3bEVYzFnyHOyahqofV-cY6sdo6vLYUm8etifoVBpup2tUa-ZvU9ubsq0oavY9a5LjjHInaGwTdh7E1z9GIOxctLidx_pKm8OV6H6t7iDvs477yneNh52kNZ0oxs8qKuoIvnPd6j_7XbLfqMaiWuWaWUbkGjfMjoKSB6qJGj9IXvhIxmSJidQ-7_YKb0fmyUsOfxdopZH3mieaezSeZXKkd2muE9nfEUm7wwKUSGQD8VruxVSdVEqbtfGcZsGQOl7GHh1Oj9Wvz8Q8hyD_qHKV3xoNJCA5Q6PU0r47SjObdCw2ghTMO8lZBIadoiL7SXtTvtLkmRBZIg1_GDHYBRZttCPgFxoGkFRbcqmuM_HPbVwb2P4rhwje5uE7yElN9qf06xi0lA9Ksg_7-XRnAyJcepr406lAQVrdFj5HIqLqAyeba17vMA93XYNMVt6n9EHXCmaILPP9TSEEHHk0j1mVvJK4av9iV0bUMmNtmSQFok7VvwPBtiue3mCizSX7MrO8ym4IZJqUEb-kofrIYfsBEzpjV9DDjhL4HR7wZU83S0vHCdL_BG78BoXi5kMJAFDWKlawxnr_VBvg17DUr1z_jCHzcHflx4n5fJGanCqtSfYWpi-uY6dU89aldBuP_oKjc30&cid=CAASEuRo_QyEP14GY1zcd0_fGb2s2w&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

847d69f7e47ca594c9315d75cb536c6a8c03c4b6ca1da669ad29cd422c2dd393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B574 42 B
63 B 53ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BqYeXwkRpKeniVQyO9v4mOsDBnhshcCVL_b6JCHKiNxWIbrSA_Ir7uo3yzlvnZ-gQDf0jejW6MROItkEzCfGHPnfTvK_Qi0_getMV5dulQgnxmrGo

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame B574 2 KB
1 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:18:33 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B574 116 KB
35 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f711976feb745d0a181437d8d6b31bd07213c35cddb8c1e53c99aef0635d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620837837546646"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36097
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:18 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame B574 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:20:00 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B574 0
0 49ms
46ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHKIBEuqPBfnhuh-rRYLuVsig3LYLPfqdR48cRPGWs-cCefXziFUZTJH-XZYpqexQ1qK33jm0txuCJftOy3OaSGqcoKg
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame FC27 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 9146
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 14 May 2022 18:47:53 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 07D9 0
23 B 102ms
102ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame B574 22 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEWqsRkmozw2ZGoPdd9bTy1qTHUmCWlaXsPZN0i78uOlt9Ua-E9VG92_nrW319eKSYvmi-3AOruEJpg7W8_UVcbFCAahaMyaozd1y9zXp8jT0U4wMtPsLgq-Ao7rImD1OPOTzUeC3Gi4rX1sB6Sf1jw7_aOg&dbm_d=AKAmf-DdM00l74zu8Dz9_VE9ryjWDiesI2E1OvPYv0nX4aVtgTU46Exjz6Na89PsphzMXPEtXa22zDz8xDvOW1pphWRPnkH6bmQH0uDi8ef4dhqQY_df5HN78rDR2TRhvAXdFcGmTdOLyBf0_M7bPL74pyJednbN1GFhUx7xHhLnsMEShgYcn36Msnz7KNwYtoi4z7k_Zz6aIqv4IxrrwbwpEpvw0je9goKesRVacvS1o9gtWLeoCPd8t9oFsO_8ajvZBTIHgRL0xhgTc-6kV6Kw1HMHS3wLcTcNwr2hEpYQds8vgx_Dv2qkp4CRpfoUvk34N62UbPbuVERsUVJww-DHqZLfVyz32unTQM0eN1w01plWGyrWI3N_v22GlHlX0e71irLTylgAcaxRP1-DLA1iEvlTzrKUPLqI1YBUwnbInRpGJbyZkMDsw4rZ6YLc-Cie0KiCnWIG2V2DN8MG6DnfWv2rd8OzlDX6vYOQH63p3VQLLyoabZGI_Xa29ME5SjMBDjSNfNEecRGuZCUotSoetsg8ywNw_Vx_rBx4HMrHHfzM0uSmXagze3QFlo7Z4GxwX1qwbklSQAEc_jOgdkr3x8aniZVpG1Vo3R5Zp4DYcn2rSiyJ21RmDvGR_RqpY4UALFY7N1P3BdTo-Yo7A_H7w28Rqub-Tnt2_LtzXsauH5MvG39KQjRYGfZtSAo2Xs7c5np3M0NPnpNSP-t41vJ4rgmQwpKo37qj8v5etQYmz2vUyPxFZTk5o1q9LStjycH1QeMVwp-vMNLmN_IjY8miu5IlYjzBOXC4HpEXzq0dRulPaukU_GgjTKaUAHOR60umiZYhHcuIYNa8Iezb3DmpFXGVwUCfWDBq__egPw8Z2AnG-x4dyEQAWrnrBGcj6DU2IzqrfCU59PivKsi4IXMuPsqj0f0pzcTrjFKcBgt4Nk5LxKN6D46CQhfPpVK48GFP5awEAwbu1CsiYFMtP8FN482xSuqW9SPgSeZLwwwy3DipuD4-D-q_qftoekrbQCq92YCWdnZ3xzCBt-nK8cfQpgPH0JvXCSxBCICalK468-272q5et1gbfs_NwoadvEXwUtFavplfjZSLQiGVn7GbwFRorAdJgVKJwET79ZwQ4_IzgHvxmvOZjrcQ1HLoQrFbhPayspwLa4N9y1r9BLdhH3zqNp1ggkabJ4fjZdlfYK3dIjtZTXAQySuqPyXLZiLWWqCIIIIBGkeyVbJjMc0emTaCVtX8tI-QohNhg8LaRwdSZ3JQ-e3BGbum8wFO3cDWWHYNqLwYGgJ1HkrMUE6AYehqCiyYU2l3Fat-8VFzQ1AVPhw8fVBHoqcZnako7kUXxNaP1MEw1rrja0IaAJAipPF59pcdu4x1vPEqKo4s9K-jX83vkxpNbz4Dtcz1zgYIhc1Krp5ZJQ8bAxuvJXbyzv3gqa87YVdvRWNEYS9iTYLfv0yjAV_i-IQxvnAx5Uqz6zhCd2uGWJk0PQX4hgKdPBGn2FimkqdYTs0PicvllSJVvEtYDffbUIth1UUNZcq3cFEE1RsmZUqt5kNxaPWSo9G9ZRGrs2yXF82-pYQoxplkaWKXnHEyo5a98tmTv7Daj3HkKc25kUU68caA-BJ_Vh-8q5O2srwwaO8_7Nr8d3VQEfcBze9MfcumPnVKKsjflH6I7KsDtBg_CMjEQQUhfu56P__Z59yF8FMve3NgrGw5P1MF59B3I-_mgnrSQ-orRUvEUw2MgFk5B17CuVkiunuPUefVVJhrYxXdgtz3__fR59I8mN2WnP4LXUly5I6QxfjDFMWeE7zOB3iAqy7YHQow8uewhU8eu15ykEth8oZrH6GOzCXA0q7FazRwMGTnk4T5HJfgOxdxXK3ektOUOxA5-BR0OFbfNvGeY-ap6DdeN-JjSpLw5a02hsHPJvp4x59mqKtfBEwOMZM1jL8RRm_tInYjVQP8Qz0F4bvHVSrY_vwT67ELYXvrpke90bD7aQKytFgHt6T75Ooo3VKDUvOPPZMIh2wXt4F-wnflUGbEKJ0320Z_wBWPPSnyxXBB8zrX-xe_O4ZXOEytRH-I-dK7Z08LLFP1MPLUBoaRtMc6YrT5GkDdd5h6P2BS4SwZ0svB_nrSdWTKBhdpujW0IJ4fbx2ODuoOgjfiHUJxVI-JymfCgCX9rrdCc1NCkB9nmagg2X_P2SMuH2HtNOevwaQ7FkkGjwGfim0-0T4rTvY6rNYSXV5eIcqL4EY3B0AkwqCaVEc-lFcF6JEAJTPCwabvkA3tUk-rglvNiYXXkvvK9tg3bEVYzFnyHOyahqofV-cY6sdo6vLYUm8etifoVBpup2tUa-ZvU9ubsq0oavY9a5LjjHInaGwTdh7E1z9GIOxctLidx_pKm8OV6H6t7iDvs477yneNh52kNZ0oxs8qKuoIvnPd6j_7XbLfqMaiWuWaWUbkGjfMjoKSB6qJGj9IXvhIxmSJidQ-7_YKb0fmyUsOfxdopZH3mieaezSeZXKkd2muE9nfEUm7wwKUSGQD8VruxVSdVEqbtfGcZsGQOl7GHh1Oj9Wvz8Q8hyD_qHKV3xoNJCA5Q6PU0r47SjObdCw2ghTMO8lZBIadoiL7SXtTvtLkmRBZIg1_GDHYBRZttCPgFxoGkFRbcqmuM_HPbVwb2P4rhwje5uE7yElN9qf06xi0lA9Ksg_7-XRnAyJcepr406lAQVrdFj5HIqLqAyeba17vMA93XYNMVt6n9EHXCmaILPP9TSEEHHk0j1mVvJK4av9iV0bUMmNtmSQFok7VvwPBtiue3mCizSX7MrO8ym4IZJqUEb-kofrIYfsBEzpjV9DDjhL4HR7wZU83S0vHCdL_BG78BoXi5kMJAFDWKlawxnr_VBvg17DUr1z_jCHzcHflx4n5fJGanCqtSfYWpi-uY6dU89aldBuP_oKjc30&cid=CAASEuRo_QyEP14GY1zcd0_fGb2s2w&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8628
x-xss-protection: 0
server: cafe
etag: 13108869059872076478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:18:39 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame B574 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:17:46 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B574 0
24 B 97ms
97ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHgDwWfsqKe2DQCfJ6CbHkYSQ15yvkeo4DfuBZMP1fLBOyP6wOq-_ux4OC-k-DvHqYd5Ugcq1AT4CmCLg0kpRd6LfMyfBjJkMzWpTERXYfQgb-uXUCuoYroBjHuXw78Vhark41VcE4ZjqBMzZrxxZ4lH1Obmz5eGu-YaW3BKjfOiReJ0D91bWa4IZ1m0xXRtB3Bw13215Nzn_pW9SdZa0i2rVKeoPsAqWYaiHIKbqKwnmvU1Oqu3ISYu3A4BUBhVLvcJu7MW4RZtxy6pKzuMLuPhMvk86ArAhVkPni0DjRGv6f6d2KDEabDL57BWKnHeYY4HCuxmK9CiwoGec-70mmqFWdAJgP4JhlVh5k6sTV83DIMsm_jIeLNE6XWKzsz9TIdaVzGQJtxU-Rh8T9h6u5aoOYjlC4yFSeblduN2KO0SqfOBnyz6sUuRQR9aHJRmqvASl3RmX_FprW7lKkj8KLEZZkl6gGBi5YgQQ-qZg94GWqqaHPvEPFAegov5jnfPsHQ4GJ8j726jd3N1GwwBhKI-HyzG8kTHoIyKQmsqc75j8Wr_UHFACKL9QeKs3ENw2y9revR2DH0Bl73urumIjzwJ9M2w5Pua4_wKhyBfYhkXQWdzxHWdyS3FGP-w8jM1OVCs3e7i2I6YroMCoDnzknwxfs8Xyz2iX9lu_yf8WUKdDwuEz3ndomRS3NEJK2L7HlO_0mkhfwuAI0Toul8By7swVZxLxrdK42vMCYm9NgsPeLm7CsQa-uVgxwmJUzkWuQRlPQJgUorUkCEy9pK-2zKLIqMkdbxwTcAxVc8EAlWNXQiF3nZ8hpPi0tVrzQ1_mW3v-rKCOy689fj_VjyKnDDQGW8Ih2RBTalpGRclQPtlTJbF0w0Om6A3qGvJVPUPzNNpzIk46bx7ltMm1XyoN_eDaLlBVVo0rYf-tXty-Zp5_mcSMu3meDyXz1rSRal4DYbEqHCP2mWwGItWbqgQDSV9Clt5RuuHNzeGO6UEFn2z8uIzZxo5mfVaeF3sTdAyZUdzaCozSswB6_mO7EsAgnWsoX-R7u0cOt1SVbhlI1yEk-O2mg3w2tfpzQbiegEHct00cFdLjCjBDrQnfovMTbj6S1Jn9wBqwB5_APismTbxNla8yHECmM3uxu5sex2MNFfa8KOQNpRnS-0sk05-uJwSN--O--mEi_X4KHD-a-HXHwHC5ZTg&sai=AMfl-YQTTVCTrxLupk-RhEm7svfaVTVnLwJgiZcCwxnZC--j5WABB1GKh03A6Zk4A2g7MdQE7VWk1x_ygVSxBpwQ-912bScPvF_n2x5Uw9eqUZBH2QcS6NmEFoVimZMl-jUMvGWg3O68p7TGtqAB7z-rIkLZDHIU1w&sig=Cg0ArKJSzGab4l5djkC_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210511.34244&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 14 May 2021 21:20:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B574 41 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 08:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47019
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 08:16:40 GMT

GET
H3-29 200 gw_features-syos_de_green-man_img_728x90.png
s0.2mdn.net/9331222/ Frame B574 32 KB
32 KB 7ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9331222/gw_features-syos_de_green-man_img_728x90.png

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

815512205618063457185ef1655698d63565936ecfc7a1d91e4aeae651a701ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 09:32:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Feb 2021 18:42:07 GMT
server: sffe
age: 42450
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32415
x-xss-protection: 0
expires: Sat, 15 May 2021 09:32:49 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 1B2A 8 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal85.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cd20f7f3eb62fd36c0bcf3021b9cfe55bb84da873ea1a88717c61ef90dadf1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 20:35:37 GMT
server: sffe
age: 354
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3762
x-xss-protection: 0
expires: Fri, 14 May 2021 22:14:25 GMT

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 1B2A 807 B
1 KB 162ms
66ms Image
image/gif 213.254.244.23
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=aa1df3adeccf4bd19b1afd80e44bbfb7&dvp_or2=1&cbust=1621027219247686
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:19 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 5/13/2021 9:20:19 PM

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6656 19 KB
4 KB 369ms
358ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Fgazeta_do_povo%2Fin-article&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=1640209530288075&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&vpa=auto&vpmute=1&sdkv=h.3.458.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3197258961&sdk_apis=2%2C8&sid=C8360AAC-FC9F-46E2-AE6C-AC71EAD5C1D7&eid=44739554&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dt=1621027219260&scor=2864820028261340&ged=ve4_td1_tt0_pd1_la1000_er17.0.167.300_vi0.0.0.0_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

b4af28a37edf9f09e8ea10206c8c8a8ef8615968b475463e06a451b990b25fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3701
x-xss-protection: 0
google-lineitem-id: 5681019551
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347846892
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame D6FB 170 B
188 B 96ms
81ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhjtyMueATAB&v=APEucNVYesqu9XVYMoHOcbK-MjA2mku0apR_ohmJuRmShBoSIskrhWn2p-iF59C4D0PBZxYKhdJAI4rQYBPm_BtYu8IvFA8Lc1TXdzvPL54WFoh4QerMsZwP9rZx0Xdr0LLusDn5nYrpdQOyGcvtnlZjVY4ZsZeyGK8bg-EzCIevSKGT3QNECbzJoDtdok5z6VuBGYp-WePjXHwDiW2PZQQlrP0YLnjWtA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D6FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNGF5KYMKcyRWt6G5yBM0s&google_cver=1

43 B
1014 B

50ms
50ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNGF5KYMKcyRWt6G5yBM0s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhjtyMueATAB&v=APEucNVYesqu9XVYMoHOcbK-MjA2mku0apR_ohmJuRmShBoSIskrhWn2p-iF59C4D0PBZxYKhdJAI4rQYBPm_BtYu8IvFA8Lc1TXdzvPL54WFoh4QerMsZwP9rZx0Xdr0LLusDn5nYrpdQOyGcvtnlZjVY4ZsZeyGK8bg-EzCIevSKGT3QNECbzJoDtdok5z6VuBGYp-WePjXHwDiW2PZQQlrP0YLnjWtA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 14 May 2021 21:20:19 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFNGF5KYMKcyRWt6G5yBM0s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D6FB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJ7pknOlCylwzk2IydeRkgAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YJ7pknOlCylwzk2IydeRkgAA&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO0jgyA6tIZD1bsaF8HdLqc&google_cver=1

43 B
894 B

53ms
52ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO0jgyA6tIZD1bsaF8HdLqc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhjtyMueATAB&v=APEucNVYesqu9XVYMoHOcbK-MjA2mku0apR_ohmJuRmShBoSIskrhWn2p-iF59C4D0PBZxYKhdJAI4rQYBPm_BtYu8IvFA8Lc1TXdzvPL54WFoh4QerMsZwP9rZx0Xdr0LLusDn5nYrpdQOyGcvtnlZjVY4ZsZeyGK8bg-EzCIevSKGT3QNECbzJoDtdok5z6VuBGYp-WePjXHwDiW2PZQQlrP0YLnjWtA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 14 May 2021 21:20:19 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO0jgyA6tIZD1bsaF8HdLqc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B574 0
23 B 97ms
92ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D05C 5 KB
4 KB 25ms
15ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c464515482990e9c475b99f638f909bd5741ccbaaeff92e0092e2cc9ae06ec75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4201
x-xss-protection: 0

GET
H3-29 200 blank.png_1599855961885_blank.png
s0.2mdn.net/dynamic/2/10713123/s0.2mdn.net/creatives/assets/3690075/ Frame D05C 95 B
117 B 15ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10713123/s0.2mdn.net/creatives/assets/3690075/blank.png_1599855961885_blank.png

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 10:03:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Sep 2020 20:26:06 GMT
server: sffe
age: 472598
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Mon, 09 May 2022 10:03:41 GMT

GET
H3-29 200 SkyTicket_ENT_0103_728x90_Kardashians_1.jpg_1616764571309_SkyTicket_ENT_0103_728x90_Kardashians_1.jpg
s0.2mdn.net/dynamic/2/10713123/s0.2mdn.net/creatives/assets/3690075/ Frame D05C 35 KB
35 KB 15ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10713123/s0.2mdn.net/creatives/assets/3690075/SkyTicket_ENT_0103_728x90_Kardashians_1.jpg_1616764571309_SkyTicket_ENT_0103_728x90_Kardashians_1.jpg

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d617e9f08cbc93669539892246840ab9e58e60390ba375031499f4e5db86d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 12:32:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:16:23 GMT
server: sffe
age: 31664
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35350
x-xss-protection: 0
expires: Sat, 14 May 2022 12:32:35 GMT

GET
H3-29 200 SkyTicket_ENT_0103_728x90_Kardashians_2.jpg_1616764571309_SkyTicket_ENT_0103_728x90_Kardashians_2.jpg
s0.2mdn.net/dynamic/2/10713123/s0.2mdn.net/creatives/assets/3690075/ Frame D05C 65 KB
65 KB 16ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10713123/s0.2mdn.net/creatives/assets/3690075/SkyTicket_ENT_0103_728x90_Kardashians_2.jpg_1616764571309_SkyTicket_ENT_0103_728x90_Kardashians_2.jpg

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77bd57534e8d8e1b464f7b84eae2273d50b25ce55fb991a0b31c5b1f30c1bc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/index.html?e=69&leftOffset=0&topOffset=0&c=cwAN9bNnH0&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 05:00:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 13:16:25 GMT
server: sffe
age: 318001
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66786
x-xss-protection: 0
expires: Wed, 11 May 2022 05:00:18 GMT

GET
H2 200 impl_v71.js Show response
www.googletagservices.com/dcm/ Frame 1B2A 37 KB
16 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v71.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93da23ad716e68c9eff8fcfcf2ccf7056467e6d6e34ae308ec9ef571b64dff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 15:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 20:14:08 GMT
server: sffe
age: 106595
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
expires: Fri, 13 May 2022 15:43:44 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6011 22 KB
8 KB 12ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 14 May 2021 18:47:55 GMT
expires: Sat, 14 May 2022 18:47:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9144
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D05C 17 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:19 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C17E 1 KB
845 B 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 14 May 2021 03:14:09 GMT
expires: Sat, 15 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 65170
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B574 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdc99bd3963307935f6f2786ea00447c33270ad1b4c8b5ba280e296696997142

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame D05C 33 KB
33 KB 7ms
7ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453700/20200911132845258/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:05:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
age: 880
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33980
x-xss-protection: 0
expires: Fri, 14 May 2021 21:20:39 GMT

GET
H2 200 B10224936.280246103;dc_ver=71.206;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1357872704;ord=ruws38;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.gazetadopov... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 1B2A 35 KB
18 KB 252ms
101ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=71.206;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1357872704;ord=ruws38;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.gazetadopovo.com.br%2F$0;xdt=1;crlt=tNj_QQGfUz;osda=2;sttr=198;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v71.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

f7453996d1828f4f69cd58b0c8a3134b7a505a1080b0aa9bdb05d307c037a3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17737
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame A0A1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 9146
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 14 May 2022 18:47:53 GMT

GET /
google2waycm.netmng.com/cm/ Frame C17E 0
0

GET
H2 200 dpixel
cms.quantserve.com/ Frame C17E 35 B
463 B 81ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELcftGDLK20mR9NcewfDCN8&google_cver=1&google_push=AQvitUL-vLDowRkz92Kd0PPwf8Yfid9Pn5AiV4nQ3iHS1v2eMoYBxFSywi6vXf4H4zQG9a4DtbMIiDnNRDcvQkJ0vW_i2iwPP-la

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C17E 70 B
265 B 381ms
68ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIlIROZbSl7c7VrSu_0t99U&google_cver=1&google_push=AQvitUJ5IvUYLTLBMIrk0B3dIYoRwZKl2_4nwTjZj_VJTjsnbG7K8gu09OCGNldUnkw3ZMkq5eM4Tj1-u3yySSod8xkIEqe1i-Y
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C17E
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN6fWEkT4VBlVVmVBrHOQR4&google_cver=1&google_push=AQvitUImPmo4zQpu4qnGWRDd3Zj2ai6FIQ235uwH7nD1OzsQpc6tvPIR0yclu-JLi8RuIl2475bHjBtEcQO...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUImPmo4zQpu4qnGWRDd3Zj2ai6FIQ235uwH7nD1OzsQpc6tvPIR0yclu-JLi8RuIl2475bHjBtEcQObTKFwfpuWv6Xn4a8&google_hm=PW6vMyhERg6Q1fCL_n--F5c

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUImPmo4zQpu4qnGWRDd3Zj2ai6FIQ235uwH7nD1OzsQpc6tvPIR0yclu-JLi8RuIl2475bHjBtEcQObTKFwfpuWv6Xn4a8&google_hm=PW6vMyhERg6Q1fCL_n--F5c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUImPmo4zQpu4qnGWRDd3Zj2ai6FIQ235uwH7nD1OzsQpc6tvPIR0yclu-JLi8RuIl2475bHjBtEcQObTKFwfpuWv6Xn4a8&google_hm=PW6vMyhERg6Q1fCL_n--F5c
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame C17E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVe...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C17E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHst_n3EINxzo162YLeo7aM&google_cver=1&google_push=AQvitUKOGzNcgstUr__Os12yrpdDsKzel9XvSVbGf9mS5LdQrD44aWUMnA8-JR0HTBmNUfGVVwmFxQZw6v3RxpC5...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=5d62d22074ecb5efd682&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUKOGzNcgstUr__Os12yrpdDsKzel9Xv...

170 B
188 B

62ms
61ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=5d62d22074ecb5efd682&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUKOGzNcgstUr__Os12yrpdDsKzel9XvSVbGf9mS5LdQrD44aWUMnA8-JR0HTBmNUfGVVwmFxQZw6v3RxpC5z614AkhucPop

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 May 2021 21:20:19 GMT
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=5d62d22074ecb5efd682&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AQvitUKOGzNcgstUr__Os12yrpdDsKzel9XvSVbGf9mS5LdQrD44aWUMnA8-JR0HTBmNUfGVVwmFxQZw6v3RxpC5z614AkhucPop
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 8xqmvvMYpBqxkAWmL-0LrYePSNc3AHyixX1bKG5oji2yLNNxTF3t3g==

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame C17E 43 B
63 B 67ms
14ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEBW8R7Yqbs-Wj2lITysbcOs&google_cver=1&google_push=AQvitUIWweqqjkSsoBxLXXDM8QGHwbB37H1BJ2vON8nHEcVBDE34HpFfiUPY-VQWmcxEdX44hItLXnZzDMnzvTezqpi2pFyE2b8ZOg

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 15 May 2021 21:20:19 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame C17E 0
12 B 112ms
59ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZEg1BbimHiq7WWGO8TZJdep2uai85LPBwUB8nuxAtvEHdbIs49VuQEU1sdUtqVd4GBsNc-A

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:19 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6011 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VUb54HSrcJlfDt76-zYSNvHYPadoqD5ysjWH2aTGPz8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 18:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 9146
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 14 May 2022 18:47:53 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6656 0
54 B 234ms
42ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kootr3af&c=6415072589901&slotId=3207536294950.5&qqid=CJ7s0PyMyvACFfHLEQgdYucGtg&gqid=k-meYIeJE5edgQe85LmgAg&fb=ima-html5&sdkv=h.3.458.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vmfc=9&vhc=0&ghmsh_eids=44739554
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6656 0
60 B 82ms
82ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJroWVMd13Nm27DAYnBTNAikQEAC1CQkrnkUrGzg2IIt9R-4JkfkcDg5iSaTP0sshGuMIZNXTqRyg86Zx_UCLbNGVD5PgMx4WIavbA8JxQgOp2cajh5fxOV9dPg5kyq4eHG-BMadfYWCKcqmxNgtgvPlM7AJtOcNecZgQgwFDApWJq5EXWNWtb7kqiSBaLzl8TNvyRSunaXNPHlsMyqfwE0PuEjfGTPuKmpNcaTmT0WR2iPj4s3QqpI7HSGqCFDKBeIaQFb1VCro8CIJUReJ1vMi5RLsAP1SBci4ETz4wfdwGMcDAMUNGuOAYiq7F3ig1-zkXPHVUU8n0KFN7dP0hf5Q&sig=Cg0ArKJSzAdMOOGvF5HiEAE&sdkv=h.3.458.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCKA1IoCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9QABgB&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame 7566 0
331 B 116ms
41ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kootr2yh&c=6415072589901&slotId=3207536294950.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 07D9 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi-0WZr62PvBzk82arohfGpQCbIcTllvIfvhAqfxBzVaVc8TAQgthZRc-LSQVs0pe98F2H54MT7VYB8KroK3YT5izw87jRoSdXu4cjli2LbeHK_2nSlapEgUUqmA&sai=AMfl-YSo0KrE-TzAzfoCEXv0iHv44LakQu-anMc7e27mC5I0MlCNSDvSCEUIpnlD-7Prd1z48zJcGU4CvPfClo8SkL3GFNhoDzVejrXunvOlFCIM1inrKRtfQq0Rj04Y&sig=Cg0ArKJSzOza0VtNlim3EAE&cid=CAASEuRoQTjYGxZi3WDjkT2-K1q16w&id=lidar2&mcvt=1082&p=311,436,401,1164&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20210512&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1651446792&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1621027218480&dlt=45&rpt=358&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
t.dynad.net/pc/ 70 B
422 B 196ms
194ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003220;ord=1621027219962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE6 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
server: D3-FE6
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Fri, 14 May 2021 21:20:20 GMT

GET
H3-29

206

file.webm
r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/acao,ctier,... Frame 7566
Redirect Chain

https://redirector.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/ip,ipbits...
https://r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/aca...

128 KB
0

79ms
34ms

Media
video/webm

2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/45C25C425DC14506A1A9FD3C6B679A2D27951946.7067290FEA67B142E0E64C56CC7E754D9F268756/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5edne7/ms/nvh/mt/1621026938/mv/u/mvi/5/pl/47/file/file.webm

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 14:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 0-2870762/2870763
client-protocol: quic
cache-control: private, max-age=21299
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2870763
expires: Fri, 14 May 2021 21:20:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/45C25C425DC14506A1A9FD3C6B679A2D27951946.7067290FEA67B142E0E64C56CC7E754D9F268756/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5edne7/ms/nvh/mt/1621026938/mv/u/mvi/5/pl/47/file/file.webm
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 698
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/ Frame 1B2A 8 KB
3 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=71.206;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1357872704;ord=ruws38;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.gazetadopovo.com.br%2F$0;xdt=1;crlt=tNj_QQGfUz;osda=2;sttr=198;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 May 2021 21:17:46 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B2A 0
23 B 98ms
97ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9NeL47FRCg3EyPXO5-QppB4aU0KTeYaJlPqsHJaWPJc6rlPQ3ksxdeoINoj_wSVD0KubcWSGOhyG1W-zJnSGsdUchkqNUb9_TasItwIMVGNPbKzQ7Kkl9_C4BYq6nVWz0gLZIz86X9VIj1PaZV-gc3iI&sig=Cg0ArKJSzF9PR2x4eL7dEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210511.62051&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 1B2A 7 KB
3 KB 8ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=10224936&sid=2641434&plc=280246103&num=&adid=&advid=2276943&adsrv=1&btreg=315865137&btadsrv=doubleclick&crt=117573815&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280246103;dc_ver=71.206;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=1357872704;ord=ruws38;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.gazetadopovo.com.br%2F$0;xdt=1;crlt=tNj_QQGfUz;osda=2;sttr=198;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7c3e4f7379ab36145201000303ce7b35f6862e261d7a362b0491454278d81354

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 May 2021 17:26:02 GMT
Server: Microsoft-IIS/10.0
ETag: "031fab68a46d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1B2A 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 08:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47020
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 May 2022 08:16:40 GMT

GET
H3-29 200 adc_hun_EndHungerStory_728x90_Evergreen.jpg
s0.2mdn.net/2276943/ Frame 1B2A 46 KB
46 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/adc_hun_EndHungerStory_728x90_Evergreen.jpg

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

780849559953abc98981f7964d063930d1b9cdf5f9aff09e60bd64cc2d9de59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 06:47:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Jun 2019 18:23:23 GMT
server: sffe
age: 52366
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
expires: Sat, 15 May 2021 06:47:34 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_svc_evt&pvsid=909074286390332&vrg=2021051301&nw_id=8804&nslots=10&eid=31060437%2C31060784%2C31060853%2C31061163%2C31061022&pub_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&div=d-pos-1&iu=%2F8804%2Fparceiros%2Fgazeta_do_povo%2Fhome&et=impressionViewable&sn=7012.1999979019165&qqid=CNqW7PuMyvACFUxo4AodRz4Mpg&rc=0&yo=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_svc_evt&pvsid=909074286390332&vrg=2021051301&nw_id=8804&nslots=10&eid=31060437%2C31060784%2C31060853%2C31061163%2C31061022&pub_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&div=d-pos-footer-1&iu=%2F8804%2Fparceiros%2Fgazeta_do_povo%2Fhome&et=impressionViewable&sn=7012.860000133514&qqid=CJfUlfyMyvACFbzfEQgd8_ABcw&rc=0&yo=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621027220139&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&n...
https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621027220139&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&...

64 B
330 B

65ms
63ms

Image
image/gif

99.86.242.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621027220139&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621027220139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.242.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-242-79.vie50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:20 GMT
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: EBbG-oswoPpFxLulFRPt5utvgDHMxRAGQjK94EYBNai-3rmcigOOlQ==

Redirect headers

date: Fri, 14 May 2021 21:20:20 GMT
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621027220139&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621027220139
content-length: 308
x-amz-cf-id: sGOZFzFJsXuVa74xIqpH__ggJ6J2S-gdkZDLeRJNqNN-cQj-lrDiqQ==

GET
H2 200 /
t.dynad.net/pc/ 70 B
422 B 196ms
195ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003219;ord=1621027220140
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE6 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
server: D3-FE6
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.524 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Fri, 14 May 2021 21:20:20 GMT

GET
DATA 200
OK truncated
/ 873 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 172ms
172ms XHR
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 941be4d45588696ca34e517be425dab40e232f6b30fc60d76749a67df6df179e

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 May 2021 21:20:20 GMT
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
etag: W/"53f-13LoAg0oD9C99x8PZnpdBXfuEXc"
x-amzn-remapped-content-length: 1343
x-amzn-remapped-date: Fri, 14 May 2021 21:20:20 GMT
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: fVlvNEo_IAMF_FA=
content-length: 1343
x-amzn-requestid: dee09a96-9a04-444b-b33e-441e00e07856
x-amzn-trace-id: Root=1-609ee994-2d55f49e49eb5f83329cbbec;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: PHKKl8-2ZUD-P7ReEX6CR-EiwmLKJHmQPaIjsdrqCHZVfTpzz-xP3g==
x-amzn-remapped-connection: close

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 139ms
137ms Preflight
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 14 May 2021 21:20:20 GMT
x-amzn-requestid: 6e92b825-568f-4e71-a397-424348c9c824
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fVlvLGSQIAMF69A=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: DachVqep0mMdW4Neuur6buNUe7qYZvcNVdWKO0HBkLbKCTs2KCyf9w==

GET
H/1.1 200
OK dv-measurements1344.js Show response
cdn.doubleverify.com/ Frame 649E 489 KB
88 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1344.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5afbad15c6ce4cf38fd292734e6ccbd24e9e873359ce346a02ca7a517ef76c0c

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 May 2021 11:37:55 GMT
Server: Microsoft-IIS/10.0
ETag: "802bf1ea9045d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89955

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6306 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 14 May 2021 03:14:09 GMT
expires: Sat, 15 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 65171
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1B2A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10892a3d32412fb3a00819c717b9e1a54178e2cfc2d1cac3a1548fa28b3ec421

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1B2A 0
23 B 83ms
83ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 204 csi
csi.gstatic.com/ Frame 6656 0
17 B 58ms
43ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kootr3un&c=6415072589901&slotId=3207536294950.5&qqid=CJ7s0PyMyvACFfHLEQgdYucGtg&gqid=k-meYIeJE5edgQe85LmgAg&fb=ima-html5&sdkv=h.3.458.0&mrd=4&aab=0&itv=1&gpm_i=9&gpm_c=8&gpm_a=7&smb=1000&br=720&mt=video%2Fwebm&vs=854x480&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Capplication%2Fx-mpegurl%2Capplication%2Fdash%2Bxml&hvmf=false&vms=1&bit=44&vsrc=dclk_video_ads
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.458.0_pt_br.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements1344.js Show response
cdn.doubleverify.com/ Frame DF0A 489 KB
88 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1344.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 5afbad15c6ce4cf38fd292734e6ccbd24e9e873359ce346a02ca7a517ef76c0c

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 21:20:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 May 2021 11:37:55 GMT
Server: Microsoft-IIS/10.0
ETag: "802bf1ea9045d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89955

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 640E 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 14 May 2021 18:47:55 GMT
expires: Sat, 14 May 2022 18:47:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9145
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK t2tv7.html Show response
cdn.doubleverify.com/ Frame 2B8C 12 KB
4 KB 6ms
6ms Document
text/html 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host: cdn.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Last-Modified: Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges: bytes
ETag: "0ba3b8f4cdcf1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3877
Date: Fri, 14 May 2021 21:20:20 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 649E 1 KB
1 KB 149ms
53ms Script
text/javascript 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D82K6E25%40A%40G%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D82K6E25%40A%40G%40%5D4%40%3E%5D3CTar9EEADTbpTauTau435322fg4%60543h425%602e622g4habgff6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1494&ddur=44&uid=1621027220447706&jsCallback=dvCallback_1621027220447228&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=3&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1344&tgjsver=1344&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fcbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=12&brh=3&dvp_epl=247&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.gazetadopovo.com.br/&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hTYBIkin29maQWo57HtY8Z&DVP_DBM_1=3060631&DVP_DBM_2=20152640&DVP_DBM_3=50785673&DVP_DBM_4=354550598&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=18017767848&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=1682797058.5831068&dvp_tukv=11608694214.018335&dvp_uuid=1466982283961.6797&dvp_strhd=0.6450004875659943&dvpx_strhd=0.6450004875659943&dvp_tuid=1039266122634&dvp_vcms=50&dvp_slmsd=200&dvp_vcmsd=250
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 3b75b9cd4dd118fc59f3d0c15dd4e93b7ebd44fa9d0c9b0a22a89cb3e4a6842f

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:20 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 5/13/2021 9:20:20 PM

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27DB 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0YIHkumeYO3RI5Du3gOxm7r4CAAAAAA4AeAEAg&bg=!b2ylbCjNAAY59bwoOfU7ACkAdvg8Wsmf9mi5mTSq4_3bJiULzhScqG5m8RSO3I_IBiRNMG8QnD9YNQIAAAOcUgAAAG9oAQcKAI6P2aLyl-IzZ0FcqN507tMwpDq75ZLm0NvQsS203R6OS12xKYacn00xZuj1swiGGVch-oduppnNOPOByb88moHMdgYTsyOr8iOlaIqJFcn4E7NmXf18_qZwjzhLPY5HpkIjozF-w9OILDufNZao5lYqGyzwZv5n6qYJlKWJAfc0gv7oqA8Xp0BCbjrG4TDdmQKpSXIELwoFNvJeCHjnklHTlxsw_KlGJnyZH9QbyUkrtu6VDxP3YEhg9nH14aMe9wrO6SjN7gdxPOjnQs1kFvHvB8SE8flqSI172doMMiIRmBp28PKqZHbIFZa5F7CKuB_flupW8J4vS8aRdpvU-pEUGToefhR3hnMyB9QaxlUJstzW1eDrNELiMUtPKNz222exr93FtcJmVkziw2MmdDrBSlDa6bA9KeA1ZylBslNCXuoqRH577gOudU4ge-M0jU08FzmmJM__kBkvtiUCF_ayvKyNg3GsaPBozx-b4BipHYm9zStC61KEgBeF35zSZmxE0SHoqtX79iabrLD4mp2zI7IOUGTU5IVAuSis1-yIvNWd2ktVMO4pKFRzY3-2gvis8zUSDt0VkkpvKEodNcT_p9s7AyJHcSr05WLe4UMthJd_oZ0pQOMQsdbra69Apti_2xGOCG3EJafITBhNOV7V6d8Ad4bao4ytDrlqkX_o1KGqAIAhZWYGy9Lz6doaGr_d70lBwjhTyxpe3zX5zsJDooUuSFj-rsAb7YTGIpzOYDdr_wI46vdymom5ORYHur83eMYDH_kgF4hvCWSFQbmdlVsOhleyNGj8hCsm-Vk4mdBOC8jCy5cu4GVhkEP9E50aAM8zB5SPgOPiaTfJSe6ibBBWXI7A8Zci3Am02B75x4zGAADecK4U2RGaEVOCXbOG1bEFnsn1UAOwtjjXLRXVHibaBaZnzCTP3pyKDdTx0fpGR2nhd-EivAY48MTabh2bxdIMEBI-Thf_tcKAzxEVhv-OlW62j0XnxAr3PNzmRMaP9Ds7VTlNiCy9vayGTXbbMvpsMWHU6CPB1N0ZPjjwZ0E_iW6m2uTcupAOkmVaayHUIisYVSK9SuHd7DH3gTqvy30JjAaLlmmp

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC27 0
20 B 68ms
67ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BALt3kumeYMysI_qHjuwPyNOn0AkAAAAAOAHgBAI&bg=!urmluf3NAAY59bwoOfU7ACkAdvg8Wof-WD5VYftRpJELYSCJ9xpK1XPRkiayD1u8Sc8CBgx_fbQ-9gIAAANLUgAAAI9oAQcKADJglJUxToplak7w079RCC1sqoQUTGhXgl9Ksg2T61H0Zxc0ehP8si53EfUkNSNwM1lhcZkCouiNNIXQ1qMC0-_PleMwdCjjDM_-O-F9TOLhApwGCuRJldYWJH-ck1sXSc9xqW8-9tbLNGJM95fvoF-qrJHoU4M3mGQ6j8lTy58aPchUZbtYbkoy5pNCJSlozYr3OhVCpTP5diATk8KC5aR83smIa6mrDpWm8JqdZav6KDZknxEIiXVLMJLvkFLyhIrUjO-cyKuczVvbgbLlWQd2NCSFYUwwrp1glAoJciL2vHl_sSc_GzVuF0K_Z_P_kFSTqyZdAEnDUcUVOp7EzMftoiiZwTPzXT6Ix4PVYJMQ8JXAksehpo9pRM34uC5g1pbRdoUqOc2CRgxthGYgkEADInGLxGrj2h1No33kcERyXv6j2O6LGQ-hOlrNOPo4KRq7n261BtwbuBQ8RuCeMYmWZbBlsFBlcJJFJOmSFHjYTer-coYHJ13F2eIssrP8BbnL_Cs4AQIhQoNfQ17qePiUYzAoGiFN3kJ_PcTNfcfTk26V04ElLxR5qCJy6S-FMPvRqQkgt5TwV-y5tsFUPRavHHd_CRtiTHKwqvO9ikL97JP4XchFOohnlJLF_V8dimnZikGZUW4a452TrdkbBM4yJi5jkDLdiJd2QelUNG1p0U0CvHdTaB7VdScYbWGzb8B316akWbXzhyye_ExFb9MQ7kXv0K3nqNWCnjSUDewTIbhxQ6wGfPw4GN6F70hSblJ-z7FCf9glDL-082UdKbDrWAQoBjb9VKvDD60iWOC9q3dDCm2WEcrVaCKa_fInvg-Qk5xLlMyQNlEN1O0YwMbJ28LTpwcJjgqhEAT6vTY8jRxRAkp301KSaUdIHVRUs2hGuB6UmhM9smPE6bZ3aGXPc6FxJlzk81pS108U_eWf4Kkpt5JV_GZKw0Ez3UAide04FrFt_fKL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B574 42 B
64 B 64ms
63ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3Z_5N1NNdztuAreUSaEKePLMxx5CJ0nx5vFuf6NzVJKWIGTc-F7gzADYYb3Mh0rcYwPtZkrLTKlByMTQZfBvzlaQOcFEJqHXj31kFnnqsI1UUr-LQ7G29sGophQ&sai=AMfl-YRBE3ACkEComzGp9LpsiLS_AA_zOMFA8mXe2cSRo9d4CxJIi4Nyv8zEVDIJbS2lynOkluuS5r39JWMoNxDdGFXxorAId7XSuW-ZzxeXI9OKHLEm9N8MTDEG-Vk&sig=Cg0ArKJSzA64dF9QN9hmEAE&cid=CAASEuRo_QyEP14GY1zcd0_fGb2s2w&id=lidar2&mcvt=1030&p=1100,436,1194,1164&mtos=0,1030,1030,1030,1030&tos=0,1030,0,0,0&v=20210512&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2713759382&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1621027218920&dlt=16&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t2tv7.html Show response
cdn.doubleverify.com/ Frame 2C98 12 KB
4 KB 6ms
6ms Document
text/html 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host: cdn.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Last-Modified: Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges: bytes
ETag: "0ba3b8f4cdcf1:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3877
Date: Fri, 14 May 2021 21:20:20 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame DF0A 1 KB
1 KB 108ms
51ms Script
text/javascript 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D82K6E25%40A%40G%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D82K6E25%40A%40G%40%5D4%40%3E%5D3CTar9EEADTbpTauTau435322fg4%60543h425%602e622g4habgff6%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1494&ddur=44&uid=1621027220558356&jsCallback=dvCallback_1621027220558626&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=3&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1344&tgjsver=1344&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fcbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=12&brh=3&dvp_epl=247&noc=16&ctx=13311291&cmp=10224936&sid=2641434&plc=280246103&crt=117573815&btreg=315865137&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=1682797058.5831068&dvp_tukv=2252024322.634529&dvp_uuid=788875515.767818&dvp_strhd=0.45499950647354126&dvpx_strhd=0.45499950647354126&dvp_tuid=735169270691&dvp_vcms=10&dvp_slmsd=238&dvp_vcmsd=248
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ecc1bc8a640a1de8d4df8e6470d35f1ef4d5494a9997dff0b0059174708b9b05

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:19 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 5/13/2021 9:20:20 PM

GET
H3-29 206 file.webm
r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/acao,ctier,... Frame 7566 19 KB
20 KB 19ms
18ms Media
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

58d4e8bea5aaecd35708270eee543f8ff2854cc4eb4cf089fbdccf166a16b424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=2850816-

Response headers

date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 14:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 2850816-2870762/2870763
client-protocol: quic
cache-control: private, max-age=21299
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 19947
expires: Fri, 14 May 2021 21:20:20 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6306 0
104 B 91ms
63ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKCbWc_QbvrT_md2wXsWeFw&google_cver=1&google_push=AQvitUIzyC1P-DrkTCmmnt5yls5FufwymEwtFeMNyjNAWrlhyaXe7Kb-ZfZdPEWri_UZaud5QQqtpFXC0hLp9rr3wmMADlCxPFWIjA
Requested by: Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6306
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJEvJBYuZWK6izZw8dqrNdQ&google_cver=1&google_push=AQvitUIr8_9PZ87QHCrBsc32dYem-aGziukgDhXUbCQs1Qq38xiszNidJ-15JuxYVu07Ypu3Yy40neD428pWXPRKoN2PP83...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIr8_9PZ87QHCrBsc32dYem-aGziukgDhXUbCQs1Qq38xiszNidJ-15JuxYVu07Ypu3Yy40neD428pWXPRKoN2PP83cBd8dxA&google_hm=NzEyNTA2Njc5MjQzMzE4...

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIr8_9PZ87QHCrBsc32dYem-aGziukgDhXUbCQs1Qq38xiszNidJ-15JuxYVu07Ypu3Yy40neD428pWXPRKoN2PP83cBd8dxA&google_hm=NzEyNTA2Njc5MjQzMzE4NjgzNA%3D%3D

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 May 2021 21:20:20 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIr8_9PZ87QHCrBsc32dYem-aGziukgDhXUbCQs1Qq38xiszNidJ-15JuxYVu07Ypu3Yy40neD428pWXPRKoN2PP83cBd8dxA&google_hm=NzEyNTA2Njc5MjQzMzE4NjgzNA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6306
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJMyvFqCX7yp815tRnPJH3s&google_cver=1&google_push=AQvitULbS7cSLct9-BhzKt6mwCJX02zTcJC-V0yXoViqlae2C3arboBpbP3r0jqr932PngYnb0WG612D...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJMyvFqCX7yp815tRnPJH3s&google_cver=1&google_push=AQvitULbS7cSLct9-BhzKt6mwCJX02zTcJC-V0yXoViqlae2C3arboBpbP3r0jqr932PngYnb0W...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUwMjg1OTM2MjQ0ODE1MDM0Mw&google_push=AQvitULbS7cSLct9-BhzKt6mwCJX02zTcJC-V0yXoViqlae2C3arboBpbP3r0jqr932PngYnb0WG61...

170 B
188 B

98ms
98ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUwMjg1OTM2MjQ0ODE1MDM0Mw&google_push=AQvitULbS7cSLct9-BhzKt6mwCJX02zTcJC-V0yXoViqlae2C3arboBpbP3r0jqr932PngYnb0WG612DtqazjCS0LRAE5-h8zCwWNA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUwMjg1OTM2MjQ0ODE1MDM0Mw&google_push=AQvitULbS7cSLct9-BhzKt6mwCJX02zTcJC-V0yXoViqlae2C3arboBpbP3r0jqr932PngYnb0WG612DtqazjCS0LRAE5-h8zCwWNA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6306
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESELyRJfXlVH37RMCvSWEW2t8&google_cver=1&google_push=AQvitUIQNe2gXXB41ZvKoZyD4eR_2Ql9E3cAwwY6BCjQq5WVlRzXXnlp5gqCWATpwFU76-5gHKZkEGRCbMr7W75FWAUpuDk...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELyRJfXlVH37RMCvSWEW2t8&google_cver=1&google_push=AQvitUIQNe2gXXB41ZvKoZyD4eR_2Ql9E3cAwwY6BCjQq5WVlRzXXnlp5gqCWATpwFU76-5gHKZkEGRCbMr7W75FWAUpu...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIQNe2gXXB41ZvKoZyD4eR_2Ql9E3cAwwY6BCjQq5WVlRzXXnlp5gqCWATpwFU76-5gHKZkEGRCbMr7W75FWAUpuDktURCF

170 B
188 B

62ms
61ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIQNe2gXXB41ZvKoZyD4eR_2Ql9E3cAwwY6BCjQq5WVlRzXXnlp5gqCWATpwFU76-5gHKZkEGRCbMr7W75FWAUpuDktURCF

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIQNe2gXXB41ZvKoZyD4eR_2Ql9E3cAwwY6BCjQq5WVlRzXXnlp5gqCWATpwFU76-5gHKZkEGRCbMr7W75FWAUpuDktURCF
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6306
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJzDd5BAxJPqPxnPU8jD240&google_cver=1&google_push=AQvitUJCHOew2Lg_UFqlf1sp4iQo48tJ0r7EaL6Fy20Q3ZR0-yPtCQIS-0Fk6i8pBqkB2GV50_f...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09PVFI0T0EtMUQtOFpFMQ==&google_push=AQvitUJCHOew2Lg_UFqlf1sp4iQo48tJ0r7EaL6Fy20Q3ZR0-yPtCQIS-0Fk6i8pBqkB2GV50_fceucjB66pLccv4Qi2WYpSBLRqNQ

170 B
188 B

100ms
100ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09PVFI0T0EtMUQtOFpFMQ==&google_push=AQvitUJCHOew2Lg_UFqlf1sp4iQo48tJ0r7EaL6Fy20Q3ZR0-yPtCQIS-0Fk6i8pBqkB2GV50_fceucjB66pLccv4Qi2WYpSBLRqNQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09PVFI0T0EtMUQtOFpFMQ==&google_push=AQvitUJCHOew2Lg_UFqlf1sp4iQo48tJ0r7EaL6Fy20Q3ZR0-yPtCQIS-0Fk6i8pBqkB2GV50_fceucjB66pLccv4Qi2WYpSBLRqNQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6306
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMdWt1j2pKh3UMurK9_Vb5Y&google_cver=1&google_push=AQvitUJ80QVh3X8obvacf0tFzZpR0XApx1UlmlKg8LhHtdVbV0HG541WojG5qJ8_3FfeLJd9A6R613UwjQYVSorao...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMdWt1j2pKh3UMurK9_Vb5Y&google_cver=1&google_push=AQvitUJ80QVh3X8obvacf0tFzZpR0XApx1UlmlKg8LhHtdVbV0HG541WojG5qJ8_3FfeLJd9A6R613UwjQYVSorao...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUJ80QVh3X8obvacf0tFzZpR0XApx1UlmlKg8LhHtdVbV0HG541WojG5qJ8_3FfeLJd9A6R613UwjQYVSoraog9r-qKbEWQeuA&google_hm=e36717541abf426d15ce...

170 B
188 B

61ms
61ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUJ80QVh3X8obvacf0tFzZpR0XApx1UlmlKg8LhHtdVbV0HG541WojG5qJ8_3FfeLJd9A6R613UwjQYVSoraog9r-qKbEWQeuA&google_hm=e36717541abf426d15ce0507

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 May 2021 21:20:20 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUJ80QVh3X8obvacf0tFzZpR0XApx1UlmlKg8LhHtdVbV0HG541WojG5qJ8_3FfeLJd9A6R613UwjQYVSoraog9r-qKbEWQeuA&google_hm=e36717541abf426d15ce0507
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame 6306 43 B
63 B 16ms
13ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEGqWr7McYzo0-PmXPSVjSIw&google_cver=1&google_push=AQvitUJ1uoSKme3Z6578pgWVFDLOjNEnI6ChH0oe2SfF3bT25pg8VNLk2x-khC1jjn2xvyQUfRYAo683j0xG6XOF0XZso1i3e4BpF8g

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 15 May 2021 21:20:20 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 6306 0
12 B 67ms
65ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzfsMxTOt2mWtqYc0oOMu7y5E5r9BJ_Qx1Qo51BAIL6V45KvKHQXUZ3TPgz2vtb-PkrnctgQ

Requested by

Host: cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
URL: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 21:20:20 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6656 42 B
64 B 56ms
55ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6656 0
23 B 83ms
79ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyWvIeEqSAjKd7S1U_1X-lka9fK2ndhdwRa0projzKMg55KmgvYTAqhz_lX_5cnG-kRSrhqX45Kk_CrlyQLKwBjqJnMqBDjhr90yh7z-PpY-GAEqB9oBoShuD9IvpX7HyWWtfWQAOhjwxBrMcRcVom5HzaWKJG9vvCScjWYpbSAG1FfJkzr7ZWh8JfvljyYmEvdWdO-VTmNV8OTGSn_GAi4C1oAOmA54rCMKBjK4ExW_tBTlKrDBehNKhda5QB96QSOk5DPZONU0RUbrjjZ2JW_KckvEjiKIQE1viaBQB6N2ySK8F1MSn70dpMl-w4yfm9Xqvzgz77wJEVxW-wYgw&sig=Cg0ArKJSzPTEjsdCZ2D7EAE&sdkv=h.3.458.0&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6656 42 B
64 B 57ms
54ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8_gJk-meYN7WE_GXx_AP4s6bsAvzlL_9RQAAABABII7oriE4AFjsubKxgwRglQKyARd3d3cuZ2F6ZXRhZG9wb3ZvLmNvbS5icroBCzQ4MHgzNjBfeG1syAEF2gEgaHR0cHM6Ly93d3cuZ2F6ZXRhZG9wb3ZvLmNvbS5ici-YAsC4AqkCHZ_XgLJsiT7AAgLgAgDqAikvODgwNC9wYXJjZWlyb3MvZ2F6ZXRhX2RvX3Bvdm8vaW4tYXJ0aWNsZfgCgtIekAPIBpgDnASoAwHgBAHSBQYQn_X1lBWQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=6OCRa4vPvk0&label=vast_creativeview&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D906%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D486265402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621027220669%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,aud%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1621027219949&sdkv=h.3.458.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCKA1IrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IzQZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6656 42 B
64 B 57ms
54ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8_gJk-meYN7WE_GXx_AP4s6bsAvzlL_9RQAAABABII7oriE4AFjsubKxgwRglQKyARd3d3cuZ2F6ZXRhZG9wb3ZvLmNvbS5icroBCzQ4MHgzNjBfeG1syAEF2gEgaHR0cHM6Ly93d3cuZ2F6ZXRhZG9wb3ZvLmNvbS5ici-YAsC4AqkCHZ_XgLJsiT7AAgLgAgDqAikvODgwNC9wYXJjZWlyb3MvZ2F6ZXRhX2RvX3Bvdm8vaW4tYXJ0aWNsZfgCgtIekAPIBpgDnASoAwHgBAHSBQYQn_X1lBWQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=6OCRa4vPvk0&label=videoautoplayed&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D906%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D486265402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621027220669%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,aud%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1621027219949&sdkv=h.3.458.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCKA1IrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IzQZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6656 42 B
64 B 42ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoku3bmIDKjD8qVcVABx3Xv_sageiJkEeMk2M014fn4q3vbdScjuhzjD4OR4dH0mZcwXgzyrxrEmRapwIOO7gBBEGC_wX-Ta3EBgBq43M&sig=Cg0ArKJSzPtktMe6GlP7EAE&id=lidarv&acvw=sv%3D895%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D906%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D486265402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621027220672%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,aud%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1621027219949&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6656 42 B
64 B 58ms
55ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8_gJk-meYN7WE_GXx_AP4s6bsAvzlL_9RQAAABABII7oriE4AFjsubKxgwRglQKyARd3d3cuZ2F6ZXRhZG9wb3ZvLmNvbS5icroBCzQ4MHgzNjBfeG1syAEF2gEgaHR0cHM6Ly93d3cuZ2F6ZXRhZG9wb3ZvLmNvbS5ici-YAsC4AqkCHZ_XgLJsiT7AAgLgAgDqAikvODgwNC9wYXJjZWlyb3MvZ2F6ZXRhX2RvX3Bvdm8vaW4tYXJ0aWNsZfgCgtIekAPIBpgDnASoAwHgBAHSBQYQn_X1lBWQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=6OCRa4vPvk0&label=part2viewed&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D906%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D486265402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621027220675%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,aud%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1621027219949&sdkv=h.3.458.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCKA1IrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IzQZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 6656 42 B
64 B 57ms
55ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8_gJk-meYN7WE_GXx_AP4s6bsAvzlL_9RQAAABABII7oriE4AFjsubKxgwRglQKyARd3d3cuZ2F6ZXRhZG9wb3ZvLmNvbS5icroBCzQ4MHgzNjBfeG1syAEF2gEgaHR0cHM6Ly93d3cuZ2F6ZXRhZG9wb3ZvLmNvbS5ici-YAsC4AqkCHZ_XgLJsiT7AAgLgAgDqAikvODgwNC9wYXJjZWlyb3MvZ2F6ZXRhX2RvX3Bvdm8vaW4tYXJ0aWNsZfgCgtIekAPIBpgDnASoAwHgBAHSBQYQn_X1lBWQBgGgBiOoB-zVG6gH89EbqAeW2BvYBwHgBw_SCAkIgOGAEBABGB3YCAKACgWYCwHQFQGAFwE&sigh=6OCRa4vPvk0&label=admute&ad_mt=0&acvw=sv%3D895%26cb%3Dj%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D21,0,0,0,0%26mtos%3D21,21,21,21,21%26amtos%3D0,0,0,0,0%26mcvt%3D21%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D21%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D21%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D21%26dfvs%3D21%26dvpt%3D21%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D906%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D486265402%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621027220679%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,aud%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,21&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1621027219949&sdkv=h.3.458.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkCKA1IrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IzQZQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 640E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 19:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 8296
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Sat, 14 May 2022 19:02:04 GMT

GET
H3-29 206 file.webm
r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1621048819/sparams/acao,ctier,... Frame 7566 3 MB
3 MB 47ms
46ms Media
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d46e2627b0ce70db2e004c76bcd8c8d3c62fdbe9807ef8a2627898922a550471

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 14:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 65536-2870762/2870763
client-protocol: quic
cache-control: private, max-age=21299
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2805227
expires: Fri, 14 May 2021 21:20:20 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6011 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsJUckumeYOrzO43U3gPrwYjoDwAAAAA4AeAEAg&bg=!m5ilmNzNAAY59bwoOfU7ACkAdvg8WpCiHw39zVRsXLN16GbbjWCeHUADdtwq9O-pVXIk1451yIy0tAIAAANIUgAAACVoAQeZAp3f3CF7Gjbf2YWY-9EYPgV-Vzp6nLjm7UsuLy8UVEV44hgaRCpNw5nSHN2MDnd5PFAwmnzSUo8G4xIkA4prClMZwySSm_WeQUfwD3GRHKS-0BqE_5WgDPfFkPC3QPHwupaDtvB-FCzwsLhDswkoTBHbGSNCU0d-V8pBI69zyhqzvWDz94fK9M5VbgHSIbfkk0iA2972cMG00il_0uKozL_lSnVUSgBLBh_OVzv75-jfsPrd03Y2_HrYMMPtHdAy7hZ9aRC-RhCXykoD-cTHZl8STEVdmCH1Rg23GvBaItVX9F1SZ_1ySNx1amWt33PnvczGEggJMQ2dU0058kWqNtV3C1wB2ka-s2OuhdnlY4EAL8H51Tdu34uPlvchdCx7JpPANrXf7VHEJvKvrpiskNTosYRpBmBzNPsBg1Ju_Y3WeAyGbAU-zpHaM2GUw5Vb3JQgt4BQB8_EnBg1VaKrZt2gptadAySG32MbAZuuwbOE7GiDbF-3iMASI3GTD0zc08rAsWhVooWzfsXoTCgBUmFoWkdrcS4k-vgpF4ToXOihgzpZEJ7FzD6WfhX5N_e412N13iJ31uvGtxbXSs4yshn6meHgFjWWSvQqaBbGHDXLJX-B10KRdbZ2ts4vcYesljN6_IqIWRzX7XIl2in1PJGNiuCcPSqxLXaPmHiSX0M_KT2o1zQIgw-Ax9UuuSLUp_YHesJEr5Dde_XoOnhjPgDRHyEknNPV6tFChy-0kaViPTPDDTHFneCrBi-JO2weksyYvWxakGlJqtmzbmYxo3vsMmmNJHh0WaBcsHvkkllcArav2k5bXd_ite8JA99FhkhvMXnmm6xl_HcG5-kjXOCSEdqVEDK3pcNPk5oUoW7_e7nRgjkbYyEfFBLfIlc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7566 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6b5bb454f212f0feba2155c93490a4e50a786d634849dc081fb0cfee923300

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 640E 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGI6Hk-meYPv4Lcnu7gP1_KSIDQAAAAA4AeAEAg&bg=!np2lndnNAAY59bwoOfU7ACkAdvg8WknYX3bjeUEQBWeFFpEI6Zcv8GriY8e4qhhCvjQnDHtafoQIcAIAAAEtUgAAAGloAQcKAHFECNLrdEozHErEcR9KO5geVHQfpmCvSxIpOYTk5qCLVQl9qbFAM9tGZY7IvAo1SsEJu_0j4r5yjqoDK9PRHi6rXJiOhuwU83MkmELx10XkJ5Wvm3WsZ9igGFDPavuJTVsTMqwh0Yfselicph2ePZAcr5kCrP7mrvmdvSpd6PlHREvx7jLK-7Yos-DMYr3tnnjw6gtVPvOvbfX5oKs_FO4rCcE3-EDClnhoFETuzBYkDMSI-2PDXFx4wO_FF9i4XtJCMCMKAfbavnX415w-0I4NKa7eAqs4Qt1BUW60RclimZBwaGSKhBeaINLrWYmniiHaovBsbaa9w3c1zKQZIko77OsJyLz1ax-ZHcxM9gAvnLiaUAtbCNnKYcEacPm6eruFC8ZbF-Lg_yhs2R6qhgLkt8lZCgVTCStKIA8yB4ANetCDP02XjaaxXsp0j9gXUIzA0xo8ibnegBUTKJBf5PyciTwWEzcb65M4LXp_305_JnAHJ7n8xcoe1DzAc2kEucyCKmEjoXMSzW5Bs_dmMtd70eEGpFznreNo3AS76r6XNhs1c-F8K350b_Vh2s4rftonu3oqZs-BwaQap71CQNfWzZZQNut_AEdB7C8dLNbSoJniftjmrewpRt4-y-ud_kbAiR4w9AbQC_aYejmKFo17Va8hm6qHc8XxWlPtLdxFx19AVenVvH2Xc9wjzTayh-Q7hOrzQp7EsI4i_WJRO8kliTQstfu10o8NLP3LQwfw47JzmZfPmDop8HU3LVJbNttgfCB63tSCvY0ZYSWsBjmonqXRb65yqMfwVxvcAAhpipE6VWw0mwdhM2krRZ8z0_76QLo1g3F2nDdiqhFALT_2aQ4vCzxa2VB1hsDSd-vUEKvVUyTl3NRMdHz_p1Hawzn-8tOtZWcqMe2Aws7VWVX_E8J0BUqNlf0JEb-40N_YR0tePWFk14BqJ0Mve459XWZX_lZGPZw3XHGyUegHnT7VFiZPIWMNQ6ypTbYt3HFRz5a8ox2anYRieq6rRvx3W9mseMfCIiJYUoZRBklRLWVdNqklQSqFOLmx4eM1f9L1Jg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 1B2A 807 B
1 KB 48ms
47ms Image
image/gif 213.254.244.23
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=aa1df3adeccf4bd19b1afd80e44bbfb7&pltfrm=Linux%20x86_64&cbust=1621027221273200
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:21 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 5/13/2021 9:20:21 PM

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6656 42 B
110 B 40ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoku3bmIDKjD8qVcVABx3Xv_sageiJkEeMk2M014fn4q3vbdScjuhzjD4OR4dH0mZcwXgzyrxrEmRapwIOO7gBBEGC_wX-Ta3EBgBq43M&sig=Cg0ArKJSzPtktMe6GlP7EAE&id=lidarv&acvw=sv%3D895%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2051,0,0,0,0%26mtos%3D2051,2051,2051,2051,2051%26amtos%3D0,0,0,0,0%26mcvt%3D2051%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2051%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D472%26pst%3D460%26dur%3D30071%26vmtime%3D1731%26dtos%3D2051%26dtoss%3D1%26dvs%3D2030%26dfvs%3D2030%26dvpt%3D2030%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D906%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D10,0,0,0,0%26avms%3Dexc%26qi%3D486265402%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1621027222709%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,aud%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2051&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1621027219949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 21:20:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK event.png
tps20235.doubleverify.com/ Frame 649E 67 B
492 B 146ms
47ms Ping
image/png 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20235.doubleverify.com/event.png?impid=6b8f2bdf273c4273a11fb5d3920b2b9c&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=208&vdur=150&eoid=5&msrjs=1344&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1621027222724947
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 5/13/2021 9:20:22 PM

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame DF0A 67 B
492 B 144ms
47ms Ping
image/png 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=3925376ea2e947959f0f9300c2dd8210&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=76&vdur=109&eoid=5&msrjs=1344&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1621027222773465
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:21 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 5/13/2021 9:20:22 PM

POST
H/1.1 200
OK event.png
tps20235.doubleverify.com/ Frame 649E 67 B
492 B 48ms
47ms Ping
image/png 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20235.doubleverify.com/event.png?impid=6b8f2bdf273c4273a11fb5d3920b2b9c&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=7&ismms=92&isumms=92&isvelg=1&nvr=2&isgmmims=92&isgmv4mims=92&elmtp=6&isbxdms=2407&b0=2480&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&lftb=2480&sftb=2480&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=62&dvp_dpr=1&cbust=1621027223711667
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 5/13/2021 9:20:23 PM

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame DF0A 67 B
492 B 47ms
47ms Ping
image/png 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=3925376ea2e947959f0f9300c2dd8210&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=19&isumms=19&isvelg=1&nvr=2&elmtp=3&isbxdms=2242&b0=2406&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&dvp_vsosnmr=1&lftb=2406&sftb=2406&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=19&dvp_dpr=1&cbust=1621027223745562
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:22 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 5/13/2021 9:20:23 PM

GET
H/1.1 200
OK bsevent.gif
tps20518.doubleverify.com/ Frame 1B2A 807 B
1 KB 48ms
47ms Image
image/gif 213.254.244.23
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20518.doubleverify.com/bsevent.gif?impid=aa1df3adeccf4bd19b1afd80e44bbfb7&mascid=kootr37j53cn5600lwcnuyfeuus6lblw&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=1589&cbust=1621027223944573
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 5/13/2021 9:20:23 PM

POST register
events-api.gazetadopovo.com.br/ 0
0

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 317ms
317ms Preflight
application/json 13.225.74.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 13.225.74.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-20.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 14 May 2021 21:20:26 GMT
x-amzn-requestid: a5963135-6c85-467f-9011-c19cfed49431
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: fVlwFHJAoAMFRIw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: oxq8o92lQPRlKQ9UkN-O5Sww90vor2-QcnlXw0YRPfR5h6vLLzmF7w==

POST
H/1.1 200
OK event.png
tps20235.doubleverify.com/ Frame 649E 67 B
492 B 47ms
47ms Ping
image/png 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20235.doubleverify.com/event.png?impid=6b8f2bdf273c4273a11fb5d3920b2b9c&gdpr=&gdpr_consent=&mascid=kootr37j53cn5600lwcnuyfeuus6lblw&dvp_masver=1344&eoid=8&cbust=1621027225841129
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 5/13/2021 9:20:25 PM

POST
H/1.1 200
OK event.png
tps20240.doubleverify.com/ Frame DF0A 67 B
492 B 48ms
47ms Ping
image/png 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20240.doubleverify.com/event.png?impid=3925376ea2e947959f0f9300c2dd8210&gdpr=&gdpr_consent=&mascid=kootr4gbklsh3n0h8gkms93c1y0cz23t&dvp_masver=1344&eoid=8&cbust=1621027225874461
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1344.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 May 2021 21:20:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 5/13/2021 9:20:25 PM

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/campeonatos/paranaense/fc-cascavel-pede-efeito-suspensivo-no-stjd-e-estadual-corre-risco-de-paralisacao.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/campeonatos/paranaense/paranaense-suspensao-cascavel-cr-mata-mata.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/rio-branco-x-coritiba-coxa-tem-volta-de-titulares-na-escalacao.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/coritiba-r-4-milhoes-matheus-cunha.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/parana-clube/escalacoes-parana-operario-desfalques-times.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/carneiro-neto-chegou-a-hora-de-o-athletico-mostrar-sua-cara.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/aucas-vence-e-segura-o-melgar-no-grupo-do-athletico-torcedores.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/futebol/selecao-convocacao-ao-vivo-acompanhe.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/futebol/jardine-convoca-abner-do-athletico-para-a-selecao-olimpica-veja-lista.json

Domain: apps.gazetadopovo.com.br
URL: https://apps.gazetadopovo.com.br/cxense/cxense.json

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEJDy_y_RszH6LslVT6QQuQA&google_cver=1&google_push=AQvitULCBUGtib3FKs6eJ-RI2IUAMz8NKakXfwifE1sV-i6JoI_ZXO-7xuVtNDp9zeVsRpchl-cSjXfb5ASK8M8yLGTKBw6vL_g

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJ7pknOlCylwzk2IydeRkgAABFQAAAIB&google_gid=CAESEOR_--dvkrC9AjZS9swy3OA&google_push=AQvitUK8ItBLrQ-0Mr-cW-WS5PwP0D7Q2vlf2Yr4zcFjHSAkXVeyldTwHX140Gs6EDNLy20hvI-_pZeQDwWbsuajDmImTyqaXt4&google_cver=1

Domain: events-api.gazetadopovo.com.br
URL: https://events-api.gazetadopovo.com.br/register

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 22:40:38	Name: NID Value: 215=SI9yePzOJtKgsSUvYBAxOcN-ThRA4k2cENBHuwgefZd4eh3j9eLgmjO4hYw6FuLfiAXEJI169DdoYbUw1TA31SN5iNckEAfow-SUVGxb8g_OY0k0n-jkDAHlORdYuevXR4fDvDzM3ZNFei46xEXtVZJX9RyB38hkbTHvoB_6BEo
.gazetadopovo.com.br/	1970-01-19 18:18:33	Name: __pvi Value: %7B%22id%22%3A%22v-2021-05-14-23-20-13-694-BE8FV6Sla533f0CB-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621027214620%7D
.gazetadopovo.com.br/	1970-01-19 18:17:07	Name: _gat_trackerInfocoder Value: 1
.gazetadopovo.com.br/	1970-01-19 18:17:09	Name: _hjFirstSeen Value: 1
.gazetadopovo.com.br/	1970-01-20 03:02:43	Name: _hjid Value: 3bf4e6f7-6959-4a55-8658-f87966bcff25
.gazetadopovo.com.br/	1970-01-20 11:48:19	Name: xbc Value: %7Bjzx%7DybbjiQtYOerZwoeutfi8NwuA3KzWBp4Nro5iZKkOt2pxxefW97WbbYDrPuXQ-z4KqlO20CAJf9HxE2jeRA3OMYToWNZ2nYZdDRAUUG7DzsWNhrxHifmjfe4IicHjeHvAS8B30if1IGVbfE9cg26I0VqHENf2Rj9szlJlkmZCAJAZPNAZpIUa_crKsq5RaZY7FjZss2kbSVPUI34h2T7QaCZfcZ7At8aVdRL5mbl4JVd4G60iRG13uFd81WwjTeYP2OCPjx10U9NidhRiOImiJu0MlNY3V0_1XbxO5duMI_ci3K6BspSYjiSddh4acIeW
.gazetadopovo.com.br/	1970-01-19 19:00:19	Name: __pat Value: -10800000
.gazetadopovo.com.br/	1970-01-19 20:26:43	Name: _fbp Value: fb.2.1621027213624.1717082381
.gazetadopovo.com.br/	1970-01-20 11:48:19	Name: __tbc Value: %7Bjzx%7DmTYUm08lJyHEWAs9ALXKQqjbw0jme_suH8GZlRkYLrgbt-bv_oPzWlCPNuj65WgbBdNDcNXOlKQKkrSKLF0A6ZiZsjmSrH58QAulSvUNMK0XFSI1pW_JmoNsYrxPQKSl_ClXXX7wZd7xhwozNxHCCQ
.gazetadopovo.com.br/	1970-01-19 18:18:33	Name: _gid Value: GA1.3.1523808297.1621027213
.gazetadopovo.com.br/	1970-01-19 20:26:43	Name: _gcl_au Value: 1.1.4886979.1621027213
.gazetadopovo.com.br/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.gazetadopovo.com.br/	1970-01-19 18:17:07	Name: _gat_UA-23088598-1 Value: 1
.gazetadopovo.com.br/	1970-01-20 03:02:43	Name: cX_P Value: kootqz1vibwnzest
.gazetadopovo.com.br/	1970-01-20 11:48:19	Name: _ga Value: GA1.3.1622044111.1621027213
.gazetadopovo.com.br/	1969-12-31 23:59:59	Name: cX_S Value: kootqz1tsnd76yb9
.gazetadopovo.com.br/	1970-01-19 18:17:07	Name: _gat Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.188.1(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/settings/initialAudioVolume=50/containerId=_dynad_c_I5550009734_16210272166511434686712/showPubHeader=false
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/load/https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=/8804/parceiros/gazeta_do_povo/in-article&ciu_szs=300x250&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo%2Dauto%2Dplay&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=18394422187871308&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/active_display/true
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/resize/533/299
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/play
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/resize/350/196
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/start-counter

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
ad.doubleclick.net
ad.turn.com
adservice.google.com
adservice.google.de
analytics.twitter.com
ap.lijit.com
api-v3.tinypass.com
apps.gazetadopovo.com.br
assets.gazetadopovo.com.br
b.t.tailtarget.com
buy.tinypass.com
c1.adform.net
cbdbaa78c1dcb9cad1a6eaa8c923877e.safeframe.googlesyndication.com
cdn.doubleverify.com
cdn.onesignal.com
cdn.privacytools.com.br
cdn.tinypass.com
cdn3.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
comments.gazetadopovo.com.br
connect.facebook.net
csi.gstatic.com
d335luupugsy2.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
events-api.gazetadopovo.com.br
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gdp-prd-data.s3.us-east-1.amazonaws.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
infograficos.gazetadopovo.com.br
json.gazetadopovo.com.br
json.gazetadopovo.com.brhttps
m.exactag.com
match.adsrvr.org
mcasproxy.azureedge.net
me.jsuol.com.br
media.gazetadopovo.com.br
multimidia.gazetadopovo.com.br
news.google.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
play.google.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
r.turn.com
r5---sn-4g5edne7.gvt1.com
redirector.gvt1.com
rtb0.doubleverify.com
s.ad.smaato.net
s.dynad.net
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
scdn.cxense.com
scomcluster.cxense.com
script.hotjar.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
sync.mathtag.com
t.co
t.dynad.net
t.tailtarget.com
tag.navdmp.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tps.doubleverify.com
tps20235.doubleverify.com
tps20240.doubleverify.com
tps20518.doubleverify.com
tracker.bt.uol.com.br
tracking.m6r.eu
tt-10162-1.seg.t.tailtarget.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.mcas.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.semprefamilia.com.br
www.umdoisesportes.com.br
apps.gazetadopovo.com.br
cm.g.doubleclick.net
events-api.gazetadopovo.com.br
google2waycm.netmng.com
json.gazetadopovo.com.brhttps
104.111.237.88
104.244.42.197
104.244.42.3
108.174.10.14
13.224.193.58
13.224.95.11
13.224.95.81
13.225.74.20
13.32.6.61
13.32.6.78
142.250.185.162
142.250.185.66
143.204.101.168
151.101.12.157
172.217.23.102
172.217.23.98
178.63.13.144
18.156.0.31
18.184.153.186
185.29.133.199
185.33.223.178
2.18.234.21
200.147.166.107
2001:4860:4802:32::3
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
213.155.156.167
213.254.244.13
213.254.244.23
213.254.244.24
2600:9000:206e:5e00:12:af17:6680:93a1
2600:9000:20eb:2800:6:45ad:3580:93a1
2600:9000:20eb:3000:6:5b96:3f00:93a1
2600:9000:20eb:3a00:1b:3b3:e300:93a1
2600:9000:20eb:a400:6:9eb2:5cc0:93a1
2600:9000:20eb:ac00:1d:7626:ce40:93a1
2600:9000:20eb:e000:16:bc5f:3e80:93a1
2600:9000:211a:b400:13:9bf5:7100:93a1
2600:9000:211a:e00:4:5c96:9080:93a1
2600:9000:2156:800:1f:3000:7b80:93a1
2600:9000:21f3:3c00:8:7f48:3500:93a1
2606:4700:20::681a:415
2606:4700::6810:135e
2606:4700::6810:bf3
2606:4700::6811:bab1
2606:4700::6812:e234
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2804:49c:3101:401:ffff:ffff:ffff:50
2804:49c:3104:401:ffff:ffff:ffff:34
2804:49c:3403:2676:ffff:ffff:ffff:6
2a00:1288:110:c305::8000
2a00:1450:4001:44::b
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9c
2a00:1450:400c:c0c::9a
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2a7::268b
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.102.185.99
34.246.133.154
35.186.193.173
35.244.159.8
37.157.2.234
40.81.121.140
52.214.209.198
52.216.200.118
52.217.195.96
54.76.195.29
54.94.201.92
69.173.144.139
72.251.249.14
76.223.111.131
85.14.248.71
99.86.242.79
0071c7a900a92904c5b673d2ae6b025d09a732028ebc2929e089628edbd0c64a
018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461
024512554b3bab56cd0b41c6afc93d67a9202fb5bc2ccfae07d568a9909f8a33
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c96ae13eca566cd88e7584e53dd1b46d4577f1af3eefb9230f9da1ce9e1159e
0d05cb6e8a85929d190b71c1b13ed52870280c3b5e5835b39a64c65a66c82b06
0d2ff32a42b137abac2bfefac2d02be11215c0f592b9c215902459877893eb8f
0fa9acf616fbc8ba4d173470b1d1450faca1dcff11546fd94cf779cec9c4afce
10892a3d32412fb3a00819c717b9e1a54178e2cfc2d1cac3a1548fa28b3ec421
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ebb3e0760ada317a54cba370a08d133552db2caee5b7e6acf4f52a641eecc1
1239b36b4c819d0db0be3f49f55017fac8006d4243f013ed6c03ba1dfaab4a2f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1456ae4c1cab243608aabf692d71b64f76238cbf392d5e5343e1ae59e072ae34
14f0423ec80a8cb8436d8ed32dca04fa035a9ad4ce415151062d244706e065f6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16eeb0c91246ec4e54166e02ecb52aa85889e985f0202205d4de4268ce9f417b
1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b
175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777
1787d30c7b57614a1da484249fc76c37ecc2689632e00d15b67a9323893a0da9
187724f70ee4b0489797a1e57b7851448eb8f44705ae4e27f1877aee681b3294
1a4cc0e434a49a85bef77cf1d345a20b952002eb8704dcddd90301e13d4bd67b
1a58cea2c106380b60a89c7b0fc665db69f87bebc3e5b9354e90bbecc90be6f2
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1b93585ae8a31d1fdb0a88f71b85505d11baf4edcbf0c2f6f6303b357b6b653a
1c85e12c4e0afead9fb197776091f1dbde9d01529110ca3d5840fdc68dd9ad6b
1d05f6195ec941089302052a1b7315792e52dfe4cba4da1fa9c6152e50a5c90b
1d6fe15fe35d33f37ea9711b85b071960d8aff36e275f19b4c2463143a1715cc
2101046cf9bf0cf72b6b8aca4af7935b48b909d6625f6a9ab10bffed7b5b7a67
24c504f179bd61b312fcef2ce3c1d1b9564010b44a0ae451828083ff9d6b4be8
259f01a4a83ad8a3ea4306becf97b5270bed9e5556f64ed6bde597f2f0601b39
263895180fbd196bdf0b4a6e0785a374f8a2b14f1bfb83c48b83a2aad67618bb
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a
29755efc0bb7bd744c16838897a4d0690fbea0eeae5f0a920eaf1171ef692f0a
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991
2a15e7f11f5fca5aac1bf66295da8c0b91d0aba36bc9de38fe55bdc5edbfcc7c
2bfa995030896a16b7e6b1d1f9059192c0369af971aebabd5c393fce93da98eb
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd20f7f3eb62fd36c0bcf3021b9cfe55bb84da873ea1a88717c61ef90dadf1f
2d0c4c91151f68acb0575709f749d075394b36ff4f6bdaa85e1a46a5bfe34274
2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d
2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
305967bb74a73c1ccdd9e86fd25f3dbac1250cf7b592897066c6b272d2bbf03b
30f711976feb745d0a181437d8d6b31bd07213c35cddb8c1e53c99aef0635d89
31bfdda51e6285e41e3aaca520a7408df73abff1337d0d66ca683bd0154d574b
33b3ec1b600ad6625d0e55a3acf2e1c5cfcf9ffd503d2b2dd4cd7bbd112a4c2e
33f70a38fc1928509d63e439825abeaa3ff5cc536e702751d0f1a3e35481ae39
35d5abbd0c941fb2b299fedb372f0b0967d7b89d6eb1478e774ce47daf8a0a6a
37c8f4afc2b7c27042409573dfe98605fa9929c3a2c0612ad5f9893d35ea7341
38026ad61d28a57e3b9a371f050079a5a1668593a911faf2a14f82ecce51284e
388e44b00b02584faffc4755667c1f2d9ba47acf9d79d5c9824d36c4f20234ec
389033bda6df04020f9010686fdac3a0232caddadddf2ea2367954c0aeb5be35
395a94187831774a94fd00c542682ecc497896d074620cb614068d0a3fed3e37
3b75b9cd4dd118fc59f3d0c15dd4e93b7ebd44fa9d0c9b0a22a89cb3e4a6842f
3c2a735c02b323ab7ce99fc8809019769dd053c420982d43db03df4834a262d7
3da88ed707e9f5a8821a3b82c8f159ce6e02200b258f5c97c48801556e89f57e
3db84048869efcee2bcabea4021f028761016236377931a536ead8c9b5e183c6
3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8
401044a217dc17c1ecb74e6a117098fe09e6f048fd32825e7c1b0894c2735662
4023d551d192c8216628d45cf7f363a9f8b8b686e72973f3ee19c5e3e17517a8
416ddcfc1983be12677dd45e2f758799c776da388cecc4c11179acc9462a803f
4294e6162abad6a414ca4c2040e353a7b77af05a64b5dfa1e9de3a094d4277cd
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4305cf47f19afb59b38a7b1107cfc9992346da5b5fdb412193c862a22cc1ac35
440e766b126d9aa088c0c6c66b589b201bfa0683bbb3d70ec5f5191445007a20
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44496cc81b5d0b6f20e309c776ccb7de6ea624ccf7f12faad3731be73961fd45
466b63bc739c4058a11b3f3833951a511607727bc8a9434348ea56f557667e53
47bb2760890a290ad550e791686a1d9648d2e398eb8342869819bbf68c3ae458
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f54c863039f91f3c092d58c8b4722045ae462eede3ff803fa0363e1fd61982
4a3e312a37e7e4f144129f67d977ac8b81d2f5c5faf260186c69eca4292a5f63
4a76fd2d7206486cd72f80c33106d521c63cd5c7cf869c5c0ab908ad2c87d342
4aa78711c45fc339506b71571783052946207f63cff4121ad09224fe7c61bf4a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9f14aad2e54ad79df17ebbdefefd5b255e048b1d9fa08132c496ef0e1d7128
4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6
4c43b5cf131c9ab4a3fbb007262904524feab44469dfa508d021ca4f9c53e8b6
4c8559b3d9f89fac3a49716cc7ae77f6b922e2e5c82c81e4b558fcdb5a819e35
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4cfebbbfd01683311a17a63b4a47d090ca9620c42f9655e13da7cdd33181cbe8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f874ff88caab3c7b634468acfc642a6bdca8bb2e9499e8f8271555b29e2129f
4fab395c2e4dcd2fff441237b4a86a9852a37a0452946458880278d4c9386225
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507d5645810e335701bd030095522b569876b85eec73d247b52cb2d2f31e9364
514bace22806bab147f52ba18cbc1cb6c0672409da466b71d2799aa6b464f4a0
5165f2800f8a97a40d9d0621279f65b0f74c64c03f069f77569b3a7ee661445d
51a6117292845afab73b2de4673d5d7559afdffe1ef69fb08a1cb5003220859b
54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7
5546f9e074ab70995f0edefafb361236f1d83da768a83e72b23587d9a4c63f3f
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56beef9225a16124caf0ace09bd7a74e39d1133af314b8c0203e641e176e5c82
58d4e8bea5aaecd35708270eee543f8ff2854cc4eb4cf089fbdccf166a16b424
5996062961b290de6f5e449fbcfdc3df354b36605692d9be7e571b91f978e21b
59df371bf5a3fe381933993836f515e64c8b8f0b0d81b04a417c645700b6d369
5afbad15c6ce4cf38fd292734e6ccbd24e9e873359ce346a02ca7a517ef76c0c
5b146b7a69eef9b064e5064b481322e7e1fb28b6409360785a9a2f0cdfceb31b
5bfdbf2a7af9a8153d6ddaf5ae47a8e9b63199713c32fb8d08c00b704e8cdcce
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
5f278fce1ff36e9012ad04a47e7e3f2499a987c01372c2eee65e0ca6d3f9d841
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
61277b792c3951bab82122f2883f8bd289152bf2da46e5fe1f607f817dd2a6c7
61ebdcfc029336852d749f06fd3d15752e5b5ff11714dd35a3953859fdb4be81
640d44cf7e0cf59b4807fd4277d2fd5671b500b3d812ead47ac137aa6f52d9b1
6437fefcd5a8ed1fc150bcb0cb5beeea3dc6346a68b2bcb773a6efe0ca95265a
6465809b86cc160bfa318016d2f5fd7fd262f468b3bbe9af742cb58f66a20c94
65cef8a94d8a09cac56b85e15c92c37ea129d38a094fa8e1f3fd812a550b74be
678d2d638d566f2d2af8a7c6a039198ba2463af6ca8053c44dbd2a123594ac1c
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
688e988524e58814d1eff0c0a0cba700961b8abb3fc2655cc10a8fb6814d6605
68af7d95d32570af49c8988fa9285f76add19e574354b0d7136b65b205d2f5da
699bbb6103429ae6c5982e7e2e98024c1d598a677ead87041f86ea109327ab97
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df7ecbe045a73f8b8ed311209c62615a82f1ffbc2fe078d494c3fcabe663988
6e3b76bf5d88736c9b9656cf2810230a811e0e3b7a1e0de037f4345a3e971529
6e6ea38b72668f7977a64ff403eb7d185f51228d15749b397ef3ddce7b3b81da
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
71320e22153f97e1739fc5fd5df4080192219b589dab85e3a23084575d8ec497
72723a249f5e97fa8c7efbe30d92de1b60f71719e810650515168823256b67d6
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
73ca82cdf8f9e3f2387ae7bed10bd9d201327a138f42ddf8498e818c0ef23e9a
74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96
75546486c61ac18ce6730ab1e1b8b091598cf8e17eb226628c713c45dd77b3a4
7759db8c8da0bafd704c3b22034a0c445a9c273a605dee0dc7d05517d456f636
77bd57534e8d8e1b464f7b84eae2273d50b25ce55fb991a0b31c5b1f30c1bc30
77ff5a3dff4d011736dd855a064d5b952fc34e27937970453b827e4f45b42fd0
780849559953abc98981f7964d063930d1b9cdf5f9aff09e60bd64cc2d9de59a
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
796b7c426168c17fd0cda987277798ded81c6503a920f1fa4a90b946356ccb6b
7a57e944329333b5591f4aa74e038fb10ea98bd095b2f316fb01dfb8ffaaac0a
7c3e4f7379ab36145201000303ce7b35f6862e261d7a362b0491454278d81354
7c45936acb85087e8a5ae92fc4ebc184e7d08ed6227541427a3bb62caa9b2922
7c862d06dbc394d8f64662949c40b019bd661b71381a0485ff7ccf3eaa45786f
7f9907a3b9fec959cbb6fb52f357f3f861bc26bab4f2a40ffecd8e2d9741703d
80145010fadb828df3c16d025301d9f7c9511f26a67721692727f7ecb0ce4fd3
80703c852a090d76117e0966facfbd8405852c7c26d322e1c6035870756293c7
8081c769c2d9191a1ae2bea8b1409784c0a13d70b83bb2f41d41cc22ef2164e7
8100849e1803ada0fc217cbaf5c1b4e5d0d7355c49db8b177b2894ee93c596bc
815512205618063457185ef1655698d63565936ecfc7a1d91e4aeae651a701ed
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847d69f7e47ca594c9315d75cb536c6a8c03c4b6ca1da669ad29cd422c2dd393
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
87caa07094d5c8b229d5dc7075919208eff26570f2c3b3b6bd4f58baf4752bfd
890bf6cf5b41a9c22c3181423d29c1df243324b6b4f4df46a7df5dd0c8847d53
8cff8204d026661543e2c7e4945d824871a987a85c27336a91cc4bdcece788ba
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
91e9164448bbb0306f0ad72dad13782ef08ae66a9ac3d9b857d9a57a8a3468a1
92029202769338ce72a1b25882ed91c7098f42bd6dd78d279c223acc2453c7aa
927370ca96008d4f1bd354184395ae799d15db183a2e8fc97ce4985132000b55
93c29356b85925ff806adbda076c942a77335fecee4715df51b86f50ba64082d
93da23ad716e68c9eff8fcfcf2ccf7056467e6d6e34ae308ec9ef571b64dff3b
941be4d45588696ca34e517be425dab40e232f6b30fc60d76749a67df6df179e
947e3dec03b8a6a3d77e890d173bc946ee51b395db9ab32d971da1996305a409
94cdcace8c4d3288bb5878340eab8a9b6f583f3c4a6edd32e72d0210666c6b60
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
9a3e12500636879f9470fed2da8692a8be9f697eea4811e01117833ce7118ca2
9a69449df719f82093480256440555f0b8ae379c0684688706903dee6afd40da
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0244432d5bd68b595fef41e5257737a038d95848a1fa483c66fb8fdee718d3
9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2
9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a
9c33d27cab31c3b8c1a18e54a01447d1d25f77ba8499018b01c1156b92080dd8
9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1ca1ef0c827c87b8e042a49a16eda97c774fe261e69a2f4bfbe2f17c400ad9f
a21525f3b01371cf5cd313f733dee7148a4c0d9fe7126384aed6fa3aeb9b0c29
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a3dc9740720c16432f3e0d1f263ca71b58facff3977067676b4435ddb8c99cb4
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a86b3aac4a20cb62d1d0aaf219216caadc478f80175c970be2267d0dc2347c0c
a90753e49e65629a8e0e05a0ce52ccc8e85c447918cb596db530fe8807f518db
aa2016b60165a5185a357ec0a89e8c0dfddf2ffd7e5622c367feecc730a7ba28
aa8b713a154b54249bd05a06ea0ed87ea2ab1cd5401672a632b135855c065c24
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd98206b576b8f71d5f658eba383fe662814156290ab60c56f9e63935df618f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b047be252ee083f5e2ecc6d5a6ffb273eba8a3574738c114659e3c9c00f8d2be
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b189c1344254cee17f9f2366498b82857b5f6bf725e05751311ef02502a38ef2
b1c315490653d8ffce62de9da61cce3a69ce36d16559fd613a0fe097622523d0
b251acadc1689369d2cd4e68a3c2085891ddbfb13dbe25f0f0bcc3119aeb09a8
b3a216384e31bb9d5f4b49670fc877d9722c058ab78ff22f8b21a5e9ae7657cc
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b4093e53fe6f7ff4a948f4096de7f42865ae0fd5fb5be2426b64edaf8a3824c9
b4af28a37edf9f09e8ea10206c8c8a8ef8615968b475463e06a451b990b25fa9
b511715e4e77e792878b0edaedbd2ff36144b23f63eb79b6b8913a5165c2152d
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b61732db2252c5000c223750a5fde6d290135839617aece803ad5026de775851
b6ee798d37136ab6f224fc050be6177284eabaa2d1655969598a9cc1113413f9
b8e0a46f1a28e4a7adc668158241a0748b4664b5e2fdf5d2e325936a5f09df36
b9abe16e112e0c606f0a92db9f74d716b480a0e98bbea1a977cbb31749fbed6f
b9d617e9f08cbc93669539892246840ab9e58e60390ba375031499f4e5db86d2
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
bdc99bd3963307935f6f2786ea00447c33270ad1b4c8b5ba280e296696997142
bee94f92f87881238a9d783523e1d3c6eae7d4f808e261eea83c5c5b585e6a60
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
bfd2b34e62d51529f9e6941e63672c539a9c3e55f663132352f64303318ca289
c0b52e7733fd544d99d4fa0164d7f86a7cfc3a941ce93d83f8d3b2f468a133ed
c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c
c15f3c137dbf8e1c26ec2f2820e22a7eaec4f5478df4f332a61247e21834e570
c1ee816da0a15b921ef5177f4d8f86f7e242195d2af6f957e54536a45b4e1ef1
c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c
c2f2c8cb92a66ecd38c297020bdf0e121836f3da280f2fd7ab47dc9a334942d6
c464515482990e9c475b99f638f909bd5741ccbaaeff92e0092e2cc9ae06ec75
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c756b47ce92c7b87ed868385927a9f12a99088c04c223e4f2727697f1640f0e7
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
ca6b5bb454f212f0feba2155c93490a4e50a786d634849dc081fb0cfee923300
caebfb6e968f13cbc1e05d1abf95e2bb18c578608bdbd3cf438a42fd636f0213
cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace
cc89a9f3aaf0b0985a2c618f1b7978f0aeb6eed42f8e1fa447fc928eb633015a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaec9d4683bee495cf7a343719fea1838892747070d3f5844eb535e9f1043d1
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d17c1b927bf5aba2498c98a958a48132ed6b2639b6f91fb222f994b017f520ac
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d2c4bbea0a24d1787b10b390e43c898b94666054f438aed545a07fed23da3cbc
d46e2627b0ce70db2e004c76bcd8c8d3c62fdbe9807ef8a2627898922a550471
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d6d5c75ef2890b569b6f795bead913ea2b87ee173cfb7547af76d543b1d46757
d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1
d7f27bf75071302176a83b109340393c38435e1dc7593fdef87e74fe7bc9cdf9
dac79b049b8b208239f473c21ea5fdad9dd3c03881512541cd336575d10033bf
dbdc327c10d965d84fd27553baefc98be48b2235177ddefb2180f698d1075bcb
dc054e0b4c733e72b82622b2c82b7a6decc18d83e9133952b906ecb6eb4943ae
dc2e053bd9064752827a5196e0834ffc13fe7ea863a45e8b43a69edabd0f4a98
dd2e4f59748b59c4715b90efb01442658bdeeb5ecc48cca7e1c170121e94ea20
dd398b623b76054d518a0c4c60c6bbf562a4390e5472d934e2157f7618d99d16
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e2097ec0e1b73fb43f4d483c98d7d0650f589ee5a29711a4c9c72785dd2cbc4a
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e33eae924ad2106ac122ba2a8a3f1a8e7c6fe28cbfbc0c974c2f577a3d69ed
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f
e68a8e11989f755b422afcd231083744a574a76fafd9b661bd053e571bc2d51a
e6c0797789e54bed7943c3f000bc1ef8c1008ceb42f66b902c9b7a62c2389b17
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e795c5930ba9a2f4522f34535f2697ac875ef1d3787e6b4345f7f2efb7591f97
e7f3f11c7dc946d768710ef63ab41344d69f8112d19123c346d3f56fcc95e1b5
e89c11b0ee752f72819ff6b6d502279fb493d7ae783ea45672efd5eef6338b72
e8ce4a0a32c830a6051b2907482e3122be8ad51d495ed58b238c68502b5eb8cf
eb9c4f797f49f770331b0ef661e6914e33461c7a34ad1d3934ae54957dac0163
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecc1bc8a640a1de8d4df8e6470d35f1ef4d5494a9997dff0b0059174708b9b05
ee55a78068293dd8c4ed978c35e141b9d211314ada6085d55a18dc507cb190d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7710bb2689aa833157f10a000490f601f98da0d1264327db0f661cc2bc5c59
f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a
f363bb1263ff140c7a599ac408717e56d801c29238b25bb8506a7a09527408c3
f3bca498f4fa68a5d099135c6b44322e22aa62e509f59fc294d9e53d38475374
f3f662e23645b1b81aaf6eb5901cc9162dc0316b2b48a735c2761493e8ecf1f3
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f7453996d1828f4f69cd58b0c8a3134b7a505a1080b0aa9bdb05d307c037a3c2
f74bdfeec83247edd199110ac967f48433637c2cd8dcac06c4de540abb3393e8
f948af3ff94dd25fe4afd93d136108d2461ca1d0a1d592d1915210c5a0e0b67e
f9f3a9a56336afffef938cd4c0f29deeaed14cff056017859c2012f2a8aeae27
fa7c60fca96e114cf9162a26c0eef728783f2dbff06d2b86773535af90de3f8b
fd6d343c560c20611901e4c09e6f4da827fdb5957d2e4e2d3047c2e5804d4e6b
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd
ff156ac54096975d3e14e590858cb08eee2efd16af2ccf7b73f106d0811a899a

www.gazetadopovo.com.br Open in urlscan Pro 2600:9000:20eb:2800:6:45ad:3580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

559 Requests

98 %HTTPS

56 %IPv6

62 Domains

110 Subdomains

83 IPs

9 Countries

9997 kBTransfer

20170 kBSize

17 Cookies

90 Outgoing links

Page URL History

Redirected requests

559 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:20eb:2800:6:45ad:3580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

559
Requests

98 %
HTTPS

56 %
IPv6

62
Domains

110
Subdomains

83
IPs

9
Countries

9997 kB
Transfer

20170 kB
Size

17
Cookies

559 HTTP transactions
7 data transactions