www.opovo.com.br Open in urlscan Pro
2606:4700:3033::6815:3a6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://opovo.com.br.admin-mcas.ms/
Effective URL:
https://www.opovo.com.br/
Submission Tags: krdtest
Submission: On May 04 via api (May 4th 2021, 8:27:41 pm UTC) from JP

Summary HTTP 346 Redirects Links 105 Behaviour Indicators

Summary

This website contacted 68 IPs in 8 countries across 46 domains to perform 346 HTTP transactions. The main IP is 2606:4700:3033::6815:3a6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.opovo.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2020. Valid for: a year.

This is the only time www.opovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.105.164.234 51.105.164.234	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:64:... 2a02:26f0:64::210:6bb9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 95	2606:4700:303... 2606:4700:3033::6815:3a6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
7	143.204.101.168 143.204.101.168	16509 (AMAZON-02) (AMAZON-02)
13	52.1.252.251 52.1.252.251	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:4edd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
37	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	35.244.156.216 35.244.156.216	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	65.9.84.55 65.9.84.55	16509 (AMAZON-02) (AMAZON-02)
2	34.68.90.188 34.68.90.188	15169 (GOOGLE) (GOOGLE)
10	34.207.18.4 34.207.18.4	14618 (AMAZON-AES) (AMAZON-AES)
1 5	65.9.84.29 65.9.84.29	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	65.9.84.122 65.9.84.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:210... 2600:9000:2104:6000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.84.2 65.9.84.2	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	65.9.84.76 65.9.84.76	16509 (AMAZON-02) (AMAZON-02)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1 3	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
6	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7 12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 5	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4232:4acf:609e:729c:ab1e	14618 (AMAZON-AES) (AMAZON-AES)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6811:2118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1 4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	34.234.140.75 34.234.140.75	14618 (AMAZON-AES) (AMAZON-AES)
2	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	35.223.116.65 35.223.116.65	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
346	68

1 51.105.164.234 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

opovo.com.br.admin-mcas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:64::210:6bb9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

95 2606:4700:3033::6815:3a6d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.opovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.101.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-168.fra50.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-252-251.compute-1.amazonaws.com

wfpscripts.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4edd (United States)

ASN13335 (CLOUDFLARENET, US)

c.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d3221622c000ddcd4c9fb19d7c973b30.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.156.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.156.244.35.bc.googleusercontent.com

api.nobeta.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.55 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.68.90.188 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 188.90.68.34.bc.googleusercontent.com

forms.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.207.18.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-18-4.compute-1.amazonaws.com

webservices.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.84.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.122 (United States)

ASN16509 (AMAZON-02, US)

geoip.canais.uol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:6000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.2 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.76 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.91 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.108.145.8 (Berlin, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:4acf:609e:729c:ab1e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (United States) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:2118 (United States)

ASN13335 (CLOUDFLARENET, US)

noticias.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.140.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-140-75.compute-1.amazonaws.com

msgws.webspectator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.131.235 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	opovo.com.br 2 redirects opovo.com.br www.opovo.com.br	721 KB
68	googlesyndication.com f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com d3221622c000ddcd4c9fb19d7c973b30.safeframe.googlesyndication.com	396 KB
40	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	343 KB
24	webspectator.com wfpscripts.webspectator.com webservices.webspectator.com msgws.webspectator.com cdn.webspectator.com	124 KB
13	2mdn.net s0.2mdn.net	2 MB
13	googleapis.com fonts.googleapis.com ajax.googleapis.com	41 KB
11	google.com adservice.google.com www.google.com	651 B
10	redintelligence.net 2 redirects hal9000.redintelligence.net hal900025.redintelligence.net hal900017.redintelligence.net	19 KB
10	googletagservices.com www.googletagservices.com	330 KB
7	cloudfront.net d335luupugsy2.cloudfront.net	112 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	5 KB
5	google-analytics.com www.google-analytics.com	53 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com	2 KB
4	openx.net 3 redirects us-u.openx.net	1 KB
4	google.de www.google.de adservice.google.de	486 B
4	gstatic.com www.gstatic.com fonts.gstatic.com	169 KB
3	yahoo.com 2 redirects ads.yahoo.com ups.analytics.yahoo.com	2 KB
3	adnxs.com 1 redirects ib.adnxs.com	3 KB
3	rdstation.com.br forms.rdstation.com.br pageview-notify.rdstation.com.br popups.rdstation.com.br	40 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	criteo.net static.criteo.net	51 KB
2	contentspread.net cdn.contentspread.net	94 KB
2	teads.tv 1 redirects sync.teads.tv	407 B
2	cloudflare.com cdnjs.cloudflare.com	19 KB
2	criteo.com bidder.criteo.com gum.criteo.com	296 B
2	facebook.com www.facebook.com	346 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	facebook.net connect.facebook.net	96 KB
2	navdmp.com tag.navdmp.com	9 KB
2	googletagmanager.com www.googletagmanager.com	72 KB
1	twitter.com analytics.twitter.com	662 B
1	uol.com.br noticias.uol.com.br	1 KB
1	tremorhub.com partners.tremorhub.com	183 B
1	advertising.com adserver-us.adtech.advertising.com	193 B
1	creativecdn.com prebid-us.creativecdn.com	178 B
1	t.co t.co	458 B
1	quantcount.com rules.quantcount.com	427 B
1	uol.com geoip.canais.uol.com	420 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	nobeta.com.br api.nobeta.com.br	12 KB
1	google.se adservice.google.se	799 B
1	jsuol.com.br c.jsuol.com.br	49 KB
1	googleoptimize.com www.googleoptimize.com	37 KB
1	admin-mcas.ms opovo.com.br.admin-mcas.ms	833 B
346	46

	Domain	Requested by
93	www.opovo.com.br	www.opovo.com.br
34	tpc.googlesyndication.com	securepubads.g.doubleclick.net f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com opovo.com.br.admin-mcas.ms googleads.g.doubleclick.net tpc.googlesyndication.com
28	pagead2.googlesyndication.com	f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com opovo.com.br.admin-mcas.ms googleads.g.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com www.opovo.com.br
13	s0.2mdn.net	api.nobeta.com.br opovo.com.br.admin-mcas.ms s0.2mdn.net
13	securepubads.g.doubleclick.net	www.opovo.com.br securepubads.g.doubleclick.net www.googletagservices.com opovo.com.br.admin-mcas.ms
12	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
12	wfpscripts.webspectator.com	www.opovo.com.br webservices.webspectator.com
11	fonts.googleapis.com	www.opovo.com.br s0.2mdn.net
10	www.googletagservices.com	api.nobeta.com.br securepubads.g.doubleclick.net f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com opovo.com.br.admin-mcas.ms
10	webservices.webspectator.com	wfpscripts.webspectator.com webservices.webspectator.com
9	www.google.com	www.opovo.com.br securepubads.g.doubleclick.net f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
8	googleads.g.doubleclick.net	f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com opovo.com.br.admin-mcas.ms
7	d335luupugsy2.cloudfront.net	www.opovo.com.br d335luupugsy2.cloudfront.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects wfpscripts.webspectator.com www.opovo.com.br
5	f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	hal900017.redintelligence.net	1 redirects f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com hal900017.redintelligence.net
4	hal900025.redintelligence.net	1 redirects f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com hal900025.redintelligence.net
4	googleads4.g.doubleclick.net	opovo.com.br.admin-mcas.ms
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	1 redirects s0.2mdn.net googleads.g.doubleclick.net
3	www.google.de	www.opovo.com.br
3	stats.g.doubleclick.net	www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	mcasproxy.azureedge.net	opovo.com.br.admin-mcas.ms mcasproxy.azureedge.net
2	static.criteo.net	s0.2mdn.net static.criteo.net
2	cdn.contentspread.net	hal900017.redintelligence.net hal900025.redintelligence.net
2	ajax.googleapis.com	webservices.webspectator.com hal900017.redintelligence.net
2	hal9000.redintelligence.net	f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
2	ups.analytics.yahoo.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	d335luupugsy2.cloudfront.net
2	www.facebook.com	www.opovo.com.br
2	connect.facebook.net	opovo.com.br.admin-mcas.ms connect.facebook.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	tag.navdmp.com	www.opovo.com.br api.nobeta.com.br
2	www.googletagmanager.com	www.opovo.com.br
2	opovo.com.br	2 redirects
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	cdn.webspectator.com	wfpscripts.webspectator.com
1	gum.criteo.com	static.criteo.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	analytics.twitter.com	static.ads-twitter.com
1	msgws.webspectator.com	wfpscripts.webspectator.com
1	noticias.uol.com.br	c.jsuol.com.br
1	ads.yahoo.com	googleads.g.doubleclick.net
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	d3221622c000ddcd4c9fb19d7c973b30.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	pixel.quantserve.com	www.opovo.com.br
1	adserver-us.adtech.advertising.com	s0.2mdn.net
1	bidder.criteo.com	s0.2mdn.net
1	prebid-us.creativecdn.com	s0.2mdn.net
1	vars.hotjar.com	static.hotjar.com
1	t.co	www.opovo.com.br
1	script.hotjar.com	static.hotjar.com
1	rules.quantcount.com	secure.quantserve.com
1	geoip.canais.uol.com	c.jsuol.com.br
1	secure.quantserve.com	wfpscripts.webspectator.com
1	forms.rdstation.com.br	d335luupugsy2.cloudfront.net
1	static.hotjar.com	www.opovo.com.br
1	static.ads-twitter.com	www.opovo.com.br
1	api.nobeta.com.br	www.googletagmanager.com
1	adservice.google.se	securepubads.g.doubleclick.net
1	c.jsuol.com.br	www.opovo.com.br
1	www.googleoptimize.com	www.opovo.com.br
1	www.gstatic.com	www.opovo.com.br
1	opovo.com.br.admin-mcas.ms
346	70

This site contains links to these domains. Also see Links.

Domain
mais.opovo.com.br
radios.opovo.com.br
fortaleza.novabrasilfm.com.br
fdr.org.br
www.populares.com.br
www.anuariodoceara.com.br
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
adorofutebol.com.br
assine.opovo.com.br
opovo.com.br
especiais.opovo.com.br
people.opovo.com.br
populares.com.br
empregosecarreiras.opovo.com.br
bpop.populares.com.br
compredopequeno.opovo.com.br
blogs.opovo.com.br
www.blogdofariasjunior.com
agirbrasil.com.br
comunidadenerd.com.br
cosmonerd.com.br
www20.opovo.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 06	`2021-02-24` - `2022-02-19`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-12` - `2021-06-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.webspectator.com Go Daddy Secure Certificate Authority - G2	`2020-05-12` - `2021-07-11`	a year	crt.sh
jsuol.com.br Cloudflare Inc ECC CA-3	`2021-04-28` - `2022-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.se GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
api.nobeta.com.br GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
forms.rdstation.com.br R3	`2021-03-31` - `2021-06-29`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
geoip.canais.uol.com Amazon	`2020-08-05` - `2021-09-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-04-26` - `2021-06-16`	2 months	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
uol.com.br Cloudflare Inc ECC CA-3	`2021-04-28` - `2022-04-27`	a year	crt.sh
contentspread.net R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-09-06`	2 years	crt.sh
popups.rdstation.com.br R3	`2021-03-19` - `2021-06-17`	3 months	crt.sh

This page contains 36 frames:

Primary Page: https://www.opovo.com.br/
Frame ID: 6B2BCEAC7BCFD53480EE939183999FBF
Requests: 167 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Frame ID: FD9E7E4F2068271CF8055AF4999F7324
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Frame ID: EABD0BEF8D75949C18CB5F188F4A6736
Requests: 21 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: BD6F72E36CDE7B0036B1F3C45EE328BC
Requests: 1 HTTP requests in this frame

Frame: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 694B77A8DF07D7538AA4664722B1A873
Requests: 14 HTTP requests in this frame

Frame: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0AAF8BCF6ECD7204B3D3CDCEDD4127F3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWrOvSscCLyAm18xpXINJKQiIWVfLYd5eouQ6m080VsEy-KyQ2W74oJ7ifx-QdRVKPTdRNBqSFbbUawOgdTusXEcn4wDEKXjS1pSMyLWqm6HBZ1wuFRSP2CSgX4alcJ5zDrQGH3tZ68J4rZKkpajWJj0jvK0fVqHGk4PO_SohopDdcJw9nI4tjxtvEebYtxzMAaMWX_-k-P_Tly4pEM62Ysa9xNgcJPc1FrLb6KMKLZXd6VYUBOU_FKmlymfG5myVuVyYhVL4bBMNf8SXhguLGnImxW2sr1wUWO1z0Nt-_q1d-bYZTd6E&sai=AMfl-YQ1IX-AH0oBdHu1lafPcQp9RfP_oOfRmCuz9DUeGG1vD5ZFmIblCBlD7O8wNN4lSPnXRW5Iy6hRR8Rs5Md-w_ry2V4fak6X87atww4gAYvQBUQuCRKVse75vHcWVJ_Q&sig=Cg0ArKJSzD5XbklHkuIeEAE&adurl=
Frame ID: 6DBA3BDA7899F6FA009BC63C91DE8F1A
Requests: 9 HTTP requests in this frame

Frame: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8E4E047636FCB8CB49B22EB1BC20E946
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO_BKa5eix2xn6BzfBQF6QcbkAPgJ3MC-uGzEBC8l5Wubjt_Gzp6RU_BYrGgA1JkUwketyLuufmnEf_RlnkA-TRJeuaLDTiBJeBkUVzABcnJmXgH1W4wu70k7wxMkCklyrw-VT1YDgC2GPDCUwEbYXrEeL2-dVB0x5QFVXeJ-PSELP6det5EqS6Is0ChfiCCm1ft7RzyZQMHxcnfkW1H2at8XiZQcYJ7DAsfX4XEnb6jmaPvKVw8i1cC8L-vI3ppkxkOKAhkX9HYMG0pcEVLIW_Lt1x4QJdQ&sai=AMfl-YRoBj4MIo4Sz9fszQyIEfWLjpEsGvMJ44eW4Ak8ytqEfkTHvEdwnJG1UONbvYQHLAaGuEWzHLXS3uQ9UNg1NmccJZFjmWKmIVOx1pXIf9AOWjd4pPCeChGckW0vHTyF&sig=Cg0ArKJSzMBHx-EpyeROEAE&adurl=
Frame ID: BABE1E88FD6FD92659C6F4B0BC457099
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupvrnBFjg2kUzU6su7FAnTqtaLen7xyPyKNCPGNfHfhP90cwtiSz-9YkQ5OePw6zTDeV5wV-fV7fNhk1u4B2EbdRFJ8ViHyUVuMEeT_TIo_ROSYQjAOpRv08aXuOWmsMs7q09-kuNo5js_d2uG0P2KtZ5cKM4fv75j4EHNHt7teIMHUk6kgcFh0sG1zxoWoD1vdfSoRKRtd211q3rjFTswpdc-jl5k0ACBy_qsCDc9Yv323tiXb-HXRKD_gy21xM2ygKLUJGCcoTodP1wqzwKjdZfXEkVAuA&sai=AMfl-YQeW40Yj1VDU_5BY9uMMUcJy_IW7J9TWeEk_RlqqSotEbicsftCQemE2XrGx6YYmu4jWg-89Bd30LwNeqpduWVCtcJ8jQmpWTj8545XH-dpqr2Vk5-3XqO6Qk8iNvLw&sig=Cg0ArKJSzHaQM_5dWPy0EAE&adurl=
Frame ID: 3DB77E9253749E530C3A4421E053C65A
Requests: 8 HTTP requests in this frame

Frame: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 89DE550874AFD553F0DBCB5BA836C9AA
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvoATCQKShKeS6qVuBP0KISURyrYDik7Sedhz_vjqXjMZeFdP5tp_bLqQkgPIoNF9YhpyEUIr1gNRnO5a9c3O_HM0_VTveLMWVJGDqqlJMIFnjg10hM-xPzqML5sk7OIYc4uqZpbCn4uzKytMhvF3EcsEaS1TteKXXwAHO-fc9LKy-uyzNguZHciSkrbigsUWTdljubrgRrPLinZSo_0WYn5K0jb_3Bid2fC0yPZ7l7h9Gl2ovf-ZQ_16TETpszQ3SYHevrmVTlrRXLHNVe6ZsinKE4-7Z-SfSiN2-r_hXRWjLVyw0&sai=AMfl-YRswW669pNp3bxqXjVAsKixKQf2NRcHUhLSOfxz_yjhSLbFD3tZzXLKejkkNwmnUjTWZVJ7SFL3J6-iPzjQ17Hzd762qlClpyQ3K5cCAuBTITHaYjfilBFFn-wbT2ix&sig=Cg0ArKJSzBi0OCpPvoH9EAE&adurl=
Frame ID: 747B333A42909C204622E2AE93301683
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1wgIQ6_3nAhiX_segATAB&v=APEucNVbgJvCih9fGceRh5ZThJcC5n8Szp7KhCHYTIdcWdGhPrUmQ8WqfgD7yc8SgR3Jz_DBlbeMFW7qxGbmf0DVF7nQ1V6aMFnGK5Qd0rA0kBehFfae930hyob-PfSiEY_8KTGFmikZ0mvK7__r2pv6Q6W2VHQwMSfT06GcZlMR8IMBY1hdUl8MIJrpeJg3ZHVgIJN0fqb9TvB8YR-QI_Ky5DB_TvybUg
Frame ID: 72FCFB15FCB6E0DC43E17013DE86E767
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0aC1DTAB&v=APEucNXLUMop7GvYEkgIbjYZW2QeG9jBiq4uKLoagp8za_KC9cZn3Lcwd4Xv0ZBZ2SM5z-lCutCv1KHupKV0B9kEMvxYZPTz8_tQIsK0_wDTCSAEWVi7Kyo4CoIcK1uErWhz6he8rwIT3nVfhsy0HmTmIcM0DcjoxCUJfOYH_tvDYW9zyyhziNLzwozLTepjMTS-jZ3JdIUpPimFIoenC2bSXpQk5fXC0Q
Frame ID: D54853093D316DE499AE7665B1D2EF0A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B116q6LwUoAujxD_aynChE-_myCfuf1GgjT3okJygda_QZbbX2b1xDYZwwNJQcRL7DCxVNbBmNnpKV8a73pd0C7i_KdJQGL5kOpvP6SYlBSLji9yvTRTWoj7x3p_A2djOaIP6tHAILROlmaMEhwDPJ0dqGaQ&cry=1&dbm_d=AKAmf-Daqv_ACKkgTYCkfV1R5VHVPq8ceLdcWb3PURaCWHSyLPjfj3JpzTLzXA65f1tvGCYUiLKmA5vK7lo1oyaGJUbkbgtImcEo2ndfvbFdhV-JlSjJdf1pl-2rYOZN7icszoOn8QuB1txiXakpc7Hsgep6puHlrn6ChewxqDD_7y4FVoepXvGxxNxltf0C1zncv9W_36dWPBiwKYq-ADF3sAgOMSVuEoybC_4z74_-ymoygYiOqd0eWgLcD5OeyB867shFYJnQtOquQ52aXxZQY096derg74UacmrZ2JDRfRIlPK7LE6eV8Mlwv8b1g0AiG7g2hfTsyJxAoQF1IehPGPXBBoyx1iIR7nV3R9K4M5ZPCzy7mdnwjTxYeMD_kNm3MvLg6GvudIO18HGu6c2QUkieJZ3Y8xwLzueY6_eZ2gsHFHCEpoh9NKepC0GIQ7-Eqsdz9vDqaSFAVsFeuTauV9c7w1SDcAAmvfcsJ-9ta_MuawByfnUQI8crEfKqpBmU8YhKiQAMMah6Z_z5Fbt36V3wXHSmaFCNbrXQqBWdLSTxOcEEJaOMpFnUbN0m-f2Chl53ZbEkhNIgV1lCQAiZGBaqdkem_z0pMwLGKWvEbloEsGOZA2NEMXzLvUMVAa2ne5n2R62pWgV2W0NdUQgEBD-xjeDG0qvZGrl-RQ7xhix4u2fbunecCifPY7jt-SiuVVSHkPamkWByYBF_vEgkKf_of4ZauaWzUSgdBTzxbHv04ndazfGV-SpNU0dChlSFbWQVXZjFbBugzOuJdhb1YjvjpTBFlZ-b7UwN-784FFEFeHXawIlzM4PjfnxkkYB0ESrzEZZEDOmceG-t-lgzuD_MmhIO-qMXjY5NWIm-Ruz-of9ijSSRjaCm11QMA-EZHVEmo1P7c_BAx-NDExrqytNoqCCtxddbnZTe3s3aWP6TUov6wov4fnJ3NMSV-9MusGw8at5ozXEMusPlRZv2iZHfQSeqpRohrjk8NGRNjI0anLekoBNHYbJtGNXJnUFkkJcMzCj3awGSgZkBmvLsZRi6ckfBZnoDFWAvzuzUwFJsCzpJADH8OvRHP-Z3_4GBj7UiMkBLPOLawfBfRMsQVTP2Z9VxYYwn4QDJc4dRTxJ7WZhHCjlPW7PPUn4YdJQcDDaYxS0yjEw-esBwu8NcqEYrmPeLHdoWOiOU1szBDcWNnAAhyK2nkf87RB5zZCOhB0DJ6UclQfE07xhiTNbxlTKNfBwP57qMs0jD66AleVZb4Jsfu1pFAc0gNgRVkMScjhdB3IFe2_7erinWNCrmdbTLmEVtOpNd3fixfbQQSH8j-J93gX_aKEf647MLcNTKDkj2CPevDk_6cfkllnUFjtDVMSR2UNfNL9kreWWXW7clmsZk7gI1VdBL7sVe55SCgn3fi5RNBYjXzBLBCgTbgWl_4BJZadj1otWNCqhtG7RMWt0W8MSDBxmVoM-t9aj6HUC0lvtjjLBzW2oBsOjkq97jFWMWg5xaqZOMeOw7bVBBBf_gtTKyIayNrVg5Ndb_ornp6749qWgtx9P74MN0ZQgaLugY-Tpq-JEtfgbzSKBy8c9YTDf73O9X32bLIvuFCfmUBq4gd-dTSJE2jhTfCRiODgSkXDEY6L1D3v3-PUrHM0Dvo2-a5sCaJ6Wh0pJwSLw1Q0FRYxu4wRpToQOlL0r2rc5yc-acQ4zO6SAEU8wJO-TX3Jnp-uiAUfFkWfgrRQZcaFdyYqs76EozkFp-Ny-FP9iC9fKJxUOWe6riBZWVGiAdcnzPZEtJ6lzzYqJFpYkd--aIUIRqy62opyNDuzCnVnNdaUbeNS95AurzNPN7Eekzej07bvGXShmnGx7APqZSzibz_ViSKIjfFbQSYzGPfrSHG5gey_f5CdKGAIuVHfFnPcC81tlALr-4OzKiZpCvHcjP7ExZPFDoy0rM_4RMO_KpFylBjwnFBAjsJpsa1DxNmkEwml6XGHQWcrjg0bZ3TWyHvPkdvWwMhFrIo0XP9CNBJJxAKHZ2MdKq5uB71i5C10faMGWTx98Jfi3SnXsAFBpXpAcZWpBDH-1JWCU6LlKptRRyf81n6kY1ZqkYVQ8WHSzZQKnwB9OB2Nsz9JxcRnYY0B2IZIMf4DJdELyt29yEVPqXQnYAAN41lcyI1EEPbTzEtHxI5cmTSLq6gK0xR8FERnUQLna1LJXT8Phi5r-otyHxOKUxZaONq1OSzycZm_mVU1RcOTXSiqynG5SWVCPRz4SGdGS1ibpgAxkcf8xymaWQh8wOZbq5K-tCI_B-mViCZ34VAW27_l5tta7b9ykXXU_d8N6jBBs0a7U_Hnm0ANiDI14CV2VQc7TYHJU0kVgknOvem9R1HCuC1YnGTGXskq7PUEh8ze9oY4DXYC8WTQAIJlOp8jiL8SYhjJZ4Bu9EClXOFVzGKm0oakWaTG3H76VrzYBPFjca45-Hc8VZiWPpsSFlMXl6oDY0fy34CzePAOPjd0jOUg1d2uJyrxVS0dVwNWEmlrq8REam8u2wz471bv2hwJxim8KGGUBw0_sRuTq6XTo6If7rmjMzz2EWB6t2BGSonciaqUvX1gvOipDOKb5sBznx1De_z2VL3Jo8grnLxsohtfWUKjrWUHlqz050rWaXuLSRmVTtj3qkGb16ZJCdeXTxiunGxEWMJ7-6rAuv2zqBs9o7pnGrjdRksurho67XfElDNaGXx-h_CpnYVQTmFjacJNbbQLQbFtVZFsGOW8bokaGAdULp9fqxP1jsrUKvXLdI_x2HeGCkfktO83GiW9YGN1Tky_9TQ8LpTrE3tt85YCCwPCXg0hVXJSi242nSWD3q9KSxpF_v3Ah-A4Y443MX2_26Vz_7EoaRfMhVv5m8lJm4ElLPEyv6P0M7lJeC2Hx5VqZUhWrBnCxOg3fSnDdQ56NAGYdMhBL8hbfv5VeFupX6Jn5INy35jViJy8SWuo8Cn5f8vK_cf_HLFt80CV1Ap3yuljmgiDgsfS87z_evTydXgGgzkfg5Le06Nu0qMiji6vDKwsOaX-PCGNw7oijakZz0BSwnYeNw9C73lLwjqEgvNlsizHjlnw-YIwfAuFcyBrgEJ37R05JXmcDJVBWoEXL4jvAckbcCVVAqOI3jTPdzR7oTo5jwrJvT_TvHvpBugGeZJMidL6Ho7mT3aGR6cpTPfMmvQsfUFsDM_LIWdOGcUTzS_O10&cid=CAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64&rfl=2%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240
Frame ID: 35A5F42800BD32D6BD43A4858F3F04D0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0KC1DTAB&v=APEucNWfvtcYatR3osRMVo69C5iSrLsHVRLpQOKIuebtBbL-jLwFmz4fVpSZOcDGGgn2uLMHPB_xU6m-oqHOhL913KtSVAN1FipMicgP3ZJfMJ3Ts4kRjGRwRhQJMCgV27t-jfuwD8ManO0h-YUlyC-GeXIOpgmGBFAzSf2EYJ-IlJIdUfyWpuk41hu_YVYsvvHxlAQ6B3ccwMHCkT4shghQpjYT4N-x5Q
Frame ID: AA47693B20F05392FABC18372E8B3235
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1wgIQ6_3nAhjblcigATAB&v=APEucNUoIRB_uDU7dC1qSkxj2kxTzG13fQms_5jH_uAGmrANlF390XRLgDwpcLdhSxdmZmWwq_PF3deSwzwQhsZ-G0xqcZA32BnMp6TFebHQ5y2BOeATl2rxpEvvs7kLJjaEG8YbgTDWqR9Ykns2Nu_sEuvDXs4vGdyTkxPD_9ptIMPhK14amfRNygoEl806GnRcoscI2FzioE-VQwbg-BWc8nm695cT9g
Frame ID: 4B371504B1634CCAEE60B167C63938CA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F69E2593CCE1366FA24E947B07567A6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9753181/1616405701336/index.html
Frame ID: 2E699D8E428565F54917CAD8EAC61486
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 136941B3410677F1AF2E1FC96B87C9E2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9753181/1616408639469/index.html
Frame ID: CA89A6669E3B70556BCB387F9FEE0F3C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD8E92E16B84C304F073DA6AD26E987D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F072E82BBA892FADC2D9B06D52335401
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D7C81ED3D8352AF8C840348B19D01CFE
Requests: 3 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/bg_home_noticias&eolid=5637487867&eci=138342517027&ct=%7B%7D&w=1750&h=720&wsRotSlot=&isda=0
Frame ID: 794284609A85B6E317F2D6E5EAF541BF
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=null&eci=null&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=1
Frame ID: 6C59C4C16BB3A8FEDBD9FFE87A6F36F4
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5683055452&eci=138348381137&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Frame ID: 6EE0D71D13038D098CFD99DD4C078AAD
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Frame ID: 51DBA042ACACC17A04295BE3B11A2C0C
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: 4A15A87D34010B2A390C0FD82EAE6456
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374947&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Frame ID: 770FCB2C260C522E25FA7D1BF0C11B80
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Frame ID: 3EA28E808BED5B8CAA37726F91CECC02
Requests: 2 HTTP requests in this frame

Frame: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Frame ID: 5D7AA97CF5EF2DB0CF47647BACBC5F36
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=23027700257614600044684011584025&a=ed584d6d
Frame ID: BF9C091C625B6B5E686BDD6F18D6DF3B
Requests: 4 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=61096500267530700044682011584017&a=14329fb3
Frame ID: AACBF0CF80F38671B4BC05022E947701
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.opovo.com.br
Frame ID: 438A437E63DAB44CDF6F7636AFB8F136
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 827EBB4A27BF84F99A3117B1B1D0C58F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://opovo.com.br.admin-mcas.ms/ Page URL
https://opovo.com.br/ HTTP 301
https://www.opovo.com.br/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

346
Requests

100 %
HTTPS

54 %
IPv6

46
Domains

70
Subdomains

68
IPs

8
Countries

5192 kB
Transfer

9507 kB
Size

1
Cookies

105 Outgoing links

These are links going to different origins than the main page.

URL: https://mais.opovo.com.br/jornal
Title: Jornal O POVO

Search URL Search Domain Scan URL

URL: http://radios.opovo.com.br/opovocbn/
Title: O POVO/CBN

Search URL Search Domain Scan URL

URL: http://fortaleza.novabrasilfm.com.br/
Title: NovaBrasil FM

Search URL Search Domain Scan URL

URL: http://fdr.org.br/tvopovo/
Title: Canal FDR

Search URL Search Domain Scan URL

URL: http://www.populares.com.br/
Title: Populares

Search URL Search Domain Scan URL

URL: http://www.anuariodoceara.com.br/
Title: Anuário do Ceará

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OPOVOOnline
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/opovoonline?lang=pt
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opovoonline/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCj-RTZE-V3Q6jleatRR9k2A
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/opovoonline/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://adorofutebol.com.br/
Title: Tabelas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/
Title: op+

Search URL Search Domain Scan URL

URL: https://assine.opovo.com.br/?utm_source=home&utm_medium=orange&utm_campaign=colors_test
Title: ASSINE

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/
Title: Notícias

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/politica
Title: Política

Search URL Search Domain Scan URL

URL: https://opovo.com.br/noticias/checagemopovo/
Title: Checagem O POVO

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/mundo/
Title: Mundo

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/fortaleza/
Title: Fortaleza

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/saude/
Title: Saúde

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/economia/
Title: Economia

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/tecnologia/
Title: Tecnologia

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/brasil/
Title: Brasil

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/curiosidades/
Title: Curiosidades

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias/ceara/
Title: Ceará

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/
Title: Esportes

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/
Title: Futebol

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/times/fortaleza
Title: Fortaleza

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/futebol/times/ceara
Title: Ceará

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes/futebol/times/cearenses/
Title: Cearenses

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes/futebol/copadomundo/
Title: Copa do Mundo

Search URL Search Domain Scan URL

URL: http://opovo.com.br/esportes/maisesportes
Title: Mais Esportes

Search URL Search Domain Scan URL

URL: http://opovo.com.br/divirtase/
Title: Divirta-se

Search URL Search Domain Scan URL

URL: http://opovo.com.br/vidaearte/
Title: Vida & Arte

Search URL Search Domain Scan URL

URL: https://opovo.com.br/blogs/
Title: Blogs

Search URL Search Domain Scan URL

URL: http://especiais.opovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: http://people.opovo.com.br/
Title: People

Search URL Search Domain Scan URL

URL: http://populares.com.br/
Title: Classificados Populares

Search URL Search Domain Scan URL

URL: http://empregosecarreiras.opovo.com.br/
Title: Empregos e Carreiras

Search URL Search Domain Scan URL

URL: https://opovo.com.br/falecomagente/
Title: Fale com a gente

Search URL Search Domain Scan URL

URL: http://bpop.populares.com.br/
Title: BPOP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OPOVOOnline/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/opovoonline/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opovoonline/?hl=pt
Title: Instagram

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas
Title: Colunistas

Search URL Search Domain Scan URL

URL: https://assine.opovo.com.br/
Title: Assine e tenha acesso a uma nova experiência multistreaming.

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/neila-fontenele/2021/05/03/trade-da-moda-busca-novos-tipos-de-incentivos.html
Title: Neila Fontenele Trade da moda busca novos tipos de incentivos

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/boris-feldman/2021/05/03/quem-ve-cara-nao-ve-coracao--mercedes-com-motor-renault.html
Title: Boris Feldman Quem vê cara não vê coração: Mercedes com motor Renault?

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/eliomar-de-lima/2021/05/04/pontuacao-nao-pode-ser-lancada-em-cnh-antes-de-recurso-administrativo.html
Title: Eliomar de Lima Pontuação não pode ser lançada em CNH antes de recurso administrativo

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/alan-neto/2021/05/03/ceara-esta-errado-ao-poupar-titulares-contra-o-bolivar.html
Title: Alan Neto Ceará está errado ao poupar titulares contra o Bolívar

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/plinio-bortolotti/2021/05/04/pazuello-foge-da-cpi-com-a-desculpa-de-ter-tido-contato-com-pessoas-contaminadas-pelo-coronavirus.html
Title: Plínio Bortolotti Pazuello foge da CPI com a desculpa de ter tido contato com pessoas contaminadas pelo coronavírus

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/colunistas/ariadne-araujo/2021/05/03/maes-desconfinadas.html
Title: Ariadne Araújo Mães desconfinadas

Search URL Search Domain Scan URL

URL: https://compredopequeno.opovo.com.br/
Title: Clique e conheça

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/olimpiadas-2021/2021/05/03/como-eram-os-jogos-olimpicos-da-antiguidade--que-deram-origem-as-olimpiadas.html
Title: REPORTAGEM - EPISÓDIO 3 Como eram os Jogos Olímpicos da Antiguidade

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/economia/2020/12/28/assinantes-o-povo-mais-ganham-descontos-em-mais-de-60-servicos-no-clube-op+.html
Title: CLUBE OP+ Assinantes O POVO têm descontos em serviços

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/
Title: JORNAL

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/reportagem/2021/05/03/tasso-e-suas-chances-na-disputa-interna-do-psdb-para-definir-o-presidenciavell.html
Title: Tasso e suas chances na disputa do PSDB para definir o presidenciável

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/cidades/2021/05/03/leitos.html
Title: Ceará chega a mais de 5 mil leitos extras para atender pacientes com Covid-19

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/paginas-azuis/2021/05/03/wally-menezes---ifce-e-uma-instituicao-que-quer-fazer-com-as-outras--mas-tambem-sabe-fazer-sozinha.html
Title: Wally Menezes: "IFCE é uma instituição que quer fazer com as outras, mas também sabe fazer sozinha"

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagensespeciais/
Title: REPORTAGENS ESPECIAIS

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/28/agrotoxicos-banidos-na-europa-por-alta-toxicidade-sao-usados-no-brasil.html
Title: Agrotóxicos banidos na Europa por alta toxicidade são usados no Brasil

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/reportagens-especiais/2021/04/30/ha-200-anos-morria-napoleao--o-homem-que-mudou-o-mundo-e--sem-querer--transformou-o-brasil.html
Title: Há 200 anos morria Napoleão, o homem que mudou o mundo e, sem querer, transformou o Brasil

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/
Title: SÉRIES E DOCS

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/memoria/walter-benjamin-2020/2020/09/27/walter-benjamin-e-asja-lacis--correspondencias.html
Title: Walter Benjamin e Asja Lacis: correspondências

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/flip/
Title: Assine e leia a Edição Digital do O POVO

Search URL Search Domain Scan URL

URL: https://opovo.com.br/noticias
Title: Notícias

Search URL Search Domain Scan URL

URL: https://opovo.com.br/esportes
Title: Esportes

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/05/04/casa-das-rosas-promove-serie-de-debates-sobre-o-forro.html
Title: Música Casa das Rosas promove série de debates sobre o forró

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/05/03/karim-ainouz-conta-historia-de-amor-dos-pais-em-novo-filme.html
Title: Karim Aïnouz conta história de amor dos pais em novo filme

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/05/03/mestre-carla--uma-vida-dedicada-a-arte--a-educacao-e-a-educacao.html
Title: PERFIL {/if} Mestre Carla: capoeirista tem vida dedicada à arte e à educação

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/05/04/programe-se--confira-a-agenda-de-atividades-culturais-desta-terca--04-05.html
Title: Programe-se: Confira a agenda de atividades culturais desta terça-feira, 4

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/vidaearte/2021/05/04/bbb-21-chega-ao-fim--do-cancelamento-de-famosos-a-ascensao-dos-anonimos--programa-mobilizou-internet.html
Title: Reta final {/if} Do cancelamento de famosos à ascensão dos anônimos, BBB 21 mobilizou a internet

Search URL Search Domain Scan URL

URL: https://blogs.opovo.com.br/ancoradouro/2021/01/11/papa-francisco-abre-ministerios-do-acolitato-e-leitorato-para-mulheres/
Title: IGREJA Papa Francisco abre Ministérios do Acolitato e Leitorato para mulheres

Search URL Search Domain Scan URL

URL: http://www.blogdofariasjunior.com/2021/02/conheca-as-nove-infracoes-de-transito.html
Title: Blog do Farias Junior Conheça as infrações que não irão mais gerar pontos negativos na CNH

Search URL Search Domain Scan URL

URL: https://blogs.opovo.com.br/tomodachinerds/2021/02/01/filme-macross-delta-zettai-live-ganha-novo-trailer/
Title: Tomodachi Nerd's Filme Macross Delta ganha novo trailer

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/opovo-doc/atravessar-a-pandemia/2021/03/21/episodio-5--vida.html
Title: Profissional de saúde diabética e hipertensa na linha de frente

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/historias-transformam/amor-transforma/2020/08/03/episodio-1--mulheres-transgeneros-nascidas-em-lares-evangelicos.html
Title: Episódio 1: Mulheres transgêneros nascidas em lares evangélicos

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/ceara/ceara-a-mesa-culinaria/2021/02/18/episodio-7--molho-de-tomate-ao-pesto-alencarino.html
Title: Episódio 7: Molho de Tomate ao Pesto Alencarino

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/entrevista/ciro-nogueira/2021/04/03/o-homem-que-vai-vacinar-o-pais-e-bolsonaro---diz-ciro-nogueira.html
Title: "O homem que vai vacinar o país é Bolsonaro", diz Ciro Nogueira

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/webdocs/entrevista/luiz-henrique-mandetta/2021/03/04/entrevista-exclusiva--luiz-henrique-mandetta.html
Title: "Bolsonaro sempre jogou contra", conta Luiz Henrique Mandetta em entrevista

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/
Title: Especiais

Search URL Search Domain Scan URL

URL: https://agirbrasil.com.br/
Title: Vamos agir

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/borboletas/
Title: EXPEDIÇÃO BORBOLETAS

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/violencianainternet/
Title: Violência na Internet

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/osvoosderuediger/
Title: Os voos de Ruediger

Search URL Search Domain Scan URL

URL: https://especiais.opovo.com.br/energialimpa
Title: Energia Limpa: o Ceará contribuindo para o futuro energético sustentável do planeta

Search URL Search Domain Scan URL

URL: https://people.opovo.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/04/18/mulheres-que-gestam-a-terra.html
Title: Mulheres que gestam a terra: escritoras indígenas cartografam vivências femininas

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/03/28/a-casa-no-isolamento--dicas-para-redescobrir-o-conforto-no-lar.html
Title: A casa no isolamento: dicas para redescobrir o conforto no lar

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pause/2021/03/14/o-prazer-do-texto.html
Title: O prazer do texto: escrita como arte, ofício e memória

Search URL Search Domain Scan URL

URL: https://comunidadenerd.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://cosmonerd.com.br/listas/6-motivos-para-assistir-cidade-invisivel-na-netflix/
Title: Cidade Invisível | 6 motivos para assistir a série brasileira na Netflix

Search URL Search Domain Scan URL

URL: https://cosmonerd.com.br/filmes/critica/mulher-maravilha-1984-critica/
Title: Mulher-Maravilha 1984 l Um filme para aquecer o coração

Search URL Search Domain Scan URL

URL: https://comunidadenerd.com.br/literatura-e-hq/2020/08/9999157-turma-da-monica-e-jovens-titas-se-encontram-em-animacao-do-dc-fandome.html
Title: Turma da Mônica e Jovens Titãs se encontram no DC Fandome

Search URL Search Domain Scan URL

URL: https://empregosecarreiras.opovo.com.br/
Title:

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/23/conexoes-humanas--em-tempos-digitais.html
Title: Conexões humanas em tempos digitais

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/23/educar-as-novas-geracoes.html
Title: Educar as novas gerações

Search URL Search Domain Scan URL

URL: https://mais.opovo.com.br/jornal/pop-empregos-e-carreiras/2020/11/16/os-caminhos-da-transformacao--digital.html
Title: Como seu negócio chama atenção?

Search URL Search Domain Scan URL

URL: http://opovo.com.br/noticias
Title: Notícias

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/acervo/
Title: Acervo

Search URL Search Domain Scan URL

URL: http://assine.opovo.com.br/
Title: Assine

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/revistas/
Title: Lab282

Search URL Search Domain Scan URL

URL: http://fdr.org.br/
Title: FDR

Search URL Search Domain Scan URL

URL: https://www20.opovo.com.br/hotsite/cartoes-o-povo/index.html
Title: Clube O POVO

Search URL Search Domain Scan URL

URL: http://opovo.com.br/
Title: O POVO Online

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://opovo.com.br.admin-mcas.ms/ Page URL
https://opovo.com.br/ HTTP 301
https://www.opovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png HTTP 301
https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png

Request Chain 142

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1620160044923&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620160044923&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1&C=1

Request Chain 232

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJGuLgaob6GNrcNnPkEflQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELX4kd_gzOOH7GRxx_uPjH8&google_cver=1

Request Chain 234

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDUwODg1OTQyNTgxMDk3

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE2DG4f-UgQjgsSHUDG8464&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEE2DG4f-UgQjgsSHUDG8464&google_cver=1

Request Chain 236

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQxMmM5ODEtNDNkNi0yNjcwLWRlNDMtYjMyNWIwOTE4MTNh

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKezYJaEZ8KMsOaDGekdzls&google_cver=1

Request Chain 238

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTk2NjdhMTUtNzlmNi00NzY1LTg4NTUtYzZmODA4MTE1ZTE5

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEHz4vCOLezLGTsATwvHumc8&google_cver=1

Request Chain 246

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOMlUPRp-cXR2H2YmoZmBA4&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOMlUPRp-cXR2H2YmoZmBA4&google_cver=1&__user_check__=1&sync_id=23ebec14-ad17-11eb-902c-1a7cb9e30506

Request Chain 247

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=23db68e2-ad17-11eb-b55c-19da87bf0506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjNkYjY4YWUtYWQxNy0xMWViLWI1NWMtMTlkYTg3YmYwNTA2

Request Chain 252

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1TNEo3Y3NkRTJ1R0VNNXFmMnhOM0sxYWZLRC5fZDY2NX5B

Request Chain 264

https://hal900025.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=e8f9864fed&subid=&uid=75dc0239a6d2cade&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCS6ZmLK6RYN-cEcuAjuwP97GdKIGI4dRg8oz_uOME8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9B9MHVfUqXpnjjjNnoZnW8MDqoZYy0sDlwbngIOBHrEuaA4gwyWyK0_Dq2mYABmAtYshOcvlNVgmW5dW_R3YIWZOt34LT_-BPmVhlu7H_LJl5D1Wz1XbLB5dZvMuapYopbtMRrFmKEkxm7x-U-e1Jo0qea1_qM4b7wS0btTQirHxhzjuKWvgADNyeNQk-QqSQ-pNNnEJ3iYjqjycqcmPBolvDpTHWzNCwPhNZIXeuWHNZnoAOypuANBn5fAbnaW_oQ9ijnBCN443_QVhXs0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64%26sig%3DAOD64_1eBtwyScE1wzt3euqYkENtt44TYQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AO-gEoZSCWEjkbTco4yUuQoSYLTgUR7tg7LOKf1Zxk9UGf8Qhftqd6lAAagDLhYgaePKI0S-eIC4r0rljd2Fr8R9us72kEUH3i8_9y-qHuF0tbUqhv8M4Yf3kBl_dxmSsff3gkRyRyws4G6Pd-0C2aOPfMfw%26cry%3D1%26dbm_d%3DAKAmf-DQjwyKQhLs21gMV_HLroCLKVYF9YDTIIRRPFKKScO60mTDz-j1eTbp-VPkEmo3FNY1HkuFvYb-7zQ8sZIr2m6kk_lnIqjPeqRAt6P2cs3Jh2tx3xTfN2GzWjpnWSjbzvyxNkbzKuAXoqkHg9r6WHZKMHgFL8Q_C0WY5cs7I4Y70gvP8We1H-hbPEMKGpEYe3g6Cyd_G1fe4MJmqBm2I44c1a5mXobfdHqmRCvyQTjExI_R8aIoZwddr3Pcfruw0ioOh5NZlszBrA9g_xXxbhnZ99bjapcUS003DWnlAykuhivOiaPNZerhfmJDoZoVr_4gLmjOD60Eg1chk3FH8LD4xfy8o0mx7js83OV-7XE5RziQvqcmuYpaPbaoQoVm01Ms5gYc6RHRDo8uiJSFAguHY-vOBtFXom20Z0b3hPeACuwZZYOZFsnXcoIH3NmfrJYjVly0%26adurl%3D&documentReferer=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=3296301867788&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900025.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=e8f9864fed&subid=&uid=75dc0239a6d2cade&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCS6ZmLK6RYN-cEcuAjuwP97GdKIGI4dRg8oz_uOME8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9B9MHVfUqXpnjjjNnoZnW8MDqoZYy0sDlwbngIOBHrEuaA4gwyWyK0_Dq2mYABmAtYshOcvlNVgmW5dW_R3YIWZOt34LT_-BPmVhlu7H_LJl5D1Wz1XbLB5dZvMuapYopbtMRrFmKEkxm7x-U-e1Jo0qea1_qM4b7wS0btTQirHxhzjuKWvgADNyeNQk-QqSQ-pNNnEJ3iYjqjycqcmPBolvDpTHWzNCwPhNZIXeuWHNZnoAOypuANBn5fAbnaW_oQ9ijnBCN443_QVhXs0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64%26sig%3DAOD64_1eBtwyScE1wzt3euqYkENtt44TYQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AO-gEoZSCWEjkbTco4yUuQoSYLTgUR7tg7LOKf1Zxk9UGf8Qhftqd6lAAagDLhYgaePKI0S-eIC4r0rljd2Fr8R9us72kEUH3i8_9y-qHuF0tbUqhv8M4Yf3kBl_dxmSsff3gkRyRyws4G6Pd-0C2aOPfMfw%26cry%3D1%26dbm_d%3DAKAmf-DQjwyKQhLs21gMV_HLroCLKVYF9YDTIIRRPFKKScO60mTDz-j1eTbp-VPkEmo3FNY1HkuFvYb-7zQ8sZIr2m6kk_lnIqjPeqRAt6P2cs3Jh2tx3xTfN2GzWjpnWSjbzvyxNkbzKuAXoqkHg9r6WHZKMHgFL8Q_C0WY5cs7I4Y70gvP8We1H-hbPEMKGpEYe3g6Cyd_G1fe4MJmqBm2I44c1a5mXobfdHqmRCvyQTjExI_R8aIoZwddr3Pcfruw0ioOh5NZlszBrA9g_xXxbhnZ99bjapcUS003DWnlAykuhivOiaPNZerhfmJDoZoVr_4gLmjOD60Eg1chk3FH8LD4xfy8o0mx7js83OV-7XE5RziQvqcmuYpaPbaoQoVm01Ms5gYc6RHRDo8uiJSFAguHY-vOBtFXom20Z0b3hPeACuwZZYOZFsnXcoIH3NmfrJYjVly0%26adurl%3D&documentReferer=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=3296301867788&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 285

https://hal900017.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=67abbec313&subid=&uid=88ac87ecd6ff48ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Q7OLK6RYOCcEcuAjuwP97GdKIGI4dRgy8Cx49sE8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9Bjbt5Dw2aOh02GmhtKiCNoC0SteGMG2V3LvEU7HmTactqbsaBijWYGfIwD7N7mLt3YnpzTSW66j1ZROs1xJ-PDi8vZmkYVF1QkMWD0dVHJpDuo8U1jWDQOJarrirMvp8BJeX9sJZ_CzR2xFM_i73VlwahGfnyeDaavhmicS3toc9nHW2bAosfYE7Kz7Vsl02pWNMY0TqZfaiow8exzxaIL8jX7mhgp9lbqZpLrspcOYeSWgk68zXSFB8_axE6xS6lgU4eK8tGkt-PPrPc0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRo5_DLtJGnLXvciSw49Rbknee1XH089ljCZpI-u0R8s-RI6U7zgcUuclGGosstUDwc184wF87tpDdbktM%26sig%3DAOD64_2J23Br0618W7ggxPN4lWiDh1JHdQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AxC94_gowSfBsmYN8YKkbgvRGi9Gq75NZaphoO8js37YIzry10fL5Q87xLccy0e3otKEog9QTG-ulNrbPliX2w1R8uWoLWiLx1qWTSsrA0MM4J2YCYxmz2E0kwoIKdgLt5uW2Vm_483skgREF03n2JIXaAGg%26cry%3D1%26dbm_d%3DAKAmf-C5uqtpoK2d9FFLqiPEObL5q4tAqpOnDT3meqDqv8rTVXycskRTx1ESSfltrxsExUH8IEv2vVLjXeYrtPtg1ClyxnDmdp8YhZjFbGtzJ42II-dQ1rxSIP_HPglHobJy-ru7Y7Ani-jRJjPX669Cr1_AMdZinaBRPvLegdMHc7DGoWfF6bbiEIBGB9jCvVOdZHFa6BDQHFuz7H5s1kshKo3cElCd68g2p4ZRgFAfMmEtRKPJnbvfNV5trMaA2OHdxIZnC19ueLmsIfWw5hn1JcRbXVVABMaS2ZPFl23P2r6hIqQ8zQ5Qn4S5eaowEc1UVKSgB2gsWNm2ou6Z-0gYBRickIKH3-F4M6wXxnrPUaGPu_ZWUyl2KRJPIi85PyhYuTn8n1DC0idMyEjtolZxbBZnf3c3f3mrEnYDIX2iloMuGsw8URzfqasQ4fRh65LwctNbdZV4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=2809781353484&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=67abbec313&subid=&uid=88ac87ecd6ff48ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Q7OLK6RYOCcEcuAjuwP97GdKIGI4dRgy8Cx49sE8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9Bjbt5Dw2aOh02GmhtKiCNoC0SteGMG2V3LvEU7HmTactqbsaBijWYGfIwD7N7mLt3YnpzTSW66j1ZROs1xJ-PDi8vZmkYVF1QkMWD0dVHJpDuo8U1jWDQOJarrirMvp8BJeX9sJZ_CzR2xFM_i73VlwahGfnyeDaavhmicS3toc9nHW2bAosfYE7Kz7Vsl02pWNMY0TqZfaiow8exzxaIL8jX7mhgp9lbqZpLrspcOYeSWgk68zXSFB8_axE6xS6lgU4eK8tGkt-PPrPc0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRo5_DLtJGnLXvciSw49Rbknee1XH089ljCZpI-u0R8s-RI6U7zgcUuclGGosstUDwc184wF87tpDdbktM%26sig%3DAOD64_2J23Br0618W7ggxPN4lWiDh1JHdQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AxC94_gowSfBsmYN8YKkbgvRGi9Gq75NZaphoO8js37YIzry10fL5Q87xLccy0e3otKEog9QTG-ulNrbPliX2w1R8uWoLWiLx1qWTSsrA0MM4J2YCYxmz2E0kwoIKdgLt5uW2Vm_483skgREF03n2JIXaAGg%26cry%3D1%26dbm_d%3DAKAmf-C5uqtpoK2d9FFLqiPEObL5q4tAqpOnDT3meqDqv8rTVXycskRTx1ESSfltrxsExUH8IEv2vVLjXeYrtPtg1ClyxnDmdp8YhZjFbGtzJ42II-dQ1rxSIP_HPglHobJy-ru7Y7Ani-jRJjPX669Cr1_AMdZinaBRPvLegdMHc7DGoWfF6bbiEIBGB9jCvVOdZHFa6BDQHFuz7H5s1kshKo3cElCd68g2p4ZRgFAfMmEtRKPJnbvfNV5trMaA2OHdxIZnC19ueLmsIfWw5hn1JcRbXVVABMaS2ZPFl23P2r6hIqQ8zQ5Qn4S5eaowEc1UVKSgB2gsWNm2ou6Z-0gYBRickIKH3-F4M6wXxnrPUaGPu_ZWUyl2KRJPIi85PyhYuTn8n1DC0idMyEjtolZxbBZnf3c3f3mrEnYDIX2iloMuGsw8URzfqasQ4fRh65LwctNbdZV4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=2809781353484&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

346 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
opovo.com.br.admin-mcas.ms/ 1006 B
833 B 313ms
65ms Document
text/html 51.105.164.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://opovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.105.164.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

8a8f27d5f642fbfe0360dd006fe85893f660355b21fa662e47a9a5e690f0bce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: opovo.com.br.admin-mcas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Tue, 04 May 2021 20:27:22 GMT
x-mcas-request-id: a1c4345114b10ccf7b6982c25acebedc
cache-control: max-age=0, no-cache, no-store
expires: Mon, 01-Jan-1990 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.199.30/js/ 5 KB
5 KB 120ms
7ms Script
application/javascript 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-store-helper.min.js
Requested by: Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://opovo.com.br.admin-mcas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 04 May 2021 20:27:22 GMT
last-modified: Sun, 25 Apr 2021 09:30:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D907CCBCE49DA3
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: faf88c0d-801e-008c-5638-3a198f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=5824
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.199.30/html/ Frame FD9E 281 B
727 B 7ms
7ms Document
text/html 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://opovo.com.br.admin-mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovo.com.br.admin-mcas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Sun, 25 Apr 2021 09:26:20 GMT
etag: 0x8D907CC2FCC987A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e2cffc70-401e-00f7-5338-3a723f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=5042
date: Tue, 04 May 2021 20:27:22 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.199.30/js/ Frame FD9E 64 KB
65 KB 7ms
7ms Script
application/javascript 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d6a6a7549df79275ef415ba50f979f9b2da8663e174a62a0e4030022ba9acad

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.199.30/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 04 May 2021 20:27:22 GMT
last-modified: Sun, 25 Apr 2021 09:30:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: F1ttwOaWglR5SfRGFzgA5Q==
etag: 0x8D907CCBC9C8B7C
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: faf88e04-801e-008c-0338-3a198f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=5227
x-ms-version: 2009-09-19
content-length: 66024

GET
H2

200

Primary Request / Show response
www.opovo.com.br/
Redirect Chain

https://opovo.com.br/?
https://www.opovo.com.br/

109 KB
24 KB

49ms
47ms

Document
text/html

2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 886928690dcd92c0dbaa7701f4c716b7beb498f5ac77250553ee9403ca75c0c4

Request headers

:method: GET
:authority: www.opovo.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://opovo.com.br.admin-mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://opovo.com.br.admin-mcas.ms/

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 04 May 2021 19:58:11 GMT
vary: Accept-Encoding
x-fivecom-rewrite-portal: home
cache-control: public, max-age=120, s-maxage=604800
x-varnish: 295371338 296945059
age: 1646
via: 1.1 varnish-v4
x-ua-device: desktop
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-cache-status: HIT
cf-request-id: 09daa970c20000175e3faaa000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eTqWCvOvPuiBvmxzBhDqPL%2BYfd83cg5%2F3v%2FE%2FoNCe42wH4%2Bd9I4wqu5B8PKguuNIUvjykNMSZBiR0iXJrGvsf2FoGXtWQn9CbQqsvSJcxZYrwi8N1yVCfhpydWyR"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64a4782e09f1175e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 04 May 2021 20:27:23 GMT
content-type: text/html
set-cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042; expires=Thu, 03-Jun-21 20:27:22 GMT; path=/; domain=.opovo.com.br; HttpOnly; SameSite=Lax; Secure
location: https://www.opovo.com.br/
x-varnish: 299928222
age: 0
via: 1.1 varnish-v4
x-ua-device: desktop
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 09daa96dec0000175e6a05a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pv%2F%2FwyK0kXd6vMWcUHcahcJlQRT4zWY%2BK%2BsA8PCNtiyiXmdbyqxGZmCuphX1xqR8uRyT0XnwEehoMR9JHai4W%2BFIKRj29imdqugaVN%2FFVPGeJG1bqu812AA%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64a478297aac175e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23310373-1

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34eeca9f4684cc45070f687e682404e66467171acc225308f1bd3ed5cf37ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35861
x-xss-protection: 0
last-modified: Tue, 04 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 20:27:23 GMT

GET
H3-29 200 owl.carousel.min.css
www.opovo.com.br/includes/assets/online/geral/css/libs/ 3 KB
2 KB 44ms
19ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/libs/owl.carousel.min.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4

Request headers

:path: /includes/assets/online/geral/css/libs/owl.carousel.min.css
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522408
content-type: text/css
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa971290000d6e585875000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: W/"5d16257a-d1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R10pspIqpJmDEpONGc54GVI2O2a82ubqBbb3w4xsY1MLTJ4gmJuyHsenBSuk%2B4OMmxrVto%2BfgX0jtJjdqc44Yt7foU%2F66RXKRkHWSyNiX81xujRiNXy9P8rwYL4b"}]}
x-varnish: 779194621
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a4782eae59d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 base.css
www.opovo.com.br/includes/assets/online/geral/css/ 126 KB
23 KB 52ms
27ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd822e612a9671c3105c5aeffccbc836004b4fb2b1fb703471de1cf8dfa3973

Request headers

:path: /includes/assets/online/geral/css/base.css
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 875
cf-polished: origSize=163486
content-type: text/css
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa9712b0000d6e5690df000000001
last-modified: Tue, 20 Apr 2021 14:06:11 GMT
server: cloudflare
etag: W/"607edfd3-27e9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v19liiQmn4A5TNbe6qLDj8yyVXMEgZnCQX%2Fw1ys1mD8w%2BRuxs9AVaUXTAlIMBTQ%2BuPFEmXB10PPa03JD7QXLN4kml1T1Q2IqE2ew%2Fb2tu5dDrDD2srrsnE70xRjZ"}]}
x-varnish: 612775751
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a4782eae5fd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 home.css
www.opovo.com.br/includes/assets/online/home/css/ 38 KB
7 KB 45ms
20ms Stylesheet
text/css 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f8832a07c6d150b1e679d807e16734655e3dd45483b601b99fe5fdca25d22b

Request headers

:path: /includes/assets/online/home/css/home.css
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399855
cf-polished: origSize=49736
content-type: text/css
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa9712a0000d6e5203e8000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-c248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p%2BZ3OUh%2F8MdxCdMAQh8aB%2FeiIrONnVNgatrleJOalZaKkGpHRFaHXjFIGseUro%2BtNdWH86vhqT7ruzYp8JgDh%2FI8iT7tF8By3DDkcEYMyHiVcjL6DgFyeMO9I3mw"}]}
x-varnish: 1019873261 1015515561
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a4782eae5ed6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 5 KB
684 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT%20Serif:400,400italic,700,700italic

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 19:43:38 GMT
server: ESF
date: Tue, 04 May 2021 20:27:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
717 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,500,600,700

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d74e57a16f307dccbaa3dd0bfcd61d6228c5683e9728266379672b2611f3ac6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 20:05:00 GMT
server: ESF
date: Tue, 04 May 2021 20:27:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:23 GMT

GET
H2 200 tm42111.js Show response
tag.navdmp.com/ 12 KB
4 KB 53ms
13ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm42111.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ca58bf23e819a415daa325aa0e3a6ad83bc86395468c9ca0c240ecacf2cbc6

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2117
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 09daa9713800004e2631106000000001
last-modified: Thu, 10 Jan 2019 14:46:02 GMT
server: cloudflare
etag: W/"5c375aaa-2e25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 64a4782ecd324e26-FRA
expires: Tue, 04 May 2021 20:52:06 GMT

GET
H3-29 200 advertisement.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 43 B
783 B 46ms
24ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/advertisement.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c6f5ba88cad1d6fef6754b17eff1abfb532089184774d12678b8ce6dccb04f1

Request headers

:path: /includes/assets/online/geral/js/plugins/advertisement.js
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399855
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 09daa971280000d6e581189000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nld9Z45QOSaxxl%2BSGYs1a7gINY66OQGdTaY4uKmQMh5dN8MkIMxtr7XkhMaAF1hoRkngywdw69p6uGWXjz289R5zSqXpb5sB3Qu06B%2FfVUUJWsnat9EHWetP1w6w"}]}
x-varnish: 1019708769 1018527960
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a4782eae55d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 ico-flamengo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 152ms
80ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-flamengo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e555478d721db554d486dc7c2ae2d3f4add3ab554cc81edb702d7f797da132d1

Request headers

:path: /_midias/reduced/menu/ico-flamengo.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408120
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1450
cf-request-id: 09daa973a50000d6e522bb7000000001
last-modified: Fri, 30 Apr 2021 02:59:15 GMT
server: cloudflare
etag: "608b7283-5aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BCezyhPbIaIh7wUmGE4U6PNMWOfVxyERe%2BydU5QyKfhrmsirFH%2FexIlNnNktlNRB1cR2sQLy%2FD%2B%2FAGrHr29OlPzqGTMG8yJdb%2Fdgu59eJVHp5pHtYcKly5FGML2O"}]}
x-varnish: 69407536 67411348
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ace5d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-atletico.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 118ms
44ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-atletico.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eca44b7d480b8ea047f020f2f08763b3e4bbfab06fabf96f0e9f241a75f0a9

Request headers

:path: /_midias/reduced/menu/ico-atletico.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408120
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1380
cf-request-id: 09daa973a70000d6e58603f000000001
last-modified: Fri, 30 Apr 2021 02:59:16 GMT
server: cloudflare
etag: "608b7284-564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vAE5Bb83gFmm26cDpHx5JQCWFeWiSHVRANgJMWfV9TlGc2N5%2FAZg6sZA2Huc%2BZtaAj0ix7huma1Asxk4f6DRiAla8CNLqs2Mzr4czfjqYtMNMfxU9RpD8IrYTamM"}]}
x-varnish: 69179335 68722577
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832acecd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-corinthians.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 151ms
78ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-corinthians.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6ff70d2b7dbbf999cd7817983d70b7a40bb33d63d3b663beb2e4386d4acbd1

Request headers

:path: /_midias/reduced/menu/ico-corinthians.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408121
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1463
cf-request-id: 09daa973a70000d6e520011000000001
last-modified: Fri, 30 Apr 2021 02:59:17 GMT
server: cloudflare
etag: "608b7285-5b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NLJunyTfu3PHOEUxBatl7JVPSR09FvVlsxbjb6CNFsCUa5%2Bpitv7hDVVWiJ3SOjPwnKDPn93B94V%2B2DzYs8%2FDfAmf9pY1RrJ0VXPQ3gXokRqP%2Fl8DBlthqjIyFJs"}]}
x-varnish: 70484411 64108251
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832aceed6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-botafogo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 116ms
43ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-botafogo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c6350cc772c351bbeef48b5faddfb34239ea9942ffb9567e35a7dd64001303

Request headers

:path: /_midias/reduced/menu/ico-botafogo.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522403
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1434
cf-request-id: 09daa973a80000d6e579b5d000000001
last-modified: Wed, 28 Apr 2021 19:18:53 GMT
server: cloudflare
etag: "6089b51d-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v71TGKg9xSpwaFmwYxcCZW666aJDlUg1bGV89AiDgoDK3Y3kGfywJPYwrJyyxOid9UalodZjPLFVKa94n68Z4AYOF06%2FmCKbRyYfcE9wK3H4jG%2BKeHEP3OVmHSVJ"}]}
x-varnish: 937497135
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832acf2d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-cruzeiro.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 115ms
43ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-cruzeiro.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ab42fd2738b6f7e360ecbcf60ed7c532d75e944e85a009a3397f4d7a67c10f

Request headers

:path: /_midias/reduced/menu/ico-cruzeiro.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408120
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1611
cf-request-id: 09daa973aa0000d6e54a83d000000001
last-modified: Fri, 30 Apr 2021 02:59:18 GMT
server: cloudflare
etag: "608b7286-64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NVUdvQKHQg16zUaACUcfoLWNUUYN4EwPCGezpmovefhqtDSWIwMxQscbaWtCUzEVoDV5jmCZolrQ1u7lT%2BiYp3iNw29ZCWFlRc%2BqMsv6VFLrCREIGpf0EYHCyImO"}]}
x-varnish: 72089980 64108254
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832acf6d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-fluminense.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 118ms
46ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-fluminense.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3260ada7a202c54ba790f33e3252c611357eab584bec55f788a13a4e9d861e5b

Request headers

:path: /_midias/reduced/menu/ico-fluminense.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408121
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1441
cf-request-id: 09daa973a90000d6e584a33000000001
last-modified: Fri, 30 Apr 2021 02:59:18 GMT
server: cloudflare
etag: "608b7286-5a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZcIT8SqjLsptinlgu7pjLGlLGobbwSVE7Jbskr37GtVk13dAn92lrv4pAI3rH9%2B3CXBAlSJ%2FfCYCOGOz5GwbsFqeAorge0X5Mb%2B1InlvHUvN3tSiHThNGtq1Z%2Bpx"}]}
x-varnish: 71893369 64596152
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832acf9d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-gremio.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 118ms
47ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-gremio.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8938c6b87446f08d0a7f530f2ea3ac840374ca40d79166f6ecaadfa9b9db407b

Request headers

:path: /_midias/reduced/menu/ico-gremio.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408120
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1644
cf-request-id: 09daa973aa0000d6e57d9a0000000001
last-modified: Fri, 30 Apr 2021 02:59:19 GMT
server: cloudflare
etag: "608b7287-66c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ezmfKi2TTqil%2FK9AUx9l3kdi1WdYYi3%2B7ibqW1X5ippo5%2B8ajeLbmFytvXbatzKWrx85mjZ79HomY7B38IrXsQsHZgtSe1qIcPYQXkFopCgK4wjdnBs%2FarQMTtFC"}]}
x-varnish: 69212363 64596158
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832acfad6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-internacional.png
www.opovo.com.br/_midias/reduced/menu/ 2 KB
2 KB 119ms
47ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-internacional.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03b44c6b400fac519d88ade3058e23c041edcff0494789275a4afb79f717e06

Request headers

:path: /_midias/reduced/menu/ico-internacional.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 875
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1537
cf-request-id: 09daa973aa0000d6e56d8af000000001
last-modified: Tue, 04 May 2021 20:09:31 GMT
server: cloudflare
etag: "6091a9fb-601"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k6CbjxDQvOPoNMh1P940UCYyNJm3sRRT3COz%2FkzABPTjS6QJP8AlGIS1jlP5dcyza3rH0%2Fr1rrwdkeubOpW9omLU0UUtVGg7MJOegw%2F96JchpafXD2XoyogjovjW"}]}
x-varnish: 297926956
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832acfdd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-palmeiras.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 119ms
48ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-palmeiras.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbe8a6f452d3d2a87f60e32668acdaab4e62e50b2ee0b8050d3b3828775f61f

Request headers

:path: /_midias/reduced/menu/ico-palmeiras.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408120
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1495
cf-request-id: 09daa973aa0000d6e5952e7000000001
last-modified: Fri, 30 Apr 2021 02:59:20 GMT
server: cloudflare
etag: "608b7288-5d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IJeby0pXzWLnI%2Bq4PewHrXXzQp5%2BpwqKtZi01YMOef%2FpImvPTZrFTFh%2BDPQm9eEeUsDf5xcb%2BY8Nmk%2B2uGD9iDCYFfPP8OTTqHbe%2BY15wdnSZcChWaG6KNJZyUlO"}]}
x-varnish: 71893375 69114788
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832acffd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-santos.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 144ms
72ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-santos.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f3ed2e08a43cbdaa2c32f0dca58bf95277a89e2b857399ad11d4e0fb656673b

Request headers

:path: /_midias/reduced/menu/ico-santos.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408120
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1525
cf-request-id: 09daa973b20000d6e597144000000001
last-modified: Fri, 30 Apr 2021 02:59:21 GMT
server: cloudflare
etag: "608b7289-5f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JjZzKqh5BlwZjcG3Ok9dHfCeZhfNEBlb20Axdxn9q1fnA%2BRpMR3suUTveQIgu9ba%2BGeGFaZQVpfj9Kx0taecFLL9134gC5oy6ppJ2u5OOANf%2Foj7v5b7VadicB0F"}]}
x-varnish: 69212359 69306540
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad01d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-saopaulo.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 119ms
48ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-saopaulo.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b008731a86ba82dd977825f31b0ba566fd3c693897d3928690cc2582a6f9063b

Request headers

:path: /_midias/reduced/menu/ico-saopaulo.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408121
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1452
cf-request-id: 09daa973ab0000d6e555102000000001
last-modified: Fri, 30 Apr 2021 02:59:21 GMT
server: cloudflare
etag: "608b7289-5ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dmVGH7By06xO99btyf9ENrsNvV%2FPiliThrSSLgGzZDAoN1Lg2Vh1eBuAyaIcCUrSxVDXGlHamPYt%2FwVuBXL366mx1VebPxy4EbdPVutwPMnegj5YFeOsz0g%2BEWbp"}]}
x-varnish: 70484413 68722583
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad07d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ico-vasco.png
www.opovo.com.br/_midias/reduced/menu/ 1 KB
2 KB 119ms
48ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/menu/ico-vasco.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba7fd787c02199e104993472f1cb118b9c77d4db60f3b85149d941d496dc2f8

Request headers

:path: /_midias/reduced/menu/ico-vasco.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408121
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1400
cf-request-id: 09daa973ab0000d6e599985000000001
last-modified: Fri, 30 Apr 2021 02:59:22 GMT
server: cloudflare
etag: "608b728a-578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GwjMuZEltj9d41HfM299PFDbeArIk1ZvQve7wnvG0TCyMM0bJcDDUbbjLWhJ0TQC7c7ey1hum%2BfuwvkiuZMxM%2BT%2BYRKvY3zKb0hLnsmEmFbHFuq%2BCYwfBewDUetC"}]}
x-varnish: 71893371 64596161
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad09d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_secretaria_candida_torres_pede_exoneracao_da_cgd-13130396.jpg
www.opovo.com.br/_midias/reduced/home/ 13 KB
14 KB 119ms
49ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_secretaria_candida_torres_pede_exoneracao_da_cgd-13130396.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb956b256627041467af9a9c76a1eba8e7b0f65e256476f5eb4743fcf440c6f

Request headers

:path: /_midias/reduced/home/1_secretaria_candida_torres_pede_exoneracao_da_cgd-13130396.jpg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 218
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13576
cf-request-id: 09daa973ac0000d6e5649c2000000001
last-modified: Tue, 04 May 2021 19:50:14 GMT
server: cloudflare
etag: "6091a576-3508"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6wR5UAOfDnGMnKA3kMMtoMj6UjJbkT145oNWCiAzafqxx24fxH9ATW70kFhX%2BL7YNjXuLo%2BN4fjjYxqrhywD2e7HKIcc43Mh6YMWRDc5jTFgRYf7X%2BpnEMPN9Z6Q"}]}
x-varnish: 299533234 292757932
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad0bd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_foto_0000000420210218205817-15656142.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
4 KB 119ms
49ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_foto_0000000420210218205817-15656142.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e4e106820d4d62a906002b0389ccd25a162b86249fac7256593642aa06307ff

Request headers

:path: /_midias/reduced/home/1_foto_0000000420210218205817-15656142.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5437
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3390
cf-request-id: 09daa973ac0000d6e56006b000000001
last-modified: Tue, 04 May 2021 18:53:59 GMT
server: cloudflare
etag: "60919847-d3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m1kNigpCbTbEC0%2BtWi9xQVE1lCnp8XPeVrMMBMwrf2TeeqU4U6ivRR8lSgrdHhHpHq9oCsZRzYv7E7QFXoI5edmCYZfYYcz4dCwCFauSe1m0IlvU0qGynFl7Zg6K"}]}
x-varnish: 289800318 288260948
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad0dd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_pliniobortolotti-12638758.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 119ms
50ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_pliniobortolotti-12638758.png?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c97bbefa216e0bc391d8c386a457a9b8a52d3b53d1d01ed1ef832d0fd783fdf

Request headers

:path: /_midias/reduced/home/1_pliniobortolotti-12638758.png?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4977
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2003
cf-request-id: 09daa973ac0000d6e579b5e000000001
last-modified: Tue, 04 May 2021 19:00:28 GMT
server: cloudflare
etag: "609199cc-7d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OoyV4%2FqGCEsc5i3Ty47yL3bOSIoA1h6vcQNDOtdL%2Bfgq1ZrGMJrb4GuLI%2FWHJR9bTHdFmFEFpbLSbSsTOOqxoYmEg7J3sUcvrkyXWUD6xOWIQtXFD4Mxh0d9YXNZ"}]}
x-varnish: 288590049
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad0fd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_ariadne_araujo_op_-15651635.jpg
www.opovo.com.br/_midias/reduced/home/ 1 KB
2 KB 119ms
50ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_ariadne_araujo_op_-15651635.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baefce76538503c697baa4e1191e3ee5ee64bdf92b3bef430d38ac9fb8527815

Request headers

:path: /_midias/reduced/home/1_ariadne_araujo_op_-15651635.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1875
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1214
cf-request-id: 09daa973ad0000d6e53dbba000000001
last-modified: Tue, 04 May 2021 19:50:02 GMT
server: cloudflare
etag: "6091a56a-4be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2gSMPSLZXaoPBxyyoJui%2BLHuf%2B4lj5Z4%2FvPcGA54%2FtMdT1OCmRaWc%2F2pk7b3VzOfbGIcZE55L9e21tO0kAe4s3rlG4lt8oUMcwEltKWlLM05vymujA80D%2B4xgOvu"}]}
x-varnish: 292786337
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad14d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_neilafontenele-12635170.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 120ms
51ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_neilafontenele-12635170.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d24326a718e1ea3bd6a9d2ca5df039d4fe6d90549c1e27465ded9e4c034225

Request headers

:path: /_midias/reduced/home/1_neilafontenele-12635170.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 218
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2267
cf-request-id: 09daa973ad0000d6e520012000000001
last-modified: Tue, 04 May 2021 19:50:09 GMT
server: cloudflare
etag: "6091a571-8db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GxNpmr%2BsZRKscTtq3TteeoW908YIO0J86PdoYOaHALvDHIC%2ByCOAf369BYcHF4oQX4p0%2BeTk827P9AXzgCwsThwVbUIAzOwt1pZjZPGRxqX%2BgepgjiE7huIccNWL"}]}
x-varnish: 301434019 296584653
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad17d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_borisfeldman-12638692.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 120ms
52ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_borisfeldman-12638692.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab5e3a344f6d98adc4f2566635a0de434c08f82df18ef380e51c52cf08a76607

Request headers

:path: /_midias/reduced/home/1_borisfeldman-12638692.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 218
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1913
cf-request-id: 09daa973ae0000d6e528ba3000000001
last-modified: Tue, 04 May 2021 19:50:14 GMT
server: cloudflare
etag: "6091a576-779"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NiLjPm4OKAnaSAVUmdjsmhoT%2B0a7cNddvjuSyLHvsTFb0Q1y5DMchTX9oUKUt3tptUcQGwQi0U%2FfHmQaqd5AK8xMdWpozG5zsEwrJLtCRrPNED%2FuimdtP8ZnDQnS"}]}
x-varnish: 299533242 292757902
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad18d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_eliomarlima-12635148.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 127ms
58ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_eliomarlima-12635148.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec8bb1d17ac0d8da1cf6a6ec112cd74daa86a27325b559a2618b9f1bacfe451

Request headers

:path: /_midias/reduced/home/1_eliomarlima-12635148.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 218
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2196
cf-request-id: 09daa973ae0000d6e524955000000001
last-modified: Tue, 04 May 2021 19:50:09 GMT
server: cloudflare
etag: "6091a571-894"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DFj4mJI%2Fv1oH%2BaI6TZJD1dyGWkGMcCF47t2ZL%2BzZQIonszJfCx4SY2mO1OAZvBhZjSyZiWpAQPgnJDKpug42ggI7RzN4un4%2FHjgcvUk1k5mIKfwfThsFEsldYYym"}]}
x-varnish: 301434017 294951434
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad1bd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_alanneto-12638417.png
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 159ms
90ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_alanneto-12638417.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519b64efdeaa973ab35bfa1aa18b46aa729018adb9d73c34abe01132615bbc15

Request headers

:path: /_midias/reduced/home/1_alanneto-12638417.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 218
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2411
cf-request-id: 09daa973ae0000d6e53b0d3000000001
last-modified: Tue, 04 May 2021 19:50:09 GMT
server: cloudflare
etag: "6091a571-96b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=afBTPagdtvSbwtO1R8kb8AwOdV9%2Fg472Rd9jZYAcHVvVLApgWJvl1oteFOVMP9QJK9z%2F%2BE%2FZtCtNPTvZmzmOH3XfvrhvXPGWel%2BLpGkaIpldXuLcCVEuWpxFGrjL"}]}
x-varnish: 301434015 292757935
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad1cd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 logo-compre-dopequeno.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 9 KB
10 KB 127ms
62ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/logo-compre-dopequeno.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2121d2e43da18179a9a66cd77212546662297925068bf7004095d1c3ca7d659

Request headers

:path: /includes/assets/online/geral/imgs/logo-compre-dopequeno.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9054
cf-request-id: 09daa973af0000d6e577186000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: "607754f1-235e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PhKIKWvyVuc7Ed%2BbGgNzs%2B%2Bp26MRJF%2BE82JkwQP8y0Q7kcKAXuZN0ipPWTuGa5ssqdBEEuOzIrRfAvxjV0i4DDGfYwavAXjBdowbb8OJ8U8%2FpQWHwjb7wcAKrZ8F"}]}
x-varnish: 1021051711 1019839030
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad21d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_onix_rs__23_-13605146.jpg
www.opovo.com.br/_midias/jpg/2020/09/23/460x275/ 42 KB
43 KB 159ms
93ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/jpg/2020/09/23/460x275/1_onix_rs__23_-13605146.jpg?r=no_reduced
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e933a26d81575ba47b5ccc4ef4111b35c5c5954feb7a99848d8d6d0aaa0b12af

Request headers

:path: /_midias/jpg/2020/09/23/460x275/1_onix_rs__23_-13605146.jpg?r=no_reduced
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4976
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43222
cf-request-id: 09daa973b00000d6e5929ac000000001
last-modified: Wed, 23 Sep 2020 18:18:36 GMT
server: cloudflare
etag: "5f6b917c-a8d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=orXp%2B4bZWTCCefnSnMsvCjjxse3ujrRVinWXLhirrRekx5KFxIQVAg7ZKFizHIWx3I%2BFPL1oCaOiABoc3yIUwyD8Dt5i%2FAPc3vkY3Mw7B%2BHkNs9QjMPZ0JQ6v9bS"}]}
x-varnish: 288819158
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad22d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_diluvio___karol-15654573.jpg
www.opovo.com.br/_midias/reduced/home/ 6 KB
6 KB 159ms
94ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_diluvio___karol-15654573.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad95a7635353e2271798c38c48ab7ba5f3bbe53a9aa61e68e4e455a84eda5d8

Request headers

:path: /_midias/reduced/home/1_diluvio___karol-15654573.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 7502
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5824
cf-request-id: 09daa973b10000d6e579b5f000000001
last-modified: Tue, 04 May 2021 18:21:08 GMT
server: cloudflare
etag: "60919094-16c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g%2FOumjP2eNaoinsePC%2BFPccdo5mqnc017nr7xqIdZSCmjm7VcltvNnwfJPlB3jrxNd6iuIEMMjGQRbzvcYydyR0zX%2BpuN2nhj9qyKn44pso4kggvYx2CopyWlApE"}]}
x-varnish: 282953237 281611743
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad25d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_whatsapp_image_2021_04_15_at_22_32_36-15597829.jpeg
www.opovo.com.br/_midias/reduced/home/ 8 KB
9 KB 138ms
72ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_whatsapp_image_2021_04_15_at_22_32_36-15597829.jpeg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b467b97fc5f6271bea83281b6f5dd4ed72e1f8a8679336d930ec2959a95554

Request headers

:path: /_midias/reduced/home/1_whatsapp_image_2021_04_15_at_22_32_36-15597829.jpeg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8178
cf-request-id: 09daa973b20000d6e55e3f1000000001
last-modified: Tue, 04 May 2021 19:50:09 GMT
server: cloudflare
etag: "6091a571-1ff2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BdjtC7aOEpT8JiecWwQ62h7dkwiyM0gfsSLwr7G1NUktJN%2FWr%2Fwjf3HRa3sFKn4sRr8%2BXcLjfO%2FroEoUhBE%2FPQi4VuykqWUTC40gRe3h9SfgGsbNYynHTYCIHJFV"}]}
x-varnish: 294556527 295405096
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad28d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg
www.opovo.com.br/_midias/reduced/home/ 9 KB
10 KB 138ms
73ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 045690db8e321a4eb96141a42ee05d50c6eece02eedb967faf9bff7eb860c84c

Request headers

:path: /_midias/reduced/home/1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8045
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9566
cf-request-id: 09daa973b20000d6e59d20e000000001
last-modified: Tue, 04 May 2021 18:12:02 GMT
server: cloudflare
etag: "60918e72-255e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dZ3AN2uNctKvUpmjKaeCeBY3BMU4EQnDP2EMTNR%2F99P3vJ9bO0fW%2FS9A5F3Rcunt41l0WDb1tStemFy%2FKWutEF9wrU%2BoIoRKYHDhgr322f0DKd2RcPZPkIfAA5io"}]}
x-varnish: 279578954 279282764
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad29d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_capa___olimpiadas-15607157.jpg
www.opovo.com.br/_midias/reduced/home/ 8 KB
8 KB 123ms
58ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_capa___olimpiadas-15607157.jpg?t=0.2_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3853e858d44301b269aea92dc651738b88c7f6aa92e27a733719e782e4c75ebc

Request headers

:path: /_midias/reduced/home/1_capa___olimpiadas-15607157.jpg?t=0.2_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7686
cf-request-id: 09daa973b20000d6e5380f8000000001
last-modified: Tue, 04 May 2021 19:50:04 GMT
server: cloudflare
etag: "6091a56c-1e06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EJ6DJBOj9orYPcSvYQDdP8HOayuTe1YxcB4JXwFsS30aq1UyqGfgDhP51LI60BtgCagApOtCjDE4WVDNMW8yOqAIMlcXLSzVNOYwpIPH2LnYbG24HOGtVCLt0Smx"}]}
x-varnish: 294556525 295339357
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad2bd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_clubeopmais-14477185.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 138ms
73ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_clubeopmais-14477185.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe9772d95cbe28e814b4e2106f9d42eb1e711d209707c73d36fe754465b7387

Request headers

:path: /_midias/reduced/home/1_clubeopmais-14477185.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 391850
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7168
cf-request-id: 09daa973ba0000d6e518b70000000001
last-modified: Fri, 30 Apr 2021 02:59:34 GMT
server: cloudflare
etag: "608b7296-1c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U6%2FoBgYciTXFC1td12V6ywcCzMUB4YKL9GtIbBGSJBVQ1cOaMZ3sNVwAEEmLi67MsQ8p0xIWJeIf1%2B6BCvATRn73gCpUOW4WFRTDZSrhUgdfIHIOEo%2BNVa8tRcfd"}]}
x-varnish: 87004693
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad2cd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_trator_agrotoxico_foto_franck_barske_pixabay-15577102.jpg
www.opovo.com.br/_midias/reduced/home/ 2 KB
3 KB 138ms
73ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_trator_agrotoxico_foto_franck_barske_pixabay-15577102.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab888b64ffc504de0179c5c7a67fb7bd0c1780d15b465eca6cc432e069e1e065

Request headers

:path: /_midias/reduced/home/1_trator_agrotoxico_foto_franck_barske_pixabay-15577102.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2176
cf-request-id: 09daa973b30000d6e514b4e000000001
last-modified: Tue, 04 May 2021 19:50:10 GMT
server: cloudflare
etag: "6091a572-880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WClOnluTfGPyhn9rKbv1Du9ze5cdR6%2BG1Wo0HFE%2FNMqChxrqDB3B9dQh%2FBjhkKOs1G1e5UtHXV8o6u%2FJtvuZGy9YgIvEqCE%2B%2F3cXuCA%2FHdOFoIyfUaIhsRhZmxeZ"}]}
x-varnish: 294556537 295405141
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad30d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_capa___olimpiadas-15607157.jpg
www.opovo.com.br/_midias/reduced/home/ 8 KB
8 KB 140ms
79ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_capa___olimpiadas-15607157.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3853e858d44301b269aea92dc651738b88c7f6aa92e27a733719e782e4c75ebc

Request headers

:path: /_midias/reduced/home/1_capa___olimpiadas-15607157.jpg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 490
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7686
cf-request-id: 09daa973b40000d6e5649c3000000001
last-modified: Tue, 04 May 2021 19:50:04 GMT
server: cloudflare
etag: "6091a56c-1e06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yrXmN2ULOJofSVbR4iwJoU4LMS0roOjhJL07AjEtWDgdvaBSbEzC0dAMBYjzAkBdC8Jybt11Q2uCvz8U%2FGJJY8rZv8Pqh9nT8%2FcX2QdpctbIgAT8CnzlwHpLWRRv"}]}
x-varnish: 299172733 296846177
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad32d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_napoleao_coroacao_notre_dame_pintura_jacques_louis_david_1806-15628147.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
4 KB 128ms
68ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_napoleao_coroacao_notre_dame_pintura_jacques_louis_david_1806-15628147.jpg?t=0.2_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1181bc4629fe96c81623741b9bfaa4813ba4db7fdc12ebd5437d24cc439598e4

Request headers

:path: /_midias/reduced/home/1_napoleao_coroacao_notre_dame_pintura_jacques_louis_david_1806-15628147.jpg?t=0.2_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2910
cf-request-id: 09daa973b40000d6e528ba4000000001
last-modified: Tue, 04 May 2021 19:50:10 GMT
server: cloudflare
etag: "6091a572-b5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yvUdYbRqC2NSai8VBGzLBbQNkLc5aXz4Ph4%2F5f5yfDhSBKeKHmKXDVZ6S8jk17AjbYQecsSUZLDxgtu92pB2RGn6WoEWqkMykIBuSyiQ4VtEqQnY8Jls4FR63074"}]}
x-varnish: 296486786 295863051
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad34d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_walter_benjamin__e_asja_lacis___capa-13659194.png
www.opovo.com.br/_midias/reduced/home/ 15 KB
15 KB 153ms
91ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_walter_benjamin__e_asja_lacis___capa-13659194.png?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017ee2612ecc9b8246c951158c0982c263679899b0bb803a101d06e5be06151d

Request headers

:path: /_midias/reduced/home/1_walter_benjamin__e_asja_lacis___capa-13659194.png?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 375146
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15156
cf-request-id: 09daa973b40000d6e549270000000001
last-modified: Fri, 30 Apr 2021 12:10:11 GMT
server: cloudflare
etag: "608bf3a3-3b34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5esIPOCTcl7qsJQ19dvMUpta5pP%2Bl9tVjvhtgHJ%2BDncip%2BPmc2syw4s2gcmoVlD9BY3Z9f3AdWuO9tsExIiasKVbELtQTZF%2BQA9c%2BFlp0CcZSf%2Bb2gIqv%2ByUGEnt"}]}
x-varnish: 123635280 128090610
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad36d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 capa-jornal.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 47 KB
47 KB 114ms
52ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/capa-jornal.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14108e25edfa81b17888975728e2d284650900547552a3b445b3d216976a327

Request headers

:path: /includes/assets/online/geral/imgs/capa-jornal.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47816
cf-request-id: 09daa973b50000d6e599986000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: "607754f1-bac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eBQOQdcaofJaJmCaYEZSKNoNumyFJOZ%2BgNygRj6Lv7%2FYR1q0plKK6ZEYOfpOwn%2Ba1Dk5Iyt7Qe29IlZcmZILvaDysgD6Ueh%2FtPtQLvVZXEhL1Hrkyk%2B9pmmWjOTx"}]}
x-varnish: 1011256401 1009977434
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad38d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_capa-15651522.jpeg
www.opovo.com.br/_midias/reduced/home/ 10 KB
10 KB 139ms
79ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_capa-15651522.jpeg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f515242f33c722e909591d1d4619a584d94d5d2ba2793274a7283acc669a8a7c

Request headers

:path: /_midias/reduced/home/1_capa-15651522.jpeg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 40062
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9986
cf-request-id: 09daa973b50000d6e53c86c000000001
last-modified: Tue, 04 May 2021 09:16:07 GMT
server: cloudflare
etag: "609110d7-2702"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YLOo3YKeIob88ulRxQC8cJWcgqD8ihIjCSAqUdkcz3RRU9zTsmA6WAs3RzgHxKrb%2FkKaOqtBDqVWIwALAgrg3%2F5wwKAss9re7VXNgyGAD%2BgPoGYQNAqB%2B7mAo0Tz"}]}
x-varnish: 200802546 197625670
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad39d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1__mg_7923-14292926.jpg
www.opovo.com.br/_midias/reduced/home/ 6 KB
7 KB 120ms
59ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1__mg_7923-14292926.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0da2080534039ae130a1bfcac8c29791cbcabd611b5e29cd5618f92c8fe78

Request headers

:path: /_midias/reduced/home/1__mg_7923-14292926.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 23244
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6050
cf-request-id: 09daa973b60000d6e5811b5000000001
last-modified: Tue, 04 May 2021 13:53:39 GMT
server: cloudflare
etag: "609151e3-17a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nnb9lGNPkam72KqcwEgGIGmsu5%2FTcFq%2FQAT4F%2B%2FcCYublAoy010aNvGNy%2F9utlcTuiKmmb3loERX4lJK1jdQwkSHVr9hjKmZ5EcSQnLh6vdtAFkW1ZX94h0dW7cp"}]}
x-varnish: 245072680 244909243
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad3ad6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 button-opovo-cbn.png
www.opovo.com.br/images/imgs/portal/ 5 KB
6 KB 127ms
66ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/images/imgs/portal/button-opovo-cbn.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b3fdf7132afb85d663fd4bc49a66d6b864a8f6dbfe8e861908b6395207979e

Request headers

:path: /images/imgs/portal/button-opovo-cbn.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5301
cf-request-id: 09daa973ba0000d6e5858a2000000001
x-fivecom-rewrite-redirect: 1
last-modified: Fri, 31 Aug 2018 19:29:57 GMT
server: cloudflare
etag: "5b899735-14b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bwm3%2FFjvKko1v%2F7ojjDjRPTkrT8KRK%2BTTmDS%2BClzGUj5CO8f0hQo9SnlIzbYBMMmdb78oG33DDX%2FrT55iOO8fTVxFUgte1hiOcoFxNy%2FfiwRzw%2F0owp0TF1I6xiD"}]}
x-varnish: 1019708810 1013745463
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad3cd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_david_ceara-15654375.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 139ms
79ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_david_ceara-15654375.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 996db5a112646e1427d82cb9abcd70d9d4820cf82e9de4611fb8e237709d22f9

Request headers

:path: /_midias/reduced/home/1_david_ceara-15654375.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4095
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5164
cf-request-id: 09daa973b60000d6e56910d000000001
last-modified: Tue, 04 May 2021 19:15:08 GMT
server: cloudflare
etag: "60919d3c-142c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hvOibtWxug5MupHdx2W4FUYlt135UHfEcEHM3evvaGsM7gm5Xd7Aezj3N%2BwjSDllg%2FwdxtGJ7Wfw7R5fJ5KHzj4sJMyAbj4xZiSGwGC32rC7gra4Nk4smp6zB8%2FY"}]}
x-varnish: 292619565
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad3ed6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_juanpablovojovoda-15654408.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 119ms
59ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_juanpablovojovoda-15654408.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2149613208556f6f8c68edd6411f18d47c53ffa8b7d37c9416e69116267d370f

Request headers

:path: /_midias/reduced/home/1_juanpablovojovoda-15654408.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5096
cf-request-id: 09daa973b70000d6e53dbbb000000001
last-modified: Tue, 04 May 2021 19:50:14 GMT
server: cloudflare
etag: "6091a576-13e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=inyCwjh8rwVipMUSisMk0VBci24k%2F%2FTfJQ71ez6rbxhbOcY1tGy3r%2BWIzOl%2BFyvfzOzZleC7MQergVnL7xWAoxi1RkvasnrgJX43lbaiEgazBomRw0TVBTdBy%2BFI"}]}
x-varnish: 296520602 295863204
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad40d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_climerio__divulgacao_-15644259.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 127ms
67ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_climerio__divulgacao_-15644259.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf87790d07c1b36bb25481e7c323b0ef900c177a28c378df4c4654c2f23fcd1

Request headers

:path: /_midias/reduced/home/1_climerio__divulgacao_-15644259.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7150
cf-request-id: 09daa973b70000d6e576330000000001
last-modified: Tue, 04 May 2021 19:50:11 GMT
server: cloudflare
etag: "6091a573-1bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yfGywb%2FCxk7HTiat3gRf8TxjQHfHyfyr1CSyyYQrKuFQckUNPYDAuLAN%2BggsxiWBuIL8Kr21OBDgp9STZTEy8fEz5xsGuzrB9x9fgrmAl7I2aS24Xv8V8uv2dRpS"}]}
x-varnish: 294556529 293767595
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad42d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
37 KB 83ms
23ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9021a3d1e48ff6683217c8c1d222dccf91ee177843e70db78061c57aa8408c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37695
x-xss-protection: 0
last-modified: Tue, 04 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 20:27:23 GMT

GET
H3-29 200 1__p2a0331-15629211.jpg
www.opovo.com.br/_midias/reduced/home/ 8 KB
8 KB 137ms
79ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1__p2a0331-15629211.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28b697617a0670c1bda2328ad4c4b5f3754790b5e57f0f913dd50f99329b9ca

Request headers

:path: /_midias/reduced/home/1__p2a0331-15629211.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7788
cf-request-id: 09daa973b80000d6e56d8b1000000001
last-modified: Tue, 04 May 2021 19:50:11 GMT
server: cloudflare
etag: "6091a573-1e6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gQNPOW%2Fgh81tcsqFqyD7FvhX9A1NjUJvr0wdhE2BIQuWm5VC15iBX64VO5JlAhWC9jAlOg7XVQ4%2BsHBgHTtqHacH%2FT7ZKG19LWu4a0PO4axxuFa%2FN%2FQuACpHZ%2BPS"}]}
x-varnish: 297173136 294753725
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad43d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_juliette_freire_bbb_21-15650302.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
4 KB 141ms
83ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_juliette_freire_bbb_21-15650302.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99845a574dcc7fe42bf20c7d56c184d88b670151171fd9690e41757cba01559c

Request headers

:path: /_midias/reduced/home/1_juliette_freire_bbb_21-15650302.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 24160
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3292
cf-request-id: 09daa973b80000d6e5929ad000000001
last-modified: Tue, 04 May 2021 13:39:11 GMT
server: cloudflare
etag: "60914e7f-cdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yb0318dT%2FaAdWWym5%2BxLKPkPdBKsnZChPD6dxFtVHLPCV4IiY8mkM70by0VbU8MG%2FhlA8aKnghB6xIoqybB0YzyK2dXUOaSnexnpeBH9aESk%2BTGdDHTu20boqEzz"}]}
x-varnish: 240256448 242680234
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad46d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_jessica-15652127.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 117ms
59ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_jessica-15652127.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d129798f1e77c6685a9b94691eba0cdd873e028de5f13a318f764a9e40a1e17c

Request headers

:path: /_midias/reduced/home/1_jessica-15652127.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4960
cf-request-id: 09daa973b90000d6e571915000000001
last-modified: Tue, 04 May 2021 19:50:12 GMT
server: cloudflare
etag: "6091a574-1360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jL2iJiwAPUvvDeyqO%2FGzPVhhZCuQa1BnOoPXo8J5K%2B4Gf3pTEamWIyE%2BOyN0HRYx%2BqnEQpZBXV5JQ5HxXK44mk0sSMHgmrazIcsqAccbTPTPq8jLkxxT8S6X0Iei"}]}
x-varnish: 294556535 296485899
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad49d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg
www.opovo.com.br/_midias/reduced/home/ 9 KB
10 KB 107ms
49ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 045690db8e321a4eb96141a42ee05d50c6eece02eedb967faf9bff7eb860c84c

Request headers

:path: /_midias/reduced/home/1_final_bbb_21_como_votar_gshow_votacao-15641218.jpg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 490
content-type: image/jpeg
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9566
cf-request-id: 09daa973b90000d6e54a2e0000000001
last-modified: Tue, 04 May 2021 19:50:15 GMT
server: cloudflare
etag: "6091a577-255e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=faVwFZkjd8%2FpRfp4pTEMuC3vNoqnA7jbG2OkRPGTXupLZOJmFNkb9CGDfr%2BcLiTBpzoNbNB7O0FxHfPnB2G2UvBZUNRslJUJ7LRHvFn6LHPe0UJln8NUcVZnlJXd"}]}
x-varnish: 299172749 296945098
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad4dd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_fiuk_chora_ao_lado_de_gilberto_401373_36-15642844.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 141ms
84ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_fiuk_chora_ao_lado_de_gilberto_401373_36-15642844.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d6de04465b55f810d13b8838bb50b046b3532a78fb2018e56a3af4c7e18128

Request headers

:path: /_midias/reduced/home/1_fiuk_chora_ao_lado_de_gilberto_401373_36-15642844.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7050
cf-request-id: 09daa973ba0000d6e55e3f2000000001
last-modified: Tue, 04 May 2021 19:50:11 GMT
server: cloudflare
etag: "6091a573-1b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vfucu1BISlvoXKztFWl1%2BqySX74Yod7Gn5cp9uGZCZxgdtS%2B%2F317frgJBokR4flr8PdzS%2BlsrfE6GoV39JVpzjpiU1aBc%2FDMnaLUrNEfqB7J%2FIoBzM218bjEp15H"}]}
x-varnish: 294556541 297044067
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad4ed6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_000_8xu7tu-14503412.jpg
www.opovo.com.br/_midias/reduced/home/ 6 KB
6 KB 141ms
84ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_000_8xu7tu-14503412.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 043f2ffa258f7e930bcb6f5dba61677e89dd83a9c6836dabc287f552c45baf9c

Request headers

:path: /_midias/reduced/home/1_000_8xu7tu-14503412.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5642
cf-request-id: 09daa973ba0000d6e567242000000001
last-modified: Tue, 04 May 2021 19:50:11 GMT
server: cloudflare
etag: "6091a573-160a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WFr5n2UeKuR7MgOY2GYuXB3s8PRavvyQqZLy3PPnqqwpBSkSmd0BV6b%2FG65968dPN3ahL1oe1grq7ksL7YvNLwphsSk7DuGls8PpMWUuzpxgH7amBJapL2PQxLBt"}]}
x-varnish: 297173138 296813106
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad50d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_reprodrucao_google_blog_do_farias_junior-14778733.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 123ms
66ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_reprodrucao_google_blog_do_farias_junior-14778733.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594daf03c1101103eddb292d1d583d676128ce34437974d935d36cd13105b2be

Request headers

:path: /_midias/reduced/home/1_reprodrucao_google_blog_do_farias_junior-14778733.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7582
cf-request-id: 09daa973bc0000d6e57d9a2000000001
last-modified: Fri, 30 Apr 2021 03:44:43 GMT
server: cloudflare
etag: "608b7d2b-1d9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bg4vgSF5CxQvdMRAA2PYvqaalTI770v70tEPETstnwCj%2Bx%2BcIpncfPV%2FUmQFUzw1PCtwAAR15NM7KAOOdcnl3rGjKFgW1xf%2BH1R%2F98uaJ9eqBWQRDwaeP0Bpyl%2FE"}]}
x-varnish: 81627214
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad52d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_macross_1_1_740x416-14778766.jpg
www.opovo.com.br/_midias/reduced/home/ 14 KB
15 KB 142ms
85ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_macross_1_1_740x416-14778766.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd3ebc4f4b8632daa70fcabfc113a813769ba38e0dce48763b9c6fed713c4b8

Request headers

:path: /_midias/reduced/home/1_macross_1_1_740x416-14778766.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14450
cf-request-id: 09daa973bb0000d6e5183d9000000001
last-modified: Fri, 30 Apr 2021 03:44:43 GMT
server: cloudflare
etag: "608b7d2b-3872"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jK5aSjP7DZe3y9Lsu5HiNh0E8ZOUIHtNfII2EIsG%2Bc5OmVN7G7WirMKyGKpp58J1f84p0HGmk2Xv8u6dI%2BBT4v%2FFyfhBQ4vCklN6mVlneeCaHq155pLrWV352wPt"}]}
x-varnish: 82347150
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad55d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_atravessar_a_pandemia___ep5___capa-15232010.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 150ms
93ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_atravessar_a_pandemia___ep5___capa-15232010.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e6603549555580b680f86b03c2ab7b601f933688409c412990b230f200008dc

Request headers

:path: /_midias/reduced/home/1_atravessar_a_pandemia___ep5___capa-15232010.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5504
cf-request-id: 09daa973bb0000d6e515ac2000000001
last-modified: Tue, 04 May 2021 19:50:11 GMT
server: cloudflare
etag: "6091a573-1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eC0pBfgoz9MagVRbRoc7o235%2FFnJHn3tm8AzbHfElLY9K3Xig8BY1dLZwEl72r0zS85q8Ra1YnZQXFWdZioFQ3H883W3%2BjcUS069sAAmFwhcVMgqTXDB9i57sXpr"}]}
x-varnish: 294556533 296519996
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad58d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_amor_1-12568115.png
www.opovo.com.br/_midias/reduced/home/ 11 KB
11 KB 153ms
96ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_amor_1-12568115.png?t=0.2_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99434f8dfcf70714ea945af372182735fa0c5b1a996655355376ff3048aea4a2

Request headers

:path: /_midias/reduced/home/1_amor_1-12568115.png?t=0.2_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10853
cf-request-id: 09daa973bb0000d6e586043000000001
last-modified: Tue, 04 May 2021 19:50:11 GMT
server: cloudflare
etag: "6091a573-2a65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4OF5hRYB%2Bd1qQBGffW15FgF%2FsYOlmCtojQDwUUdXC23CTMhs8deL%2FTyBWJRVArXqk3fkmsqzTGIs%2FZYts3nCB3KYPhZv8vUjLrKyizp3q8II%2Bb2TYXaCB8ZMZMe7"}]}
x-varnish: 296486788 294753687
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad5ad6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_ceara_a_mesa___ep7___thumb-14941892.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 153ms
97ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_ceara_a_mesa___ep7___thumb-14941892.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed78b01a625c033cbf227def15cf08c316d252892c7436253a0533d8069da8d9

Request headers

:path: /_midias/reduced/home/1_ceara_a_mesa___ep7___thumb-14941892.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7192
cf-request-id: 09daa973bc0000d6e577188000000001
last-modified: Tue, 04 May 2021 19:50:11 GMT
server: cloudflare
etag: "6091a573-1c18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=674r54jvdoy1lSBofUK4uWDZzEKnAJEaFDVyPjoNJt3XJCSy4xCHGFSF2tdcz2vumonvlHDc6VNxPXf4PgPAYKERJBg741PNdJpl5kGRExRqDCID2f6FKajYg7mI"}]}
x-varnish: 296486790 293767601
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad5bd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_ciro_nogueira___capa-15357090.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
5 KB 154ms
97ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_ciro_nogueira___capa-15357090.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7e6ee51f395018bd02c4fa3914ce146476b44a0c7282d1c5b972fbff6b8664

Request headers

:path: /_midias/reduced/home/1_ciro_nogueira___capa-15357090.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 106729
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
cf-request-id: 09daa973bc0000d6e549271000000001
last-modified: Mon, 03 May 2021 14:47:49 GMT
server: cloudflare
etag: "60900d15-10b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2R6RWA0zaJ0aljZz0pSFtV297JpMmMWU0P2xqkOtaxJGzSwk6IMMAyvMojWknsB9vJSrHqKMslisdiVsZ7roE%2FKOkLPmc46B5JO6N3c2QHVAsZdFYgW2WeYdburd"}]}
x-varnish: 81625373
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad5dd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_mandetta___capa-15054922.jpg
www.opovo.com.br/_midias/reduced/home/ 3 KB
4 KB 154ms
98ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_mandetta___capa-15054922.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fab1be6082e6740df9de7635b96d4e93c66fb8fcdc9f86072dcd29c6159be1d

Request headers

:path: /_midias/reduced/home/1_mandetta___capa-15054922.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3344
cf-request-id: 09daa973c10000d6e58b29a000000001
last-modified: Tue, 04 May 2021 19:50:12 GMT
server: cloudflare
etag: "6091a574-d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vXEU0m2%2BpxwVNC%2FEfIGrkMXQns39%2B8bZwpqir3aNb5tlANJp2xzpeCUkXT%2BbNDiG3jfaspt%2B98CeUPw4mSgKBVFVkYSf27DwhSzwl9BemcjeraPPjRu7UE%2Fl1%2BNB"}]}
x-varnish: 297173128 294194069
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad5fd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_vamos_agir-15645641.png
www.opovo.com.br/_midias/reduced/home/ 8 KB
9 KB 114ms
58ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_vamos_agir-15645641.png?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9710b6abe21b465b8ad441e4c535956222a7cdac36eb5ad5e578a9359194eac8

Request headers

:path: /_midias/reduced/home/1_vamos_agir-15645641.png?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8387
cf-request-id: 09daa973c00000d6e574324000000001
last-modified: Tue, 04 May 2021 19:50:12 GMT
server: cloudflare
etag: "6091a574-20c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q%2FfvKQqZ2gbIj3jt6%2FzcGrQJ6uNTdFmz9m8qxTR2iUa%2FdfAVtOlLDELvJaciW5Q%2BVL1hBzLm4pdrAdZTFhMxIe%2FlyuB%2BzlnCdc3j8AjKBu%2B57LdfzUlwlnE6zFFf"}]}
x-varnish: 297173130 296945103
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad62d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_botanica_principal17-11548231.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
4 KB 157ms
102ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_botanica_principal17-11548231.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9298f88a525ce9829ebe9ba4cf4692da2f12b278579999aa9453ed570b02b4a0

Request headers

:path: /_midias/reduced/home/1_botanica_principal17-11548231.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3744
cf-request-id: 09daa973bd0000d6e55a051000000001
last-modified: Fri, 30 Apr 2021 03:44:44 GMT
server: cloudflare
etag: "608b7d2c-ea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G4qRHNUmYcSvq7PPEZ3vTcotQ7Ms8Swn%2BqbDxrtE49TDWcPYULUqcW%2Br1RlHWJ9Z3wUYnNKTNRIKkaBxf8CrSrSJZ6YJ8sOFeUAGLddjeL0%2F0gDwwXiKN%2FZKYVNn"}]}
x-varnish: 81627220
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad65d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_violencia_internet-12264957.jpg
www.opovo.com.br/_midias/reduced/home/ 5 KB
6 KB 155ms
102ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_violencia_internet-12264957.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6709016dd2b93604284c2125b0b3859f14235bec1b914a07a21f0f810dddaca

Request headers

:path: /_midias/reduced/home/1_violencia_internet-12264957.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5408
cf-request-id: 09daa973bd0000d6e56910e000000001
last-modified: Fri, 30 Apr 2021 03:44:44 GMT
server: cloudflare
etag: "608b7d2c-1520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HPV8FLT9CZOg3je2bHXqBJuI7ZW2axFeaDL14Lk%2FOSLJfBVfYXu75YCteTvlTiaPE2koJhatGruCrsLWFBEkj5dC0EUtgc5nyOC%2Bvpi%2FVWlEcOdlAetTC2o3%2BIg7"}]}
x-varnish: 81627223
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad67d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_alemao_kitesurfe_idoso__9_-10301272.jpg
www.opovo.com.br/_midias/reduced/home/ 4 KB
4 KB 152ms
103ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_alemao_kitesurfe_idoso__9_-10301272.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bdb6f8aa5a7bc7d329c8ef830a1ed2c19194e59d91b3316192aae5ffbc4cfe5

Request headers

:path: /_midias/reduced/home/1_alemao_kitesurfe_idoso__9_-10301272.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3838
cf-request-id: 09daa973be0000d6e53c86d000000001
last-modified: Fri, 30 Apr 2021 03:44:44 GMT
server: cloudflare
etag: "608b7d2c-efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mMHHE0KYSyfzgQOcyEtRiPiee0YCfHfI0ul8SzuZJwvSvKfZyRvwQQiJAiauCEtCAOKrCoI6gfmY8eohn07QTZ4UCQ%2FQ2l%2BRb8pghRNQ0UxBWXIuIZqthvRelxTr"}]}
x-varnish: 82641500
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad6cd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_energia_limpa_2-15307955.png
www.opovo.com.br/_midias/reduced/home/ 10 KB
11 KB 152ms
104ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_energia_limpa_2-15307955.png?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2617cd603385d1c218a0a5cb81235ad62f0767f1ca2b787e044c5ea051e53559

Request headers

:path: /_midias/reduced/home/1_energia_limpa_2-15307955.png?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10654
cf-request-id: 09daa973be0000d6e59d210000000001
last-modified: Tue, 04 May 2021 19:50:12 GMT
server: cloudflare
etag: "6091a574-299e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zNVuABA6MqERnl9JCsHQCPGAKHYqAbXKJQUwEmkdZZ0Daegxb54gCwvHisAWS%2BehmO470fXGhmqmF7TTUDRGx065cq48aNjninfMp17ZFcqwAo6KV88kJ1rAzjeo"}]}
x-varnish: 296486792 292757959
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad6ed6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 pause.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 157ms
108ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/pause.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094f185cfcb993d51c2047ca1ba82e1b4609fac9cdec41a4c464c55e5c4bef1f

Request headers

:path: /includes/assets/online/geral/imgs/pause.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 555364
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1708
cf-request-id: 09daa973bf0000d6e599987000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-6ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AxXFnoKLt0tgAAazJd0audHi0Kh8jD4sRuOlhKwi7KLPm82XjfSftJNwiqIF7wdK3U2X8y2x4X5J5jDd68vCzIxX796TWhn2IcUGlw3nYkE4S8pCU8t%2B5uZ9aMIk"}]}
x-varnish: 702677002
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad74d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png
www.opovo.com.br/_midias/reduced/home/ 17 KB
18 KB 87ms
46ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png?t=0.2_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20026aa84c648fe8d0c406c01f503a37037ed007a4f63279abdd27fb8e69614

Request headers

:path: /_midias/reduced/home/1_captura_de_tela_2021_04_14_a__s_18_19_39-15455336.png?t=0.2_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1573
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17592
cf-request-id: 09daa973c00000d6e51a984000000001
last-modified: Tue, 04 May 2021 19:50:12 GMT
server: cloudflare
etag: "6091a574-44b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dVOC1%2BOa2Lgf6y7qqOjD1Y4%2F%2Bz4Bxc6BjCtThfz098DO3rcBWFh%2BPbtqz69MAM%2B51gWFZKGXUKZyyUEXdJtTqSe7zpkcqyWMU1ZHeFPtFrg97xI3VoTNMdj2Uc1E"}]}
x-varnish: 297173134 294753785
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad81d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 comunidade-nerd.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 3 KB
3 KB 158ms
117ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/comunidade-nerd.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090e68adead733e6c4f72552fe5d5808ea5ae87d937ed40de5a3ad72284ae1b6

Request headers

:path: /includes/assets/online/geral/imgs/comunidade-nerd.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2840
cf-request-id: 09daa973c00000d6e54a2e1000000001
last-modified: Thu, 22 Aug 2019 17:18:36 GMT
server: cloudflare
etag: "5d5ece6c-b18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3vTeYzk%2FS1oeQV5WK4bOTlfLjjzCdtLzuum%2Flutcp4z32pbx8wTkqe4wzC3%2Bh2mB7goWh4jih38pWuFcI2GvoXDjJQjJpQh6eEKoale7%2B8egHQ8J93LWNIsxfGjl"}]}
x-varnish: 1017774202 1019839045
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad82d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_cidade_invisivel-14730994.jpg
www.opovo.com.br/_midias/reduced/home/ 8 KB
8 KB 158ms
118ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_cidade_invisivel-14730994.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7ac24fc14f0e3646d4c3e1cecfdf596cf3dbae1e5fcdc43239a1b69585bbe7

Request headers

:path: /_midias/reduced/home/1_cidade_invisivel-14730994.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1574
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7942
cf-request-id: 09daa973c10000d6e58c815000000001
last-modified: Tue, 04 May 2021 19:50:12 GMT
server: cloudflare
etag: "6091a574-1f06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VdWJWJnAOoz8bTywHHxoAmUqpCqBrb2n2D6Qc1%2BtcRA199gzaY19qVJQtLESXC5AKCRnBbMLtmVd810z%2F%2FLDd4m%2FK3YTz6JqRBuexrg2nO5yH1YWon4cF9pL0IYh"}]}
x-varnish: 294556531 296749499
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad83d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 empregos-e-carreiras.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 3 KB
4 KB 160ms
120ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/empregos-e-carreiras.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3e883baafd0aa9d5f7e1ba2b49d6a9c458e2085bc0575d00a31d5bde3e5ac5

Request headers

:path: /includes/assets/online/geral/imgs/empregos-e-carreiras.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3141
cf-request-id: 09daa973c10000d6e520015000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-c45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FP%2F2Zj2BBdnrB7iT0XIgKqsPAj%2BkhnPeMoISgmgXV68Xqamvpnok0hwq6DhH04OodoemEsqy1ld35r56dP9rI6VFipQyHWGI%2FuUrCosiHEakmyT%2BDehSD1zbVsBY"}]}
x-varnish: 1011256407 1013745466
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad86d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 1_3-14145342.jpg
www.opovo.com.br/_midias/reduced/home/ 7 KB
8 KB 161ms
121ms Image
image/jpeg 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/_midias/reduced/home/1_3-14145342.jpg?t=0.1_s
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9197f7576ef57637c5e474669fd48214472afadac777b047225ce6ca48cf41cf

Request headers

:path: /_midias/reduced/home/1_3-14145342.jpg?t=0.1_s
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/jpeg
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7538
cf-request-id: 09daa973c80000d6e528ba7000000001
last-modified: Fri, 30 Apr 2021 03:44:50 GMT
server: cloudflare
etag: "608b7d32-1d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9erTG3ImKTtH%2BhdAOV8vnrq76g0HxARXBxTGI5XdL6f4s5SmQOZctZsCTFfU7fJ4NV6gXgSgeisYaGdhv2q0J5Z1tkCNnQnDxg2b9kRoZwGHrr%2BICHbLKK5cvZXe"}]}
x-varnish: 82347162
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad8ad6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29

200

o-povo-online.png
www.opovo.com.br/includes/assets/online/geral/imgs/
Redirect Chain

https://opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png

6 KB
7 KB

21ms
20ms

Image
image/png

2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713

Request headers

:path: /includes/assets/online/geral/imgs/o-povo-online.png
pragma: no-cache
cookie: _gat_gtag_UA_23310373_1=1; _ga=GA1.3.621751297.1620160044; _gid=GA1.3.510170479.1620160045; _gat_UA-23310373-1=1; __cfduid=de28bfae5bd84e58e84796ad88523405f1620160044
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-site
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522406
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6467
cf-request-id: 09daa977010000d6e52ba29000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-1943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nc0R9upPCxUtYgLsQkZV3rXORXD2yUP37GdPJLPJX7g6iialESevBizn8UylA92Q7fccaD1wbp7%2Fy3QdHWnX7ga0bSZTd0YDpIWJFBTkz9PGvD6%2FwpP1P6YPtl0P"}]}
x-varnish: 780602420
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47837feeed6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

Redirect headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-origin: *
cf-ray: 64a47832ad8cd6e5-FRA
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa973c50000d6e5380fc000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VfuKURzb8d4TafVKlrLAs%2FnVEjveFTAsCV2yPROejVakeN%2FsNtoT9Pi7AClgJE33hO42ku3bhWBcA35ttJXWd21qhlDES1gfGUQ2lMJgapCA%2Fid7KKOw4X4%3D"}]}
x-varnish: 299206284
location: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
cache-control: no-cache
content-type: text/html
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.6.2/ 386 KB
113 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.6.2/firebase.js

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88865e7ddaf27e6a197673760e1da312c5525f54af05cdcd9fa04bd07fa71c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 04:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Nov 2017 23:34:08 GMT
server: sffe
age: 144743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115681
x-xss-protection: 0
expires: Tue, 03 May 2022 04:15:00 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 93 KB
37 KB 49ms
18ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-P5LXTSR

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

001346a0cd2b9501b83366c2e6e4d8585bdb8c0772055e3db244dc74d4448da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37155
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:23 GMT

GET
H3-29 200 jquery-1.12.4.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/libs/ 95 KB
33 KB 20ms
19ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe

Request headers

:path: /includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522405
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa971b70000d6e58587e000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-17b90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7icGSkfFGtwAdzHgyuP0fEDmnbdbczPZnZ0TPA9sC%2BOf42LR94yhSJYjnVS23PdFvh%2Brwy%2BkvjKhewpQxbDSMtu%2BIom4mJpUAKOsLpCzEFfH29BnC5lh4BmEWJPS"}]}
x-varnish: 781223010
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a4782f8fd9d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 custom.js Show response
www.opovo.com.br/includes/assets/online/geral/js/ 2 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/custom.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15273ff1ac56f84eebc440688d39df383582d67ab9970a5ee5f2ed3ecdff2ba8

Request headers

:path: /includes/assets/online/geral/js/custom.js
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 82449
cf-polished: origSize=4326
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa971e20000d6e55e3d3000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-10e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gwU03uILTWbs9PeXyE6i6BZSbuKsxkJqzbByC6DNtnCTqIokIZhkkZXeQdQehWUN3oWEVqrmY%2BmovBQl69azTR%2BxZzGBecqOCv6MFuX%2Fld2%2Bvxr8I7BIXQPgUtLC"}]}
x-varnish: 467108935
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a4782fc852d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 owl.carousel.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/libs/ 43 KB
11 KB 26ms
25ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/owl.carousel.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029

Request headers

:path: /includes/assets/online/geral/js/libs/owl.carousel.min.js
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522405
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa972660000d6e522ba3000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-ad3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gcKlbzhkZIxq5Ru1NzuuHFEVKmVw7n1AgnG1Hm0kzO0%2FD6deOc7NTq2HjsvWzMBY9DVduGr7RakTOftIRJ9Qe4BDZ%2FYwPfU69%2BId4YgpGha7B5jNwK73tNbj%2FQPl"}]}
x-varnish: 782305035 780640274
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a47830a9aed6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 main.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/ 8 KB
3 KB 14ms
14ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/main.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e7822c35cdcf0e2ac5552f0ca767aed13b2cbf54d914ad8233c6b524ea85af

Request headers

:path: /includes/assets/online/geral/js/main.min.js
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa973200000d6e59997d000000001
last-modified: Fri, 26 Feb 2021 14:37:07 GMT
server: cloudflare
etag: W/"60390793-21b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a6aWcSne%2FjHdUoFu5CD9ilg0qNwBN5yWQ4%2BsnzeiT7w5S2fX4RAwnDfRWTUN%2FRcKes8zIRcRO%2F7zK80WfZX31sl5cGPnF06WQY5fmnDStWEzIukpDt1xcp386qUb"}]}
x-varnish: 1019873278 1009977428
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a47831cb96d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 home.min.js Show response
www.opovo.com.br/includes/assets/online/home/js/ 2 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/home/js/home.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818ec7e02e904eab6a9638557e17c3df7a981788dea3378baec71818df4aaf66

Request headers

:path: /includes/assets/online/home/js/home.min.js
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa973330000d6e5183d0000000001
last-modified: Wed, 07 Oct 2020 13:19:57 GMT
server: cloudflare
etag: W/"5f7dc07d-69e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d5yNsfZuzDn6ra%2B0V05DGv1GZZX77E8XRZEZUEc6C3zRPFV0ysvSa9bSqa6mziGW6dMBortAm43GFqP4%2B6TmM2qec1bv4OJ4PeQI9EGdg3uzbfDLCKdBCQFY0lUr"}]}
x-varnish: 1019708785 1020625469
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a47831ebbad6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 check.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 127 B
846 B 14ms
13ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/check.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f58395f1404bd66a6685d12bf19baf7d6f340ad331b3388f5bf6f0cc463db7

Request headers

:path: /includes/assets/online/geral/js/plugins/check.js
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522366
cf-polished: origSize=159
content-type: application/javascript; charset=utf-8
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa9733e0000d6e58c80c000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: W/"5d16257b-9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fWeECml1juuDvOW%2BPX6Mj%2BbHpTOtIKxuf9%2BkBeyJ%2BiZU3wSHE99NUb4yIq49oZrEgf8t87H2BXgjzY3QOw8GRjqFdT678WqQVOwWcEBHcvvwE8Ts0RKjR0Cogeez"}]}
x-varnish: 781223022
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a47831fbd9d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
cf-bgj: minify

GET
H3-29 200 web-push-notification.min.js Show response
www.opovo.com.br/includes/assets/online/geral/js/plugins/ 2 KB
2 KB 67ms
39ms Script
application/javascript 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/js/plugins/web-push-notification.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfc998b6b2333e071601dbff62e890651f439e66179d3eb000241eefb17d85c

Request headers

:path: /includes/assets/online/geral/js/plugins/web-push-notification.min.js
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: application/javascript; charset=utf-8
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa973830000d6e524952000000001
last-modified: Mon, 08 Jul 2019 13:38:17 GMT
server: cloudflare
etag: W/"5d234749-8bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wzpB%2FmIrNGn29SIVUpQ7jBBf%2Bg5u8pCYdzuCZyNFJUQDkRYpsfStJnRxECIbBlb5MDzFoV4v4bb6ClOnEfpVboqXdNPUufET1Utn2cHWKFgi%2FZMVtCE3HEGqN54M"}]}
x-varnish: 1019873283 1011025592
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 64a478326c94d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 1037ms
889ms Script
application/javascript 143.204.101.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54f93e9c10e60babfaaa671b990efaf804977c25a6de037d725376a240126d3d

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kcnXPsDERBBih5wkmjjg45SZOibEm2zo
content-encoding: gzip
last-modified: Tue, 01 Dec 2020 13:23:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"098e519f228be66f4ce201f3e941f897"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
x-amz-cf-id: 9-LTjoipBFjYqwf0Gk2O3sjCLzU-01xiYbovopsha1c9D0GF054BVQ==

GET
H2 200 rdstation-forms.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/ 178 KB
48 KB 302ms
106ms Script
application/javascript 143.204.101.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23addc956464503578d051fa820a2c4529f2291dca055b2d62b054bb81cf8f88

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 14:02:46 GMT
content-encoding: gzip
last-modified: Fri, 16 Apr 2021 14:02:28 GMT
server: AmazonS3
age: 1578279
etag: "7889178e61b8b03e10382e87fab9e3fc"
x-cache: Hit from cloudfront
x-amz-version-id: 8CuM2JQKANE3Qpwom.AL839TzNihCz7P
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: max-age=315360000, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 48643
x-amz-cf-id: 6xWrO-56iQDiZkvuISnVmsWnZNpn3fZtH9XclzUASEgDW_z803Fl7A==

GET
H2 200 ws-TWHDNHFV.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
934 B 518ms
141ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cb7ef62603ce68e806e9f3f9fd2312c388263059871b9d0e690231ebf4256e07

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: gzip
last-modified: Wed, 31 Oct 2018 17:31:20 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"cca06fd081c7423a71325d0ea0324fb7"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 / Show response
c.jsuol.com.br/assets/ 142 KB
49 KB 84ms
20ms Script
text/javascript 2606:4700::6811:4edd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:4edd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a07afa251885987480611f7a5f76c48949eb6556122ccffc2c6de6cb558707

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1005132
content-length: 49477
cf-request-id: 09daa973cf00004aafab25c000000001
last-modified: Fri, 23 Apr 2021 05:15:11 GMT
server: cloudflare
etag: "aec28d28f5b18ad6af40f8ca9f9de17a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=epN64BBMT8WZ9U42q2UNvkmJgTyEgQ03GimZ%2FUWwigdNPLD2RtFBUgHKDeMbWimx8cnePtrha4k6Z9uC1sAb6nHyourZe%2Bo%2ButdqrltzSX47yQx7VBBejorcUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-transform, max-age=31536000, stale-while-revalidate=60, stale-if-error=3600, must-revalidate, proxy-revalidate, no-transform
accept-ranges: bytes
cf-ray: 64a47832de0f4aaf-FRA
x-cache-tag: c38766817d0dd77dec7da1658dd4336a
expires: Sat, 23 Apr 2022 05:15:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23310373-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 492
date: Tue, 04 May 2021 20:19:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 22:19:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 205ms
69ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

6466818a1505783b420e86b900c218c00a212144c68c5fd9461effd2a3b0673a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "862 / 159 of 1000 / last-modified: 1620151652"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21164
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:23 GMT

GET
H3-29 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ 300 KB
106 KB 80ms
74ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:23 GMT

GET
H3-29 200 sprite.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 25 KB
25 KB 159ms
121ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/sprite.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dd8c3796600c28cb55f80e3b365e818144fc506624f1825538091e7eab9f15a

Request headers

:path: /includes/assets/online/geral/imgs/sprite.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522405
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25133
cf-request-id: 09daa973c30000d6e53c86e000000001
last-modified: Mon, 15 Feb 2021 17:06:17 GMT
server: cloudflare
etag: "602aaa09-622d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X3LqdgJJFGRnQsPefUP0IwY0vlzsmek6E7ikYRgJA1a5%2FijL9uCSTKCcQh3X5A0vQjImQnYizxaRnn2rRIHZXdyb8kSbY5BjmaWc%2BaK%2FxZWM0xVFzkbQJx%2Fmx5dh"}]}
x-varnish: 781484461
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832dd8dd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-italic.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 35 KB
36 KB 128ms
104ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-italic.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d48f5f637187fe83bff6165783efb3dac15cb3d10ba166d92f37312dba9a4ad7

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
:path: /includes/assets/online/geral/css/fonts/oswald-italic.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522402
content-type: font/woff
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36200
cf-request-id: 09daa973be0000d6e514b50000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-8d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FHAvKXzg8WLQsDGmsgH3paNxsM7S6zATnEml8BapTkFx5itpDoTwsMbS8KweaIWgl6tbL3MazHrzU4Ivfs77LyJxxaD9NkGq4huhtTBu7xmWpXHz0xY8lse5KuvW"}]}
x-varnish: 780602414
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad73d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 o-povo-online.png
www.opovo.com.br/includes/assets/online/geral/imgs/ 6 KB
7 KB 149ms
123ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/o-povo-online.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713

Request headers

:path: /includes/assets/online/geral/imgs/o-povo-online.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 522405
content-type: image/png
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6467
cf-request-id: 09daa973c30000d6e56006d000000001
last-modified: Fri, 28 Jun 2019 14:34:35 GMT
server: cloudflare
etag: "5d16257b-1943"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CTJEAB6tTI%2BTbvONfFMDvZezTN14WHZBh8Jl4qwVFIDmOjsyu7ZnX5UkstU%2BQte6L6VS%2FQXQXzJmGQdrDKXkZnLukuzwDpfDZc5BQyIIZEfm9c3oW4OziWgCwcD0"}]}
x-varnish: 780602420
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832dd8fd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 opmais-menu.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 149ms
124ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/opmais-menu.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c357602ca06d0f50246880e2594b175c3ac470110ed13ea8336e149d78e2de

Request headers

:path: /includes/assets/online/geral/imgs/opmais-menu.svg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408292
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa973c40000d6e53dbbd000000001
last-modified: Wed, 14 Apr 2021 20:47:46 GMT
server: cloudflare
etag: W/"607754f2-946"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rYieVmRLHfEtH4LjSVB5reQx%2FPW%2FxvnIyMkvzjS8hS6SE7Qg8Xxf6t%2FXxLXGncAsKKX%2B8PFpBtdrqX6URgdGS%2Fv4JtdrQK5ETe%2BbJBIEGwKI5BSq%2FQYlbdUVGu2Q"}]}
x-varnish: 998180690
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64a47832dd90d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-regular.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 27 KB
28 KB 137ms
113ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-regular.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e43467ea5d461a0509fc8b4f4fc544fc0fe66d4caaa9004b830a2c589466601a

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
:path: /includes/assets/online/geral/css/fonts/oswald-regular.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: font/woff
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27752
cf-request-id: 09daa973c30000d6e5143d3000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-6c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hMsTM2DzXAUoH4rsB9ijKElLWYHdbcGzk%2BlSjnNOPwj28kxkdblQahfQdyUfLoU5DE3r97MjHeuQDuR50mnWn4C257uSLQZkUmWflE803DELCRh9mo7hyvv7%2BDFm"}]}
x-varnish: 1019708812 1009419938
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad77d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 oswald-light.woff
www.opovo.com.br/includes/assets/online/geral/css/fonts/ 27 KB
27 KB 137ms
114ms Font
font/woff 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/includes/assets/online/geral/css/fonts/oswald-light.woff
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69de99231158e36ac4ce5d52a93af7a1574a4f79a8fd79b0d21b49d85105c3a6

Request headers

sec-fetch-mode: cors
origin: https://www.opovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
:path: /includes/assets/online/geral/css/fonts/oswald-light.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.opovo.com.br
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:23 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: font/woff
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27212
cf-request-id: 09daa973c10000d6e53f950000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-6a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F09IvVhflNgI697%2FG07vDodkntUrMzPY3uCg6GuAflLLpQ2k9m2VVrzU5gHve5HHiAGB3prWhRZ3StMQGBMXH0NB5XkhYTgxw9rwjHuoMsgVjHfl4HHkdKXDcaMu"}]}
x-varnish: 1020756643 1011025598
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a47832ad7bd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
799 B 140ms
43ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
11ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 185 KB
37 KB 900ms
895ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2384100502353646&correlator=721695883302083&output=ldjh&impl=fifs&eid=31060853%2C31060493%2C31060795&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210504&iu_parts=10216148%2C29%2Cbillboard_home%2Cbanner_bottom_desktop%2C2124%2C28%2C24%2C25%2C20%2Cteste_digitalpremium%2Cselo_jornal_home%2C30%2Cout_homeportal%2Clb_portal_home%2Cbg_home_noticias%2Cbg_home_jornal%2Cbg_home_esportes%2Cbg_home_divirtase%2Cst_portal_assine%2Cvi1_imoveis_home_populares%2Cvi2_imoveis_home_populares%2Cvi3_imoveis_home_populares%2Cvi1_veiculos_home_populares%2Cvi2_veiculos_home_populares%2Cvi3_veiculos_home_populares%2Cbe_portal_home&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F9%2C%2F0%2F18%2C%2F0%2F19%2C%2F0%2F20%2C%2F0%2F21%2C%2F0%2F22%2C%2F0%2F23%2C%2F0%2F24%2C%2F0%2F25&prev_iu_szs=300x250%7C336x280%2C970x250%2C468x60%2C300x250%7C336x280%2C300x60%2C300x60%2C300x60%2C970x90%7C728x90%7C970x150%7C728x300%7C970x250%2C1190x250%2C300x60%2C1x1%2C680x540%2C1x1%2C1750x720%2C1750x720%2C1750x720%2C1750x720%2C1190x250%2C290x300%2C260x280%2C260x280%2C260x280%2C260x280%2C260x280%2C260x280%2C1x1&ists=40961&cust_params=t%3D8&cookie_enabled=1&bc=31&abxe=1&lmt=1620158291&dt=1620160044070&dlt=1620160043255&idt=586&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C205%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C192%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4119730198%2C3278770389%2C765604454%2C894174196%2C2321965323%2C1611662773%2C318812021%2C2678070680%2C2257760347%2C2022424191%2C671498278%2C1008266836%2C4034438472%2C2530977655%2C1404135940%2C1363791537%2C567913026%2C1572472801%2C3121468511%2C2792545042%2C736315307%2C233207977%2C3653363857%2C557447621%2C3288225154%2C1754881613&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm%7Cn%7Co%7Cp%7Cq&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.opovo.com.br%2F&ref=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1190x150%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1190x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=621751297.1620160044&ga_sid=1620160044&ga_hid=1646577030&ga_fc=false&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3188467cd2367f474f460d4a823ec1be3a7175332e0f416c905c84eb14fa482a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37612
x-xss-protection: 0
google-lineitem-id: -1,-1,5675760410,-1,5395992609,5683055452,-2,-1,-2,-2,-2,-2,-2,5637487867,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138347374947,-1,138337188415,138348381137,-2,-1,-2,-2,-2,-2,-2,138342517027,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 73ms
15ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 logo-opmais-col.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 2 KB
2 KB 13ms
12ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/logo-opmais-col.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e25ce31806de1eee3a851d1bc47e269def862c12fc7a6150f08c579f86f71014

Request headers

:path: /includes/assets/online/geral/imgs/logo-opmais-col.svg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa975600000d6e571932000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-954"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ppy4GkVAw58dj7uTplxQ7zaNFkWPatD1f2RNDiEQN2r6iw1MByGcRDRfZqiPM%2BBVPscPoja3FeZEiQUwKI%2FpQlMcLgBmbeLh1K7inDl5wYkffoYH3TugxkJDpP6H"}]}
x-varnish: 1011256411 1015515584
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64a478356a25d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 chave.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 1 KB
1 KB 21ms
20ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/chave.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a45590a3bf9f39d72dd53301f9897396f2dfb19dc1d38f0beabc965c8351a2b

Request headers

:path: /includes/assets/online/geral/imgs/chave.svg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa975600000d6e518b8d000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-59b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NYGQwF1MWQhTSbirTEykb67YLI%2Bs%2BqNYH9DkKkH9CZdTX3y7Zfi%2BQDSQDiaK7HRnt84zO4tFuuudvHoFPNYBpO14tTI76WHpLFbmz9kbXv09C74ePpWaDZ7EsIi0"}]}
x-varnish: 1011256413 1006701164
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64a478356a27d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 cadeado-cta.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 510 B
1006 B 18ms
18ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/cadeado-cta.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b4692dfccb38aa3b791b809c6475ccf144079687c9d9569849b93af6d03c89

Request headers

:path: /includes/assets/online/geral/imgs/cadeado-cta.svg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa975600000d6e56912c000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-1fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=638U66omtInOxUFb%2BVSCPfZ1P20SikjJZFzxaU1iA65Lpttwkp4wUEfPuDobU9g7LHsSsLUG0yitYzhoLiueG0PQWmViAlTETFyoCrqcjlbowDQ7md%2FijagtnSpA"}]}
x-varnish: 1020756647 1020625502
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64a478356a28d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 chave.svg
www.opovo.com.br/imagens/ 1 KB
1 KB 18ms
18ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/imagens/chave.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7323a82847be2df6a9510ec0ddcedebeb02b019f5ee092cd2da501ee094ad02c

Request headers

:path: /imagens/chave.svg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399853
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa975620000d6e57d9be000000001
last-modified: Wed, 17 Jul 2019 18:55:05 GMT
server: cloudflare
etag: W/"5d2f6f09-59b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SR5r7r7OaBNeBsKFL0q%2B%2FbJ%2BZ1YvFjvOAvqsMR7mtJaOrclJoCeMkHnCl6BnqUik2VZsoRv6co5ZBBA9zzwWWrMp2BBI%2B%2BgZ3SqbjzBLx8rBUuWJMnIVLhP0zVoz"}]}
x-varnish: 1020756645 1016299729
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64a478356a2dd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 32 KB
32 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT%20Serif:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.opovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 10:30:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:03 GMT
server: sffe
age: 467841
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
expires: Fri, 29 Apr 2022 10:30:03 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T6KFSVV&t=gtag_UA_23310373_1&cid=621751297.1620160044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6fd22715803d3e6eed2486837762e6fbdc4c7a87c6ed75cedd6e35086fd56e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34842
x-xss-protection: 0
last-modified: Tue, 04 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 20:27:24 GMT

GET
H2 200 nobetaads&id=opovo.inter Show response
api.nobeta.com.br/ 35 KB
12 KB 274ms
203ms Script
application/javascript 35.244.156.216
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBWHQHX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.156.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.156.244.35.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1b2fc79536c8ab2f98419ead1cc323c8945371c6e5019ed79f593e877d48a8ab

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 16:39:25 GMT
server: Apache/2.4.29 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=604800
alt-svc: clear
content-length: 12488

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: DmjERfGSB2xAjkytEFvQPIPkCCG6hwE39Ozs+WRgWpniDRYzEBMaRXHOTmgpAe0O8vtQ7cGC26LSvQIb2Mt1+g==
x-fb-trip-id: 2052514463
x-frame-options: DENY
date: Tue, 04 May 2021 20:27:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 carta-portal-newsletter.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 4 KB
2 KB 27ms
26ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/carta-portal-newsletter.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18441c7811abba1194a8130a3ec786d24b4a9d8ae6e8486147e47856b5ca0d1

Request headers

:path: /includes/assets/online/geral/imgs/carta-portal-newsletter.svg
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042; _ga=GA1.3.621751297.1620160044; _gid=GA1.3.1093161599.1620160044
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399852
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa976010000d6e5999b8000000001
last-modified: Wed, 14 Apr 2021 20:47:45 GMT
server: cloudflare
etag: W/"607754f1-e6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SolLvD%2BWTxWedaYfPms%2BB2Kw507uB7%2F75SgnWl8EEy8VMm%2FHBe7DY9DHD1KzjWToOwvOQhF4hLeC%2FGnr2Nsig%2FtH8FwOVKARaVpxAcg%2BMWn1MOZcPpqHCpE6JkTC"}]}
x-varnish: 1020756652 1015515593
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
cf-ray: 64a478365bf4d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 ceara.png
www.opovo.com.br/includes/assets/online/esportes/imgs/ 4 KB
5 KB 35ms
34ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/esportes/imgs/ceara.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc27093a7206bc10971963a8ce40453a4f0c6a01754559009c6f00cb3498d65

Request headers

:path: /includes/assets/online/esportes/imgs/ceara.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042; _ga=GA1.3.621751297.1620160044; _gid=GA1.3.1093161599.1620160044
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408121
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4600
cf-request-id: 09daa975fe0000d6e524979000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-11f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XQbpk6zGCyBkogyaUUwowQzfg6L3BpVCNQ6Asm6Qj8Fk%2BKENlE4tvKH59W%2BtBvQDR%2Bs3T8%2FzGdy89tOOvfobbXzVe9TVE%2B6BY8jKQknmXjYypPt2F3R%2Flgjn9hEe"}]}
x-varnish: 999067033
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a478365bf5d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 fortaleza.png
www.opovo.com.br/includes/assets/online/esportes/imgs/ 5 KB
6 KB 15ms
15ms Image
image/png 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/esportes/imgs/fortaleza.png
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/home/css/home.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bba4ee8766e7683a421df6e1c097c303b940d05b3f8139a01bc0ec910d9b6c8

Request headers

:path: /includes/assets/online/esportes/imgs/fortaleza.png
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042; _ga=GA1.3.621751297.1620160044; _gid=GA1.3.1093161599.1620160044
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/home/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 408121
content-type: image/png
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5293
cf-request-id: 09daa975fc0000d6e52ba15000000001
last-modified: Fri, 28 Jun 2019 14:34:34 GMT
server: cloudflare
etag: "5d16257a-14ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GrxRcyvv1Z1tbhm3sxXafdl9WWk7Y0%2Fr%2BqMoypitm4CDT69aWOMvYJCtnqoSL%2FNCPRNTOsrn6CVzoFmtgXOXmDQgHeJNs6W1pgI9q%2B3xMyxwweWvYDX%2BeKcVHHq1"}]}
x-varnish: 998180779
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
accept-ranges: bytes
cf-ray: 64a478365bf8d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 top_esportes.json Show response
www.opovo.com.br/_files/json/ 4 KB
2 KB 18ms
18ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/top_esportes.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a846d9c8e2e6e645f238561d9bec1094fb203dac7201f4849202234f3c50824b

Request headers

:path: /_files/json/top_esportes.json
pragma: no-cache
cookie: __cfduid=d67a3de5966ee348fd4abaa417ecdbb111620160042; _ga=GA1.3.621751297.1620160044; _gid=GA1.3.1093161599.1620160044
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 638
content-type: application/json
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa9760d0000d6e518b98000000001
last-modified: Tue, 04 May 2021 19:38:20 GMT
server: cloudflare
etag: W/"6091a2ac-e96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QGkIbS2MrFbMdiaU8RS9qcb9XcUAZlYdJXIOD4PzqXdfumt6QKh9CHJ%2BEbdA%2FEv5GRrTwkQ7Mzquvd5S0F9PC672%2B%2Bf9ej%2B0vb7H0VnX5GKiiHiUB1tdiB7AC8yT"}]}
x-varnish: 299369686 296845876
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 64a478367c2bd6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 200307651652585 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/200307651652585?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67f308c82c94beab0f19774ad46800bf75374459d800718fc2684c3fedd5a639

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: OWsL6+/L4s78I3zhXlpsdyALM3xA2vRxmiyQD94mecWjvBerqp6k0UVdxtTQ1IlwYZFeuBScYsvuzwWk6fTKKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 04 May 2021 20:27:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 177ms
56ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 70550
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1620160045.782845,VS0,VE0
x-served-by: cache-hhn11561-HHN

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
88 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1646577030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAUADQAAAAC~&jid=1222277900&gjid=469173683&cid=621751297.1620160044&tid=UA-23310373-1&_gid=1093161599.1620160044&_r=1&gtm=2ou4l3&z=1711704153

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 opovo_online.svg
www.opovo.com.br/includes/assets/online/geral/imgs/ 7 KB
3 KB 14ms
13ms Image
image/svg+xml 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.opovo.com.br/includes/assets/online/geral/imgs/opovo_online.svg
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e7384be3ec1e42038e5e414d62684acee8a12c0be98fd8b4ccb480d20c9435

Request headers

:path: /includes/assets/online/geral/imgs/opovo_online.svg
pragma: no-cache
cookie: _gat_gtag_UA_23310373_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.opovo.com.br/includes/assets/online/geral/css/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 399561
content-type: image/svg+xml
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa976850000175e430ec000000001
last-modified: Wed, 14 Apr 2021 20:47:46 GMT
server: cloudflare
etag: W/"607754f2-1d7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SsLF2HMF8wmlWJmiQU2UR1FgUHcZf5mIpWF5GgoN9xLclelNvJU1iAzOx7HFLzdghKmZMjwnzUDBNI%2BH2jrC%2FG0eYoX4rphS%2FzQxkHjmB20WB8rzhqdp%2F87Ah3DO"}],"max_age":604800,"group":"cf-nel"}
x-varnish: 1021051937
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=604800
set-cookie: __cfduid=de28bfae5bd84e58e84796ad88523405f1620160044; expires=Thu, 03-Jun-21 20:27:24 GMT; path=/; domain=.opovo.com.br; HttpOnly; SameSite=Lax; Secure
cf-ray: 64a478373f6d175e-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1646577030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAUADQAAAAC~&jid=340006009&gjid=415600940&cid=621751297.1620160044&tid=UA-23310373-1&_gid=510170479.1620160045&_r=1&gtm=2wg4l3WBWHQHX&z=1386822222

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 404 destaque_home.json Show response
www.opovo.com.br/_files/json/ 145 B
719 B 694ms
693ms XHR
text/html 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/destaque_home.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _gat_gtag_UA_23310373_1=1; _ga=GA1.3.621751297.1620160044; _gid=GA1.3.510170479.1620160045; _gat_UA-23310373-1=1; __cfduid=de28bfae5bd84e58e84796ad88523405f1620160044
:path: /_files/json/destaque_home.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 64a478377e01d6e5-FRA
x-ua-device: desktop
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa976a80000d6e5858d1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rDP43XGRkw1uKtq7dY3by9cClsxx75fofNfxnyx7Z4fv6kXuNGw5aQuAKf44SF4Qez8qrU7d%2BVBYQ%2FQTId1%2FDKzDtRUdQWU%2BMLdsZmVAxHj586tx%2BGlFiKYr1x4F"}]}
x-varnish: 300450202
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html; charset=utf-8
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 top_home.json Show response
www.opovo.com.br/_files/json/ 4 KB
2 KB 21ms
20ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/top_home.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23234f60101e00490626137119a280eff24a365649ed87e2784488414a65d79

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _gat_gtag_UA_23310373_1=1; _ga=GA1.3.621751297.1620160044; _gid=GA1.3.510170479.1620160045; _gat_UA-23310373-1=1; __cfduid=de28bfae5bd84e58e84796ad88523405f1620160044
:path: /_files/json/top_home.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 218
content-type: application/json
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa976ab0000d6e56d8eb000000001
last-modified: Tue, 04 May 2021 19:38:32 GMT
server: cloudflare
etag: W/"6091a2b8-e41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cxP0tNSlmewiiodbSaK66MuA38TXYCfilFoyV1i%2Fva9yFrnONHEU6DjhkkSWou9izP750Q5rkPVdvZ6BwIyRlu6lNOYnoMs0bmnEqWMhZEW8sFoa8Imdgs8wwu03"}]}
x-varnish: 301434074 296749621
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 64a478377e03d6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H3-29 200 trend_topics.json Show response
www.opovo.com.br/_files/json/ 10 KB
4 KB 23ms
22ms XHR
application/json 2606:4700:3033::6815:3a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.opovo.com.br/_files/json/trend_topics.json
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/includes/assets/online/geral/js/libs/jquery-1.12.4.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3a6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d3f4d2480c0520be654d8cc29cbe5f6475fb522211dbb298c2004fe385984d

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _gat_gtag_UA_23310373_1=1; _ga=GA1.3.621751297.1620160044; _gid=GA1.3.510170479.1620160045; _gat_UA-23310373-1=1; __cfduid=de28bfae5bd84e58e84796ad88523405f1620160044
:path: /_files/json/trend_topics.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.opovo.com.br
referer: https://www.opovo.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.opovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 218
content-type: application/json
x-ua-device: mobile
access-control-allow-methods: GET, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09daa976bb0000d6e53b115000000001
last-modified: Tue, 04 May 2021 19:38:35 GMT
server: cloudflare
etag: W/"6091a2bb-2614"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0w1A0pog%2B4CX0hgf4h6fChNlQtZwjYO9bOloSfloMqDJQ0imkDFAc4dEL19HnmkXvJG7iYQJcSInKJ36QuyfgXiXsR01%2FRsy9tRc9jPSb92F9arPcRRmDFUcTwZE"}]}
x-varnish: 299533280 297044161
access-control-allow-origin: *
cache-control: public, max-age=120, s-maxage=1800
cf-ray: 64a478379e3ad6e5-FRA
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 hotjar-199973.js Show response
static.hotjar.com/c/ 3 KB
2 KB 90ms
88ms Script
application/javascript 65.9.84.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-199973.js?sv=6

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ee0ed58b2ab0774651fd0e8c308f69fc0ae0be985f49d154797eb8ce0b92e25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 23
etag: W/c2a5f87a8bbdbf9478a7a43534a31e41
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: AMS1-C1
content-length: 1539
via: 1.1 362b298821815168614ba932732916eb.cloudfront.net (CloudFront)
x-amz-cf-id: icsr6WNJ2MWAlJf3nmcjQaKtaLYFJJ1FlhhN6xP7jrNXgHj87U4XKA==

GET
H2 200 escolha-de-newsletter-5b7e7a60e997e46fe455-html Show response
forms.rdstation.com.br/ 39 KB
39 KB 499ms
155ms XHR
text/html 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.rdstation.com.br/escolha-de-newsletter-5b7e7a60e997e46fe455-html
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 52ecb1bb746a09526edf118c79dd612045a3e411317ec429a3ad440475f79101

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
content-length: 39755
content-type: text/html

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 3 KB
2 KB 1567ms
1138ms Script
application/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=TWHDNHFV&h=https%3A%2F%2Fwww.opovo.com.br%2F&t=1620160044731
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 8e8afe0ceac8fec9857dd9b4bfa736e167bd6a158862b1eefb3a2fbe0492dcc3

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 175ms
56ms Script
application/javascript 65.9.84.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:18:23 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 542
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: tCDFHjN_Emo6Il_mgvukxRYVIuBiyo62OWwTHyRaa_VUPEJt0E_pFQ==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 12ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-TWHDNHFV.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 11 May 2021 20:27:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=1222277900&gjid=469173683&_gid=1093161599.1620160044&_u=aChAAUACQAAAAC~&z=1231684660

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 20:27:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=340006009&gjid=415600940&_gid=510170479.1620160045&_u=aChAAUADQAAAAC~&z=519072293

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 20:27:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.jsonp Show response
geoip.canais.uol.com/ 41 B
420 B 1219ms
672ms Script
application/javascript 65.9.84.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
Requested by: Host: c.jsuol.com.br
URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.1 /
Resource Hash: 6c33bea5185265807c9def724621a20117aec28c4b1ab1543197513ffd55de9d

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
server: nginx/1.10.1
x-amz-cf-pop: AMS1-C1
vary: Accept-Encoding
x-forwarded-for: 31.13.191.137
content-type: application/javascript; charset=UTF-8
via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-cache: Miss from cloudfront
x-amz-cf-id: 64hcVa6VuBI1ZxQsazLfmo0O3i6xXqWPv32ghv6vdrpX_TA4oYyiBg==
expires: Tue, 04 May 2021 21:27:25 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=1222277900&_u=aChAAUACQAAAAC~&z=842137025

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=1222277900&_u=aChAAUACQAAAAC~&z=842137025

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=340006009&_u=aChAAUADQAAAAC~&z=2045604863

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=340006009&_u=aChAAUADQAAAAC~&z=2045604863

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200307651652585&ev=PageView&dl=https%3A%2F%2Fwww.opovo.com.br%2F&rl=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&if=false&ts=1620160044890&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1620160044888.1812027848&it=1620160044627&coo=false&exp=l1&rqm=GET

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 04 May 2021 20:27:24 GMT

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
427 B 86ms
35ms Script
application/javascript 2600:9000:2104:6000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:6000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 12:32:56 GMT
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
age: 28468
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 6-puM1RUJAq6LpdeyjH_svoMCc44Mt5GpLj1lHZQ_-vcihO1pZcniA==

GET
H2 200 modules.7225c79fe4e29708c611.js Show response
script.hotjar.com/ 219 KB
58 KB 67ms
67ms Script
application/javascript 65.9.84.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7225c79fe4e29708c611.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-199973.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 11:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33017
x-cache: Hit from cloudfront
content-length: 59087
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 11:17:02 GMT
etag: "5a825663eb0181940c9c8432508f6197"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
cache-control: max-age=30758400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SkK5AnDVk6qVOC_9SyO2v6OJmkcJ-u8aCoP-Q2C2JFSN4rxaTDjv4w==

GET
H2 200 prebid4.17.0.js Show response
s0.2mdn.net/dfp/517466/4406976690/1606854627803/ Frame EABD 222 KB
72 KB 35ms
12ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e6a8af98d6fbff175f0a9521f1f9c92a045df3040dff49955b8a7ab6705806b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44544
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72927
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 20:30:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 05 May 2021 08:05:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame EABD 61 KB
21 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e85c70b5ea5fbeaef353f560aef187cf27ae5be19b9f8c6008365c958fe27b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "862 / 705 of 1000 / last-modified: 1620151652"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21164
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:24 GMT

GET
H2 200 tm38259.js Show response
tag.navdmp.com/ Frame EABD 13 KB
4 KB 20ms
18ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm38259.js
Requested by: Host: api.nobeta.com.br
URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11cf5c1245d3c47555619c67ceb9ae543a7e8c56346e007147e1671652abbedc

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1452
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 09daa9777400004e2600852000000001
last-modified: Tue, 30 Apr 2019 20:21:02 GMT
server: cloudflare
etag: W/"5cc8ae2e-32bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 64a47838bd784e26-FRA
expires: Tue, 04 May 2021 21:03:12 GMT

GET
H2 200 adsct
t.co/i/ 43 B
458 B 273ms
159ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3wvj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.opovo.com.br%2F

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 04 May 2021 20:27:25 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3b5b7ce10c2ca55a9da4e789ff5fd5d7816c56593e54e828642bbc57a292f5ac
x-transaction: 752c5342bedd2826
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1620160044923&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%...
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620160044923&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F...

64 B
330 B

64ms
64ms

Image
image/gif

65.9.84.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620160044923&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: QFiJnuvZ1L13rRFubZEiq4DN39nXuHMwx4i8TTy44aOrMZ6hdQGY6Q==

Redirect headers

date: Tue, 04 May 2021 20:27:24 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1620160044923&ns_c=UTF-8&cv=3.5&c8=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F
content-length: 288
x-amz-cf-id: H5nFjIChgh59AzkJI2ksO3eMwZw-5PKft9AXAS5D4Zvi15hn4yqbPg==

GET
H2 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EABD 300 KB
106 KB 69ms
68ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:24 GMT

GET
DATA 200
OK truncated
/ Frame EABD 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b41b48a3d15971ea519172e34c9119773e1ae2cd958aedd72ae3562a3a2c62d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame EABD 1 KB
2 KB 58ms
57ms Script
application/javascript 65.9.84.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:18:23 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 542
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: P6tf1e0yhCG79gAkAO8gRJE7u29MZ3G-2aPGnf040W3SYNzaMr3VGQ==

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame BD6F 1 KB
1 KB 57ms
57ms Document
text/html 65.9.84.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-199973.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: x-D80-siCAMN8RNUapV7XTeoCvL8HgoDgZIZxGM1vZfXMdGladtplQ==
age: 3039412

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 58ms
56ms Script
application/javascript 143.204.101.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
age: 68256
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date: Tue, 04 May 2021 01:29:49 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mqWiwZuvT2KEGHzuA4_d6t6xMwavxZEp9n8RM13z26s3ARza3Odghw==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 57ms
56ms Script
application/javascript 143.204.101.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e1d05b67320d633e28903abf74d8d6d447bb482ca6cf25e8b75c011bba11191

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fvUeuGFBK7nhwvE_ycf2sTAfAQff3DpI
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 17:57:29 GMT
server: AmazonS3
age: 27321
etag: W/"79eba5359f199f99d84acbac958db7bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date: Tue, 04 May 2021 12:52:05 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rfHNkIBkKKeOSc3T9-qCvnIMq0xgtPue2gxqFDtgchtjI8IFtdEj_Q==

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame EABD 0
178 B 434ms
143ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.opovo.com.br
date: Tue, 04 May 2021 20:27:25 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EABD 142 B
1 KB 234ms
85ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9a14b08d44f5bca7a8950fd62dca97fabc5d6306f53e248dff4c73dc78e5db3e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:25 GMT
X-Proxy-Origin: 31.13.191.137; 31.13.191.137; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: a6293049-58a9-4c59-a85e-79c66e7b146c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.opovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EABD 0
146 B 209ms
60ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.17.0&cb=22990337713
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.opovo.com.br
date: Tue, 04 May 2021 20:27:24 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 501 ADTECH;v=2;cmd=bid;cors=yes;alias=99d96bf907b399;misc=1620160045014; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11471.1/5252473/0/0/ Frame EABD 0
193 B 388ms
363ms XHR
text/plain 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11471.1/5252473/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=99d96bf907b399;misc=1620160045014;
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 pixel;r=486573039;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.opovo.com.br%2F;ref=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F;uht=2;fpan=1;fpa=P0-1995863382-1620160045050;pbcn=u;pbc=;ns=0;ce=1;qjs...
pixel.quantserve.com/ 35 B
370 B 13ms
13ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=486573039;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.opovo.com.br%2F;ref=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F;uht=2;fpan=1;fpa=P0-1995863382-1620160045050;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=opovo.com.br;je=0;sr=1600x1200x24;dst=1;et=1620160045050;tzo=-120;ogl=locale.pt_BR%2Ctitle.%2Cdescription.%2Ctype.article%2Cimage%3Atype.image%2Fjpeg%2Cimage%3Awidth.150%2Cimage%3Aheight.206%2Cimage.https%3A%2F%2Fwww%252Eopovo%252Ecom%252Ebr%2Fincludes%2Fassets%2Fonline%2Fgeral%2Fimgs%2Fopovo-online-img-og%252Ep%2Curl.https%3A%2F%2Fwww%252Eopovo%252Ecom%252Ebr%2Fhome%2Findex%252Ehtml%2Csite_name.Home

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame EABD 0
337 B 66ms
66ms Image
text/plain 65.9.84.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=28130334&ns__t=1620160045059&ns_c=UTF-8&ns_if=1&cv=3.5&c8=ALERT%20TEMPLATE%20%7C%20NOBETA&c7=https%3A%2F%2Fwww.opovo.com.br%2F&c9=
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: hrgC6bBzuZwm7lkEDR5IQMHei26T2xbLP2MMKPwjWVgkH0PY0pEPwg==
x-cache: Miss from cloudfront

GET
H2 200 container.html Show response
f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 694B 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 04 May 2021 20:27:24 GMT
expires: Wed, 04 May 2022 20:27:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0AAF 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 04 May 2021 20:27:24 GMT
expires: Wed, 04 May 2022 20:27:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DBA 0
0 95ms
93ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWrOvSscCLyAm18xpXINJKQiIWVfLYd5eouQ6m080VsEy-KyQ2W74oJ7ifx-QdRVKPTdRNBqSFbbUawOgdTusXEcn4wDEKXjS1pSMyLWqm6HBZ1wuFRSP2CSgX4alcJ5zDrQGH3tZ68J4rZKkpajWJj0jvK0fVqHGk4PO_SohopDdcJw9nI4tjxtvEebYtxzMAaMWX_-k-P_Tly4pEM62Ysa9xNgcJPc1FrLb6KMKLZXd6VYUBOU_FKmlymfG5myVuVyYhVL4bBMNf8SXhguLGnImxW2sr1wUWO1z0Nt-_q1d-bYZTd6E&sai=AMfl-YQ1IX-AH0oBdHu1lafPcQp9RfP_oOfRmCuz9DUeGG1vD5ZFmIblCBlD7O8wNN4lSPnXRW5Iy6hRR8Rs5Md-w_ry2V4fak6X87atww4gAYvQBUQuCRKVse75vHcWVJ_Q&sig=Cg0ArKJSzD5XbklHkuIeEAE&adurl=

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 6DBA 17 KB
7 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:22:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 6DBA 2 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:25:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DBA 116 KB
35 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 6DBA 0
0 21ms
20ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxg04SIR256djdiL9AAml9ryKp1TFsA6I5E_6Dt8kvmHLJyEV2nm7CNXxEpDK4gZkOl4Bq
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 11050609698760252885
tpc.googlesyndication.com/simgad/ Frame 6DBA 11 KB
11 KB 18ms
17ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11050609698760252885

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b4653897fa212130fb903edef7589c0e0e8fd2e7b89140eca46359c1110bf2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:29:29 GMT
x-content-type-options: nosniff
age: 363476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11118
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 19:04:11 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 15:29:29 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 200 container.html Show response
f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8E4E 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 04 May 2021 20:27:24 GMT
expires: Wed, 04 May 2022 20:27:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BABE 0
0 96ms
93ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvO_BKa5eix2xn6BzfBQF6QcbkAPgJ3MC-uGzEBC8l5Wubjt_Gzp6RU_BYrGgA1JkUwketyLuufmnEf_RlnkA-TRJeuaLDTiBJeBkUVzABcnJmXgH1W4wu70k7wxMkCklyrw-VT1YDgC2GPDCUwEbYXrEeL2-dVB0x5QFVXeJ-PSELP6det5EqS6Is0ChfiCCm1ft7RzyZQMHxcnfkW1H2at8XiZQcYJ7DAsfX4XEnb6jmaPvKVw8i1cC8L-vI3ppkxkOKAhkX9HYMG0pcEVLIW_Lt1x4QJdQ&sai=AMfl-YRoBj4MIo4Sz9fszQyIEfWLjpEsGvMJ44eW4Ak8ytqEfkTHvEdwnJG1UONbvYQHLAaGuEWzHLXS3uQ9UNg1NmccJZFjmWKmIVOx1pXIf9AOWjd4pPCeChGckW0vHTyF&sig=Cg0ArKJSzMBHx-EpyeROEAE&adurl=

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame BABE 17 KB
7 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:22:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame BABE 2 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:25:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BABE 116 KB
35 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame BABE 0
0 16ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlDrEKsIpeycZyEad5EdWQjvA6mLTMnMrlKxaZD1IAYgg9dl9rRh5Lw8XPkjjVXHZ1zGuJ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 14432587810747166405
tpc.googlesyndication.com/simgad/ Frame BABE 10 KB
10 KB 26ms
24ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14432587810747166405

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a376f672c12525ddb21faadbf8f4b31422c99bd44b16c723d018b7ff7e2a5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:14:40 GMT
x-content-type-options: nosniff
age: 454365
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10364
x-xss-protection: 0
last-modified: Wed, 13 Jan 2021 22:14:54 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 14:14:40 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3DB7 0
0 97ms
95ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupvrnBFjg2kUzU6su7FAnTqtaLen7xyPyKNCPGNfHfhP90cwtiSz-9YkQ5OePw6zTDeV5wV-fV7fNhk1u4B2EbdRFJ8ViHyUVuMEeT_TIo_ROSYQjAOpRv08aXuOWmsMs7q09-kuNo5js_d2uG0P2KtZ5cKM4fv75j4EHNHt7teIMHUk6kgcFh0sG1zxoWoD1vdfSoRKRtd211q3rjFTswpdc-jl5k0ACBy_qsCDc9Yv323tiXb-HXRKD_gy21xM2ygKLUJGCcoTodP1wqzwKjdZfXEkVAuA&sai=AMfl-YQeW40Yj1VDU_5BY9uMMUcJy_IW7J9TWeEk_RlqqSotEbicsftCQemE2XrGx6YYmu4jWg-89Bd30LwNeqpduWVCtcJ8jQmpWTj8545XH-dpqr2Vk5-3XqO6Qk8iNvLw&sig=Cg0ArKJSzHaQM_5dWPy0EAE&adurl=

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 3DB7 17 KB
7 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:22:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 3DB7 2 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:25:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DB7 116 KB
35 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3DB7 0
0 24ms
23ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyI-oGNsDPoJu28pwwTWObJSjY79l4NeRhKVatVwpoF9CT7e25j0D7GxdznQe1KncyWS4J
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 11037313757424906374
tpc.googlesyndication.com/simgad/ Frame 3DB7 20 KB
20 KB 21ms
20ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11037313757424906374

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e839ebca59800c075c4a55aa5798a17b648d63ed4072de13e51eb9db8773b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 18:16:08 GMT
x-content-type-options: nosniff
age: 94277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20362
x-xss-protection: 0
last-modified: Mon, 03 May 2021 17:55:20 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 18:16:08 GMT

GET
H3-29 200 container.html Show response
f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 89DE 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 04 May 2021 20:27:24 GMT
expires: Wed, 04 May 2022 20:27:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 747B 0
0 110ms
97ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvoATCQKShKeS6qVuBP0KISURyrYDik7Sedhz_vjqXjMZeFdP5tp_bLqQkgPIoNF9YhpyEUIr1gNRnO5a9c3O_HM0_VTveLMWVJGDqqlJMIFnjg10hM-xPzqML5sk7OIYc4uqZpbCn4uzKytMhvF3EcsEaS1TteKXXwAHO-fc9LKy-uyzNguZHciSkrbigsUWTdljubrgRrPLinZSo_0WYn5K0jb_3Bid2fC0yPZ7l7h9Gl2ovf-ZQ_16TETpszQ3SYHevrmVTlrRXLHNVe6ZsinKE4-7Z-SfSiN2-r_hXRWjLVyw0&sai=AMfl-YRswW669pNp3bxqXjVAsKixKQf2NRcHUhLSOfxz_yjhSLbFD3tZzXLKejkkNwmnUjTWZVJ7SFL3J6-iPzjQ17Hzd762qlClpyQ3K5cCAuBTITHaYjfilBFFn-wbT2ix&sig=Cg0ArKJSzBi0OCpPvoH9EAE&adurl=

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 747B 17 KB
7 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 16788430792231894627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:22:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 747B 2 KB
1 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:25:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 747B 116 KB
35 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 747B 0
0 22ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPiE20rCYIzMdzF6vCJaxjgL_ke3kT4Dj_FwotU-7O2NoIE1EwlMKIqsUPsiG9DrtEZhaf
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 11544682616328780765
tpc.googlesyndication.com/simgad/ Frame 747B 78 KB
78 KB 15ms
8ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11544682616328780765

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bdf24a94f8daa37d2cc129bc26fe47bdc38da895153cef75738f3fe1645d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:52:28 GMT
x-content-type-options: nosniff
age: 41697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79919
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 18:08:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 08:52:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DBA 0
0 169ms
100ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAUIIpG6KKo8mLYcc3em6UN825g-479ZvbXpeD7ZuDzTYvpVTrKq5yDVygMdCItPI9avHOEpS1DuAMC_PTi-hqov6J7kLGCUygDZm9hanVO7Frd1VHiWnQ2-W9SQcWIOEaEdZijbJ34c1ASlRn40pMSvf3tuglTSfVp6mZfwjq1gBTDbtAeiXLh06RcekrY2YytuEzTbCqoxnQYC_w9s0kju_L-V53-vkWbUW7S5PrJ0rCo-CGE1A5TuokYuQuX_37JBV7ub_V09_uekalAb2giRAMqQlUUjCC6XiWQaSQfk2vNdyW4UwGtQ&sai=AMfl-YQMOyXFyQQot0Cmg09M_-eD_INUxBihfs_rZ9eeNNAd9W8HlUSQiZRqHA4sKXDPWHkbxasOFQPAYTxbBS8YGAXWVkWACUg_m7PhjHaqwBMshfRDSTCNX1AYu3POVza_&sig=Cg0ArKJSzIKOaz1t9qQSEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 04 May 2021 20:27:25 GMT

GET
DATA 200
OK truncated
/ Frame 6DBA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19cda84ef9215322d69273d9a1c9517917bca938bc07ba1657a361931971c9c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame BABE 0
0 132ms
101ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvWSs0rETviavVUSV5tlLTiDcNXCpIQXg9wJV8H27Ep65m4oADbeV2QUO4jiTG4AfPoOgKv8sJRC_qObT5WuzeUGe7ZJaNHcJTiUYNQMFXVrI_hp3eTyoGpmrk7OayvER2IPFt5Uynv5CbXwPsxI6XsNloI5OxawWN3hyy3gxPZUWRrhAHm3DU6j4Rww9fyJ47oUaO0cn-5VQENHp0iZrvhLQr52imOzmYjx15wcSG6iE8gqYWP_rlKO8VHSfs425e9CdQqszD4-PcrgfFmwbINlLaNqNRO8r_&sai=AMfl-YSX1vjdg1J13v1x2J-c8aerayvebC3z5VGy9v9eId638Y77btiR53ltyWH4aixLX0X_Ix7e5lrMnwE_jzkKRL6rQSSOdVKjRqu8G0QnzDRcM8RxiwZRwpwXcxhSseRo&sig=Cg0ArKJSzDS0Rn00Vve1EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 04 May 2021 20:27:25 GMT

GET
DATA 200
OK truncated
/ Frame BABE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51b77a62cd128b1059cb179149e3b32e9deb8614976b82d0945abb35c7bbbe3b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3DB7 0
0 102ms
100ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6nOuwbfV2XfZ6Rwde_0czaVDbTPq3ly88QfgBWnqBBVP7ytTlXqX0mrVGdFvc3OsjpzKWB0N24f8E8KbvOdIOropZhOM2GFGiNyJngBZhG8SsgyNZISDOhtEGM7Wqc_6qlMAqnQ9Z6-6uU3wYPk6IzYmprhvgOb4ahZpYgCZU2vQmFIuXtNBXRbuHqLQvDjrTVrqafy1j26uW4sP5OQG5Zz2sfkdoTp6hBdKznqWlCBVTZE-mILFzVXDxbIt9pt1glDhsC6YEo9es-6V_ZgbyxeoVPkwphayW&sai=AMfl-YRA63YH9S3gKMhRMYIJZ8NwktQMWV72lOX_xCCJGyO8t-5foki843Y_dnm7sLJGO3OaH0bUDI4HM6u_oK2k_HXBxMnnt4EtW9HFqdb1th5GHuzdVVSmU1GrUOsX90z-&sig=Cg0ArKJSzBy8TX6FGM7vEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 04 May 2021 20:27:25 GMT

GET
DATA 200
OK truncated
/ Frame 3DB7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6308a57e5137704a836cdcc22cc398962b9a333cb0a418598add0b734e06e990

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 72FC 624 B
344 B 22ms
17ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1wgIQ6_3nAhiX_segATAB&v=APEucNVbgJvCih9fGceRh5ZThJcC5n8Szp7KhCHYTIdcWdGhPrUmQ8WqfgD7yc8SgR3Jz_DBlbeMFW7qxGbmf0DVF7nQ1V6aMFnGK5Qd0rA0kBehFfae930hyob-PfSiEY_8KTGFmikZ0mvK7__r2pv6Q6W2VHQwMSfT06GcZlMR8IMBY1hdUl8MIJrpeJg3ZHVgIJN0fqb9TvB8YR-QI_Ky5DB_TvybUg

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CIy1wgIQ6_3nAhiX_segATAB&v=APEucNVbgJvCih9fGceRh5ZThJcC5n8Szp7KhCHYTIdcWdGhPrUmQ8WqfgD7yc8SgR3Jz_DBlbeMFW7qxGbmf0DVF7nQ1V6aMFnGK5Qd0rA0kBehFfae930hyob-PfSiEY_8KTGFmikZ0mvK7__r2pv6Q6W2VHQwMSfT06GcZlMR8IMBY1hdUl8MIJrpeJg3ZHVgIJN0fqb9TvB8YR-QI_Ky5DB_TvybUg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlptrA6AdFIadbVmGjIm_JvdqMMmAQ0GwhnT1taZqgxsivhCyocEfMx7stULQs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 20:27:25 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 694B 57 KB
23 KB 53ms
49ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5ER1jo9-dL7MzjTS7NJt8zb61y8zpqVUSvhkckGATXUSCdQ6o9qvewCPu9aZoArHUBabBZb7_AU7lbgAPkWaevasradhperSEnJlZNvKIlddPMvF5MAwKfI7e-hUfj9BsFGCIK3bQ9WpxoKAlT11eaGgkYw&dbm_d=AKAmf-C4WXpv-mTao_Y8SrdoZ3nCzfFxj0KRvbs5gkwxMFtT4NKEGEhSAoftkaQw-pCxc5WzYyMx5r_a9vHVleZl9Por8b4K90IBr6UAQ6-wwQgOB-yZg6xtkl1BnpUQS_Aiabh_mGQ6fj2EoNs9WAntbnIKJPHzEhB5i86uKVr1gXun09fgMNoN2LmJ1YX0NWmPo1brhePR7E3VAp37B0vQx3UB-tsPkT_95MDkdrrz4aPcIpdhh1AQNaAUE6YW0NvvxgUKJNq6_IdD0P5ThrUF85EkUCb8EtVLCB9jvGdW4RQPxp2IP_qizW2A53t3K3xMOk4yJl651VwWbEbERQ2AOMHiLqaueoVnffaYMR2iYERNlP3QPT5Sr_vBnkuasH5DVaMXsiAe0tDwoI59ZekrFnrc2wekNQeTOiaGHywsQU7Pcqb4wyA5XMt5cBahtkwSGp3GvK2KgJFkmibiK1JLs6BE4Zm-ZuaVTJiKPaDNAnxFFV83gresfgOYMUM-qSG5lJGDw_sQMo6v7ZoFGNKuaub3rLPPN9JdWKoDBzbGIAGhBCqjEpu9-UsXntqnC0exos7kbFCfDLw62IDl-nMgVDzCx-H7DMKSFvvsEoiqGoYJAcjOc_S_S3KW1ggwFVRWVOQdTSmN6EUvEHkV7rgQG7x4ZgOWhGqISPfSQkGTz-Gkyh0EZv0j4Uwo0WkLnBX2SGzU4CqVgq8QRM0OG4M6JhoKjHB4rgH8RuiiQM3_HlFaFbNUXyN2mPymt02lCkPikQDu3S8ap39ARZH9UvaMFFWkBNPrR3VMBD8FqwI4wf1dmO-Z-3nw0GDoBy4PvEpjF7HONWdymE8UK3tirpZew9w6FAeAyKJ9ZliMAuni8keAtpYTnKHYlE-EzNnzY19MLkWfcHGfq0Zsl6oYOibH9O0kgGeT2fUYv2RKshHREMQC1Gvp0tybc9Vx6tAo64-o3FNs63hCXfSWMXpcW8pUlq-VJJnlTjKpcjk4VtGLG4WtvlmWaYx8egeWShtfiGOdg2Dkjae-tzkNGlWZCfMhO2Vqjza3iWrvTT8ZqQMPv8m5b860-6dFn-kjndxrRBxUxTN9leZcd5B03prUpQzU1zVka4o9_BpyifBnkH4j4SB3e8EwhBn7vOjaMvNE3AxwL1ESUJr_oY0JQ8KEgREu1j0uHd0yb07PRv7Sb4707Q1IfWT34a7V6F5lFp8VHigAPO6cGUFKyxbxZpEvSxsByrQmMzq5EwKcD6UVyEzIGRFWSmg6a6Skze7DHf--Nb6QSitj0F3pxX7MZoowqtDorOKmCEYUyDo5E3lG7HmxIpOghDKa1JpthEbjnRYwBe8h5Gyg-Yj-lQp16IdSxAq-xj-jbDyhG55RJ1WbcEey3-8AjRRKsE_T_PrIPY-pLuGhnXjjqaZr-BNsmgTohXfwoi3ZGgjLzWvej9HCROgE-KHsiB0vC1Uv4BKfgR3M8lgdn3R9B1ICXkD9vWIlrZbKd5p14aOfSvb6GvDIK3t1XnneRCKunHFddFrN3GI_IAbq3SXROBBjv30O3PRV954MZJEQPwdq2nvzKk4gfH3BBrFnIpJnY8gtZxbh17mYc3kpLtWDvN1BzHwDuVAZnaqwOT9YWakZuMdEyvsJmJiizyYMVoVZkFvjiDlw2T8E3YfiJstHUDpLx-oQkVJY10QkijqQSa0HhRALeGpp9sKyuRLNAoInoucMB1Kez5v6dSdhCs7oUE45-PoBsh1HKbnIAUNIBe5qX-LjLBnzVMcYVnop3H3GV7LdnVs10Lx72f7M2VYrG8-a496aoo3t0b-I4p3YW0m8HMcmWn0Xv3Z7CRzjXBZCvdpsrtbxYRCTPuPTdi43thGkKrze710l-y8E0C1vgFAv2_-A8bzl5uex7iYVfT-YH_IHf2tfPGP2OeG6kWgvCL4uCCxuPe47jp2qY8K-QIm8QeDXvlgO4epEHSdNZPny6X60c9aj37OsP6a31LrmwR23dvfoGRVsLLy9BJCQghZMJAEQC5WrPlKe-KayS2pJZwIH9fG7B2XyrPSDguVoJQXeOQzg1IBecIUB1hhmVQ3MpyjjEdSshfRKCdU8lyYaC48RvGHf4WfrJszLxvkRQq0GEwg3RTozjQNi6SNLRSoK7lxCkJdzgVLPc2O3Ku00mTpn0vbF8V4kPJfK8EgDshhVtnPrI_NXwJ6jSyxfqcfTA1sR-fX0Y_CLiRVZxGRlwwt6IMSEU1a_DYF4WxvUODvXix2rf7a5ZdZnnjVIBxRi-I3TwbI8fp3K9846ktJJwHn2hS00Zfxwhhilybshwkuf1zfyjhAIzmypqnpi16DRu8YnKd0lTOv6od-sukMK_wvbEG09djZs2Qd5iX2RX88m9UhCbxDD4cRBMEPVmLYPdmeQkgFni3ioEyHmX0jytdLMbtxSeDYSNFb8AHqvaGLOgv_vbs8YdfBWeMdWkJgBJLftwhZKG5qe3nRGOF7ofY3YiOh6fr-vhqywX6jDZIJk-JSdNiqrjlcSljPo8GaVAvAcH71h1fl8pOXHLyJdPPP43LAkGlNvDfK24zt3X8281DCAcVp4LbM654_C6KuX6RvhvyJRDvCMgig4cMQaJoQ6_dNwm2SLCehtuVzCnmvujBpv99mm3tN3DKy1K0jrfgGxsKpB7Z18EqH0UiM_oezF77gfMkQwQm4opGnozj6Tw4_z7vNcvcGOhgTkl69sk6NqPhj38otS8c2cC46C8TSCPZn50rvrTPiY87Ur9USqOuOtrnWXoWu_F-ACFMB85eN5gom3OZTzqvfySso-WPYjX2cz_keIQCqUVjaNHkjnLqYrEFAoZmYL0fXEn6bir3QeRNkvgGtvuJrUjur36th8rmFAtueSo5W-UzjDTuwThqgRLC24Jf55sa9oW4p5DNdIvYwncmgMgETh6NJIuxG2WhFXjbllmctG2x_CcgrHYbkeDHw02VHRkAsVBxgxSXU4GXZ9AaohHb-r4jrcjq0&cid=CAASPeRoZ5DqkwmCDd5MqM66L991lnvFXZ7342HUpNh_u4Db7h0IBNpFr8bK4vKfoE1u8UJTg3I5drd99uN5Gv4&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5c79417597f19e8c61077c67b342996c23773a1f5ae63f0959b47869d897280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23634
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 694B 42 B
110 B 42ms
38ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0eLyQcJIkBOlVyRDz2KRypgsfs4DC8JQdxnpvRgIMsVYZSYCdGCTqDoB8UXpVUiRT89qPYz5_7jP0c40gmnGNUkeSUuX_b7QkcNccbJiQauC8J04

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 694B 2 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:25:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 694B 116 KB
35 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 694B 13 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:26:30 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 694B 0
0 21ms
19ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSL-k008VKm7NMcxgVUtMu_YghV3wyd5Lg5dqNESVBTgeN0EaAGZKhdhJairMt4_aCRdxso
Requested by: Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D548 640 B
363 B 34ms
15ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0aC1DTAB&v=APEucNXLUMop7GvYEkgIbjYZW2QeG9jBiq4uKLoagp8za_KC9cZn3Lcwd4Xv0ZBZ2SM5z-lCutCv1KHupKV0B9kEMvxYZPTz8_tQIsK0_wDTCSAEWVi7Kyo4CoIcK1uErWhz6he8rwIT3nVfhsy0HmTmIcM0DcjoxCUJfOYH_tvDYW9zyyhziNLzwozLTepjMTS-jZ3JdIUpPimFIoenC2bSXpQk5fXC0Q

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY0aC1DTAB&v=APEucNXLUMop7GvYEkgIbjYZW2QeG9jBiq4uKLoagp8za_KC9cZn3Lcwd4Xv0ZBZ2SM5z-lCutCv1KHupKV0B9kEMvxYZPTz8_tQIsK0_wDTCSAEWVi7Kyo4CoIcK1uErWhz6he8rwIT3nVfhsy0HmTmIcM0DcjoxCUJfOYH_tvDYW9zyyhziNLzwozLTepjMTS-jZ3JdIUpPimFIoenC2bSXpQk5fXC0Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlptrA6AdFIadbVmGjIm_JvdqMMmAQ0GwhnT1taZqgxsivhCyocEfMx7stULQs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 20:27:25 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 35A5 23 KB
12 KB 54ms
34ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B116q6LwUoAujxD_aynChE-_myCfuf1GgjT3okJygda_QZbbX2b1xDYZwwNJQcRL7DCxVNbBmNnpKV8a73pd0C7i_KdJQGL5kOpvP6SYlBSLji9yvTRTWoj7x3p_A2djOaIP6tHAILROlmaMEhwDPJ0dqGaQ&cry=1&dbm_d=AKAmf-Daqv_ACKkgTYCkfV1R5VHVPq8ceLdcWb3PURaCWHSyLPjfj3JpzTLzXA65f1tvGCYUiLKmA5vK7lo1oyaGJUbkbgtImcEo2ndfvbFdhV-JlSjJdf1pl-2rYOZN7icszoOn8QuB1txiXakpc7Hsgep6puHlrn6ChewxqDD_7y4FVoepXvGxxNxltf0C1zncv9W_36dWPBiwKYq-ADF3sAgOMSVuEoybC_4z74_-ymoygYiOqd0eWgLcD5OeyB867shFYJnQtOquQ52aXxZQY096derg74UacmrZ2JDRfRIlPK7LE6eV8Mlwv8b1g0AiG7g2hfTsyJxAoQF1IehPGPXBBoyx1iIR7nV3R9K4M5ZPCzy7mdnwjTxYeMD_kNm3MvLg6GvudIO18HGu6c2QUkieJZ3Y8xwLzueY6_eZ2gsHFHCEpoh9NKepC0GIQ7-Eqsdz9vDqaSFAVsFeuTauV9c7w1SDcAAmvfcsJ-9ta_MuawByfnUQI8crEfKqpBmU8YhKiQAMMah6Z_z5Fbt36V3wXHSmaFCNbrXQqBWdLSTxOcEEJaOMpFnUbN0m-f2Chl53ZbEkhNIgV1lCQAiZGBaqdkem_z0pMwLGKWvEbloEsGOZA2NEMXzLvUMVAa2ne5n2R62pWgV2W0NdUQgEBD-xjeDG0qvZGrl-RQ7xhix4u2fbunecCifPY7jt-SiuVVSHkPamkWByYBF_vEgkKf_of4ZauaWzUSgdBTzxbHv04ndazfGV-SpNU0dChlSFbWQVXZjFbBugzOuJdhb1YjvjpTBFlZ-b7UwN-784FFEFeHXawIlzM4PjfnxkkYB0ESrzEZZEDOmceG-t-lgzuD_MmhIO-qMXjY5NWIm-Ruz-of9ijSSRjaCm11QMA-EZHVEmo1P7c_BAx-NDExrqytNoqCCtxddbnZTe3s3aWP6TUov6wov4fnJ3NMSV-9MusGw8at5ozXEMusPlRZv2iZHfQSeqpRohrjk8NGRNjI0anLekoBNHYbJtGNXJnUFkkJcMzCj3awGSgZkBmvLsZRi6ckfBZnoDFWAvzuzUwFJsCzpJADH8OvRHP-Z3_4GBj7UiMkBLPOLawfBfRMsQVTP2Z9VxYYwn4QDJc4dRTxJ7WZhHCjlPW7PPUn4YdJQcDDaYxS0yjEw-esBwu8NcqEYrmPeLHdoWOiOU1szBDcWNnAAhyK2nkf87RB5zZCOhB0DJ6UclQfE07xhiTNbxlTKNfBwP57qMs0jD66AleVZb4Jsfu1pFAc0gNgRVkMScjhdB3IFe2_7erinWNCrmdbTLmEVtOpNd3fixfbQQSH8j-J93gX_aKEf647MLcNTKDkj2CPevDk_6cfkllnUFjtDVMSR2UNfNL9kreWWXW7clmsZk7gI1VdBL7sVe55SCgn3fi5RNBYjXzBLBCgTbgWl_4BJZadj1otWNCqhtG7RMWt0W8MSDBxmVoM-t9aj6HUC0lvtjjLBzW2oBsOjkq97jFWMWg5xaqZOMeOw7bVBBBf_gtTKyIayNrVg5Ndb_ornp6749qWgtx9P74MN0ZQgaLugY-Tpq-JEtfgbzSKBy8c9YTDf73O9X32bLIvuFCfmUBq4gd-dTSJE2jhTfCRiODgSkXDEY6L1D3v3-PUrHM0Dvo2-a5sCaJ6Wh0pJwSLw1Q0FRYxu4wRpToQOlL0r2rc5yc-acQ4zO6SAEU8wJO-TX3Jnp-uiAUfFkWfgrRQZcaFdyYqs76EozkFp-Ny-FP9iC9fKJxUOWe6riBZWVGiAdcnzPZEtJ6lzzYqJFpYkd--aIUIRqy62opyNDuzCnVnNdaUbeNS95AurzNPN7Eekzej07bvGXShmnGx7APqZSzibz_ViSKIjfFbQSYzGPfrSHG5gey_f5CdKGAIuVHfFnPcC81tlALr-4OzKiZpCvHcjP7ExZPFDoy0rM_4RMO_KpFylBjwnFBAjsJpsa1DxNmkEwml6XGHQWcrjg0bZ3TWyHvPkdvWwMhFrIo0XP9CNBJJxAKHZ2MdKq5uB71i5C10faMGWTx98Jfi3SnXsAFBpXpAcZWpBDH-1JWCU6LlKptRRyf81n6kY1ZqkYVQ8WHSzZQKnwB9OB2Nsz9JxcRnYY0B2IZIMf4DJdELyt29yEVPqXQnYAAN41lcyI1EEPbTzEtHxI5cmTSLq6gK0xR8FERnUQLna1LJXT8Phi5r-otyHxOKUxZaONq1OSzycZm_mVU1RcOTXSiqynG5SWVCPRz4SGdGS1ibpgAxkcf8xymaWQh8wOZbq5K-tCI_B-mViCZ34VAW27_l5tta7b9ykXXU_d8N6jBBs0a7U_Hnm0ANiDI14CV2VQc7TYHJU0kVgknOvem9R1HCuC1YnGTGXskq7PUEh8ze9oY4DXYC8WTQAIJlOp8jiL8SYhjJZ4Bu9EClXOFVzGKm0oakWaTG3H76VrzYBPFjca45-Hc8VZiWPpsSFlMXl6oDY0fy34CzePAOPjd0jOUg1d2uJyrxVS0dVwNWEmlrq8REam8u2wz471bv2hwJxim8KGGUBw0_sRuTq6XTo6If7rmjMzz2EWB6t2BGSonciaqUvX1gvOipDOKb5sBznx1De_z2VL3Jo8grnLxsohtfWUKjrWUHlqz050rWaXuLSRmVTtj3qkGb16ZJCdeXTxiunGxEWMJ7-6rAuv2zqBs9o7pnGrjdRksurho67XfElDNaGXx-h_CpnYVQTmFjacJNbbQLQbFtVZFsGOW8bokaGAdULp9fqxP1jsrUKvXLdI_x2HeGCkfktO83GiW9YGN1Tky_9TQ8LpTrE3tt85YCCwPCXg0hVXJSi242nSWD3q9KSxpF_v3Ah-A4Y443MX2_26Vz_7EoaRfMhVv5m8lJm4ElLPEyv6P0M7lJeC2Hx5VqZUhWrBnCxOg3fSnDdQ56NAGYdMhBL8hbfv5VeFupX6Jn5INy35jViJy8SWuo8Cn5f8vK_cf_HLFt80CV1Ap3yuljmgiDgsfS87z_evTydXgGgzkfg5Le06Nu0qMiji6vDKwsOaX-PCGNw7oijakZz0BSwnYeNw9C73lLwjqEgvNlsizHjlnw-YIwfAuFcyBrgEJ37R05JXmcDJVBWoEXL4jvAckbcCVVAqOI3jTPdzR7oTo5jwrJvT_TvHvpBugGeZJMidL6Ho7mT3aGR6cpTPfMmvQsfUFsDM_LIWdOGcUTzS_O10&cid=CAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64&rfl=2%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d26c7719adb0dd2bfd9ab1228a6176b4e005bf39278c17b5c1c4b62eabef9068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12028
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 35A5 2 KB
1 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:25:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35A5 116 KB
35 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 35A5 13 KB
5 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:26:30 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35A5 42 B
107 B 56ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cv7t_XLHKvSMixx7AdrNH_CG-qABcSbjzYpV3E8Ije65YRCPyLPu--veEj0iBuAF5_0GqdR9aRtfGvsArUi6R5RLidvjKAI4BSTzc9LkACKd4Fmmc

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 747B 0
0 105ms
94ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ3AwHBV7z7yoTqfzyvlD05PI4aukNOFXMsDgLEGaWNA8SnK0l8UTdAOcSUGjIeC9J7nesykvk25A6QWyrvKuZj1EQvwsTBxVrlXj_qFrpE92u80zfA2zlgxaH-S853spXuaFSy-3PcCOUaPFwXuKG5l_1RT21c6lkVr6-nGniZvC4qnrenGLri8e_wvMha4h0oqnt9I5mJwUWckFw4k8-V80I0nkWNKmKyc-7TCn4zrpztTpD275-d5zLbaN12mdjZv3cVdUBsNBTJo87s4VIxwEA0VtZAxkyatEsn1zJXaIOtyyjzKo&sai=AMfl-YR7ItMb17fUgIjfbccwbhO0L898tdCc5UI3U5I-rW3VTeM8Ig1reGM4LrK1K1JL-6EHI8gKCcCmOuC5s0l-hR61CSZi0UKEEfXOkFHZHfPNEA6gmnjJq0foXIGUFzV1&sig=Cg0ArKJSzG6MAO-2juizEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 04 May 2021 20:27:25 GMT

GET
DATA 200
OK truncated
/ Frame 747B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8901e462804778db4e9952298130ed7b17536b4c0908216694e92e84fdc60ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 14 KB
3 KB 44ms
42ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3712358
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2295
cf-request-id: 09daa97a590000176e94be1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-38aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FGEIers5wRGn5a1MOqyv2G5nxvihLsR%2Bo8xMvlhbWAzY3Mnaj2AqaN%2BEXZVq5QHey%2F8AG%2FMkUk8wtlylwnezm6L1PlrzSZptpmN2kSlb4q0hNIAYVVc6kUcL2sPG7OZs5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64a4783d5956176e-FRA
expires: Sun, 24 Apr 2022 20:27:25 GMT

GET
H2 200 ajax-loader.gif
d335luupugsy2.cloudfront.net/images/ 847 B
1 KB 64ms
63ms Image
image/gif 143.204.101.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/images/ajax-loader.gif
Requested by: Host: www.opovo.com.br
URL: https://www.opovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 01:08:46 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Wed, 29 May 2013 14:22:07 GMT
server: AmazonS3
age: 7413520
etag: "af962b37779a443a77ab836b3b7a93f5"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 847
x-amz-cf-id: NvjTob1uLW6d5H-zqToAkzikOvKoPLfxDE3E4BEy9tT9PEwNHa8ZvA==

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 16ms
12ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200307651652585&ev=Microdata&dl=https%3A%2F%2Fwww.opovo.com.br%2F&rl=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&if=false&ts=1620160045735&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo%22%2C%22meta%3Adescription%22%3A%22Not%C3%ADcias%20de%20%C3%BAltima%20hora%2C%20an%C3%A1lises%20pol%C3%ADticas%2C%20neg%C3%B3cios%2C%20opini%C3%B5es%2C%20esportes%2C%20entretenimento%2C%20podcasts.%20Tudo%20isso%20%C3%A9%20O%20POVO.%20%20Somos%20multiplataforma%2C%20comunicando%20h%C3%A1%20mais%20de%2090%20anos%20a%20hist%C3%B3ria%20do%20Cear%C3%A1.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atitle%22%3A%22%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%22150%22%2C%22og%3Aimage%3Aheight%22%3A%22206%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fincludes%2Fassets%2Fonline%2Fgeral%2Fimgs%2Fopovo-online-img-og.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fhome%2Findex.html%22%2C%22og%3Asite_name%22%3A%22Home%22%2C%22article%3Atag%22%3A%22%22%2C%22article%3Apublished_time%22%3A%222021-05-04%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%22%2C%22article%3Aauthor%22%3A%22https%3A%2F%2Fwww.facebook.com%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.opovo.com.br%2Fbusca%2F%3Fq%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1620160044888.1812027848&it=1620160044627&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame EABD 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EABD 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.opovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EABD 440 B
258 B 211ms
210ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4347522184659892&correlator=3872311010743079&output=ldjh&impl=fifs&eid=31060790%2C31060837%2C31060841%2C31060958%2C31060735&vrg=2021042801&ptt=17&sc=1&sfv=1-0-38&ecs=20210504&iu_parts=150684666%2Copovo.alert&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C468x100%7C320x50%7C336x280%7C250x250%7C320x100%7C300x250%7C300x100%7C468x60&fluid=height&eri=5&cookie=ID%3D9ffa68df639305ea-2236eb2708c80044%3AT%3D1620160044%3AS%3DALNI_MYiynr4AzEX2OGMVivcyfb_f6dNng&bc=31&abxe=1&dt=1620160045782&dlt=1620160044906&idt=365&ea=0&frm=23&biw=1600&bih=1200&isw=470&ish=290&oid=3&adxs=-12245933&adys=-12245933&adks=2027262203&ucis=j2onyj2j5oq8&ifi=1&ifk=3747141809&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.opovo.com.br%2F&top=www.opovo.com.br&vis=1&dmc=8&scr_x=0&scr_y=0&psz=472x136&msz=0x-1&ga_vid=621751297.1620160044&ga_sid=1620160046&ga_hid=1416806308&ga_fc=true&fws=388&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1559d9575a72adfcfc59341c161bfcadec337ef414d579e4a79df33f9d56fe6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d3221622c000ddcd4c9fb19d7c973b30.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EABD 0
0 34ms
17ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d3221622c000ddcd4c9fb19d7c973b30.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame EABD 0
0 12ms
11ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AA47 482 B
274 B 29ms
26ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0KC1DTAB&v=APEucNWfvtcYatR3osRMVo69C5iSrLsHVRLpQOKIuebtBbL-jLwFmz4fVpSZOcDGGgn2uLMHPB_xU6m-oqHOhL913KtSVAN1FipMicgP3ZJfMJ3Ts4kRjGRwRhQJMCgV27t-jfuwD8ManO0h-YUlyC-GeXIOpgmGBFAzSf2EYJ-IlJIdUfyWpuk41hu_YVYsvvHxlAQ6B3ccwMHCkT4shghQpjYT4N-x5Q

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsY0KC1DTAB&v=APEucNWfvtcYatR3osRMVo69C5iSrLsHVRLpQOKIuebtBbL-jLwFmz4fVpSZOcDGGgn2uLMHPB_xU6m-oqHOhL913KtSVAN1FipMicgP3ZJfMJ3Ts4kRjGRwRhQJMCgV27t-jfuwD8ManO0h-YUlyC-GeXIOpgmGBFAzSf2EYJ-IlJIdUfyWpuk41hu_YVYsvvHxlAQ6B3ccwMHCkT4shghQpjYT4N-x5Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlptrA6AdFIadbVmGjIm_JvdqMMmAQ0GwhnT1taZqgxsivhCyocEfMx7stULQs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 20:27:25 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8E4E 23 KB
12 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6AJvuIX3aIdsQ1c0Hj0jQnTmIPebCST6U854DciYY7hf8Uue-xM3h2sKvB-fP65n-DuEechFuJhaQXI8jl1DCId58NpcaChbdQcAOPu__tExWP2DWj_Yf5dPktDqF1J44fy4GfiZ58n0JWQkt-8eLJqjmVQ&cry=1&dbm_d=AKAmf-DP-2fcTc9xqeyncubKCQkD7XU39S5AQf6ZoMzNNjENqBvWr2vSRnbuF8RnmfbrkN_7KHHd-ICzCoBqWQ7snLVunYUxW23AZ5N0OaVbd86RTujcvAF8KCLCDceOPN7h6FZ_TRPyYCoAeIDzuEwg0efDirhST0xn2jxfS5yZZh6pBTeKCzWmiGwyluBPWW4KR4IgMh2QN7nQ6bii8IxYx8dwvgMARlcidn4T1njODMIraTFr6xMB89cHaFHZfGhoN1IqYQ-uRcFQhtYDnaO1fN_kyBGmxpyb56bsM1epgEKydCpRRIKVENLoxLd_3vEiwQZuNZh-hd86aCJTclOq3hIpnOrZ_RvQQlOi7-jNT-rcdNvdxY-m8t5ZEHHEYJvR2RYgF6HF34BbIbsEFY2TvXyWtEqKiIbO3VFNw_DKKzWTuhDnp8UDFyjpBgq1F5CYxoUxVIH802f84rEl1k5VBUCpya5zDd4LKdvb-lCvhn7B9LJMjaasPb1GC0w7pQ4dk0YPlW8UIyeZ4JmFG-iV-FTcKEqieAPcoCHlvrRwp3R6yY6_H4T_cc7lOP5uJkh4Jy34d73PmysDGQ0nzlPZwynBhm6OJTIzH84IovuH1t9BSvI72m3toWO0gnnKAtlrAxtJsFGSJkDtAPTAppD-cdt9Gf4GflCD6mZl2l1wwf2RddXnJoR0idXCYO8bA5TMpBCHCogqZU7Te99zlgzQ0L-DG6lR2pv9341y0twek7Soi1heJ--IhmclzTKsFyj-KtM--JWWxZ0tFVLFiSvmjryGV-t8kRY_S2xivCo5KLkcJ3tQYsiP5XqvHYVYaZgjrPSJIlVP9aP_Lbee5abt4hHRFcIU7U6U1GWW6rOcEdViafQ7UDwbR-6sHMtX4YMwbeW4el1AFhNv7vDD07MaVWjeDn2w2-130HNyoa2JuiYEh9yF8bhfnDCWzK3rWO7Mw86Wqh6QiThy_8rsHy54Duf7Jz9lTfVSYIHirZdXXCN4yrdr9C5jutsAReD3IZqmROpua71tPtd924FZxaJy-F1O8xSKMXIYDRVayOrKSyWsxy2yTwDQQ_tQTj11ZqwrqSDrWZvA7Og5KIZRqk4M1XJt6sGln60wQkX9kKjgRd7W2HFfnvvt7khgY7Fmuyjfcsch5V9btXZ084LUZtAu5kOszs6u0NdqpH5yhTKPW4iivz5ybu-rNuyPeN8k6uEQEba_c9wOH2NVFXVn6GvCdbUCt3AsXdahpI7g7KtnMB-CEdalCi20yynn_tiQSorkhJBvEIfjpfLQ0DzIhDGER-HpCJF0fuvcRxmSuRYKvfMN3uEx3pzij-3FJAqSchNQi1ioixvdAv9XLX8gXbcw3OlEF4eOdREPEMNuExNiSwMDUYCHWCMzVhJsq-RHdmfFLBIV4SduIZRuZTdijavIcOfkAMVWdUSRzKFsvzzWMosnw5CJGkjnZV-ErWOQAZq9ipcAIvlM1CnPROkjwYRs7bHbmkDPF4w0IbJyI4W_YdZvLRH4D38dabohCwgKFcj394NAmZapQbosbq4odFwI0P2SnyO_vgmN-wLfSODQNpc4zXYkf9vhipbQdi0huE89TcFL_4UjxLmKmOEm9KpiKGsruXZm2q5ZvUtWTzhZjkpltJcekDtiINfYJ7UqvdT_BXHEwRQQDh278CL3iwvOSNWFFp1-v662EP6Gexc72TrWwbMsftRc_B5zGj2COwoPmJ9zY67DzYiUQM0wJJTX9uhupBOa4nZ6TpxtcZMMM58LVRTfZ5QSYBygYErgS8_WJjn_FHjnZjqq6qtxbYRM2WX9TeCRyPfyqgx2Wh8Dr0jjsCUYukJFA_2EZG50E3vkqwrvP5IGc5o4cPUEr6ClpTEmMr03cRKg6BhHswVA1jjWnKPtFbBFN1J-F3oadY9oaktSOunTD1iFYKL9bXCHDl8vHkFoTrcVGMBgJifGftTksR-B6hmVSQBQlFgL6YvdMCiztMz5hTvOxScQ7NQQc5VklZew7page1ytygleIJr1Vmbjce0rYHoO2aGbF3IG-Rd6xaOcOBSklI4PRVrMVJyVM63teVqhFfYGLKtrvIPvMPI5ONfVdHiyHDd2ByteY0V5ZCuhZcOJBD1i4AhQcyHyR6WdsZbZCssjrJAKpSE7C59OffqCh1fvCCzxhURbHuW2tsPHwnNudjLoCinXMh_1LXjNMBD6jzgks16Z92l4ttmK49HDmLV44ZYHDCgVLAOthn7wq5UXkZr332aRuBqIJRbfrbw_CkM51Mt5XwBNPDJTXjxM4uTZbfFcePsx-nOLmg8nXKP_yTL76BneyK2ZHUPvzhsYYatxMAaDoWz_8jmbtqEvkIj9-Puf9SmkGbdHnyJl6JnjnLdHDG-AG-SFOQKUMzZYk57TGgDFdgA4tFThe10IZHEezn9OL_379PkX_KMqpxWjOHtVM-HrxReXs9z1Cj9z-aK1wevTvDwfzCgGVavqQmxNd010I_j-sZFlxfyhiUM8ifVMyOkibn6_fYdXuKOLWmUFJADePYwaAZxIuw2cGomBeUCHAX5veuF5jaJ9AY8mo1RAX-iSHYCv8L-F_zm3MZbXSwRiXXj0geW0TBYhdF43UyE1pKqXuqcFeEJt_7YBy6VRPOrhH3IqWCKVju57MCFFUOaecqC8nc-8E69jyJX3heskdEOAL4c3BfinrhWnUDH9PGa9EQeBTX6PdiTqQcSS2d6jeZZyz2KuBHG85Y4cm362OS1GiHBPjgM7il-8F2LHKXRv0Mj9mE1x8fGpbk7-733rUTEMoR2neiZe3kwjuTIsOxD2kx_f9KhPBJGUdoOD2J7mKdBWPBZZZlae8q8b1ECxtxySegMlJQbWEt0m8HIQi1sI-GbfdJZDx99CQtU1zQ3gvgm6yhTXATZgN0gNLJsJHWmZTtBJq6cckAV7CJHh7n-O9MI1s0Etnj7mBcBAFeJBOVjW_Oh0-yqvWJUHafpcflzVBK3n7d0tbWdeHKc5Md7vLut9BUsJMhl-WSZw10fNirDOGATIc-_jzfVUc4Cqm6aFKm4gBiRkDTaSURaLYtkBVXC60V6uoS6RIZDDZINUODgCDJ9aaspqqOGuDXfo5RSZSDIMFF0OjG9N80uljswWEk00wW4wkPGbarcA84agQddpBSApYOoGD_0VbUMGwgv25xqvd5P0OqLRmJpfcsg55QLe9EX5&cid=CAASPeRo5_DLtJGnLXvciSw49Rbknee1XH089ljCZpI-u0R8s-RI6U7zgcUuclGGosstUDwc184wF87tpDdbktM&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f93768f6e5531992ba21ccabbf9375cfc131d4451665b412f2e9012dbe1115e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E4E 42 B
63 B 98ms
95ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlXF0HsrC829xsn6tazgjDytPq_6eIFl__FvxxTNiaND5O6YaAUbe84vERZ2RrJwyyA8dpUklFjDNIBNXFBxGzbsAX3yDHMKGNo08V8zMLXAjDLeM

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 8E4E 2 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:25:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E4E 116 KB
35 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 8E4E 13 KB
5 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:26:30 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8E4E 0
0 18ms
16ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQgkCrRoOFo7zPxUaI5O0Y7K6zrHnS0Mk9KryLNCh--hgS3idUu4wf7N9KwuD9_4eVWl-2
Requested by: Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4B37 276 B
227 B 45ms
18ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1wgIQ6_3nAhjblcigATAB&v=APEucNUoIRB_uDU7dC1qSkxj2kxTzG13fQms_5jH_uAGmrANlF390XRLgDwpcLdhSxdmZmWwq_PF3deSwzwQhsZ-G0xqcZA32BnMp6TFebHQ5y2BOeATl2rxpEvvs7kLJjaEG8YbgTDWqR9Ykns2Nu_sEuvDXs4vGdyTkxPD_9ptIMPhK14amfRNygoEl806GnRcoscI2FzioE-VQwbg-BWc8nm695cT9g

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

020d5dd9987017d323dd6ed1048e55ea089209f930fc9a70299b8f61c0d95a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CIy1wgIQ6_3nAhjblcigATAB&v=APEucNUoIRB_uDU7dC1qSkxj2kxTzG13fQms_5jH_uAGmrANlF390XRLgDwpcLdhSxdmZmWwq_PF3deSwzwQhsZ-G0xqcZA32BnMp6TFebHQ5y2BOeATl2rxpEvvs7kLJjaEG8YbgTDWqR9Ykns2Nu_sEuvDXs4vGdyTkxPD_9ptIMPhK14amfRNygoEl806GnRcoscI2FzioE-VQwbg-BWc8nm695cT9g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlptrA6AdFIadbVmGjIm_JvdqMMmAQ0GwhnT1taZqgxsivhCyocEfMx7stULQs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 May 2021 20:27:25 GMT
server: cafe
cache-control: private
content-length: 206
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 89DE 57 KB
23 KB 60ms
44ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCRKSTBSbPq6iUVnM9dL1IKGNyXpcc7Hxccr_f9SMJGjSF1UKLboMi4HdEUc8S-e7e8VyXUAb-_bJ9T8Ji1AOv5H0QV9g_OPLAye-5u9F4V8eOOYnctej9qfAd3RBtk6C1ZSfDGC0t-Jrgp127XsOyoc8LnQ&dbm_d=AKAmf-AgcT_XZEuiaaE_2swsib0GMyLuFLuJ60sTbqQKmWdUzlDd3B-uvze9vspbzNryWq4Hp-a4iW-_v0qggQr-1oPaPXdtMz_Ecq2diuPsbKEQNUTg_kL_uX6LmNN_loxvidiqjCiBOFtRJdkl5SnWM3E0lzJZ0HMRhGmlKlFKWYGQzt1SKxcd5plQ-ndmdOHG6K83UKl1EldadZixeaiN21Csh6DAlkgOUPo1xk5-3pTu1LjrWxYXFZlg6yz86c6qQsGMLZuO4eSHL30dPEqGRLYF0u-t17Ui9aWWG4jsZlWWSJJys21ilmsTXDmRjMiivUF4LhUkvkN42tYrK8VdEVPn0lUXCCl_K0OMeH4ZSJVA39AAMR5TuiHjZPddoQilqf4bm2dH34lxfdm5g-Tm7eo4KmtbnWrIpZSBMTCUfdDe7NMuZjd8u_byzfaZUSRkHjM14exHLvAEHQ4bBhrRPGq66klyqwHwQsu74GZQ4cBlkflj25FwdoOCSj369jQ1K1Tsx0BDhegWfnS1F2OIPzOYnP6ae1oAJCasHsduwf7k0vHbz3AMqJRQArg2k1pmo7Q3H4_oscw3WoibgeYQ5YjN83QFgudNuv_cs4jUyz1RTFpgo3F-2rhNijt-ThpLP7d-lMPohYEd4G5WzOKob5jQpEa13UJcK5VOmfCTWh4Q140n3Tr8QOQKP-oghXULVBkpchJCTpJojYmgZF2ObXVPawaCe9a38YNiUX8zBaPJ-W6sr6nRoxe2NJQZwaU8g_GsbDdrRyYmyg2xS1MUNlCVeW6IQDCe4vT5AcmfdrAT228wES32e8z0VaKrnhBR6vu2nsqwyO26WdZoXeEtmt5iskB_NJO6HLT6COH239OKH6LdMwsZRILtE8a1FuaB_pFiQYHlI3qYURGEFL9526zQqzt91B5gU7PtZbIuAHymfaBkNGHIUIxJurndrkYn4viP9JyFGa2Wl1D04kyhWp3OD7y87NxedK2XAhfAUXnI8WG46yzn2i43vq2a5EfzQPE3kPwFpvqqbDwzt4RaS9dxO_OWF0mppbKz-0KXqa9A9TwZz1dlNaQ4QzNVyQM-cWtJ8yaXIPizhLUNqBjdO586Y5k9K75fXFIx5K2gpSU6ZT0_j7_RVmwPxzyNIq6F2Ic10zhLBwnQptzw0FbO6JQVZZWHIz3Ac_l_adyw1kby29C0nVWi52sV7zPoeafmcRK5GGbovhr8smVLTyrvAwO4O9lIPpa7B1jOhvKJWsVgZ3uiFJyTYFnJWZSRIFgSQYKJjYxGB4XwINRmTKuxD5EXqrf4F6VnLg1wQ3r8oVabNKEQMsh9P-z4GNzTUGJ6CMUZB2Pd3aYindqocW6eGyB6O-1CM-PETenBIWfYFFhlsZ8tFFdbxeWPs6SlgLBvs0JlSa97h4XRcC74n2j6i7HGxKRqwQOoqFPm0TpE7O12f8UW3x-YHt1qnfAJoBlQV2O-AuFF_myP6sTP94v56ChAGsq8EJVrR28WiA_gUtjVakYqXvJdy5lFBqi-SIN9Zyzv5XaKKZUVxhZxxYsxEZku-yNFRmds6SZ6cLvigEOgORHf60GfyswHM16Y0MaRZXCfVAb6BpY5dB8I8RsNdgLXAChj-W9tjwWuyFwKEkczo3bDJTsdmDCyT14pjNa_955TpFQsiD5LCLNsPzFzB-Le30-KK9y40NMrabUFfZTukHwWF7gnhJTMje_zG4RVziFmosUJI12GClI2h2ByDRXziYUQSLJQtXg1jsTBrA8eXBziJtqoYl38teqoxdg1AQx6cI12zZKmQK2lgV3P-3TWElFOKQigwOtpzgJwGy5NhMs_RiqBOS5rwOYzGTkmqgrArwThIaqlGhT_S72f8RegEF0Lj8bM2brhoV1Z2Qsi4efX4Ui5i5gaLtsK2kZpUjVhO51ey2c4wqDaOSSaW1iYNCaDSY_nCu7JjkSOVabtJrmOSK5jvOwnEroqrLpGGZTdhTekBSGSPYH3L9kLtPsIctoJxrRRnMbpuJCertE7GLa3vxN0yCEs2IY8porehLcM-DFArx7f8i9hAlJAAlvj-RtdrLch7YqiGQI5kQ0xK8M0NM_w1k976hiNbQ_6EmLej8JStcWVtiUXCxMz9FJKqrhvAXUH_NZNVNliia67cCSnWJxByTHyjMXZnFew38tkLPFsEEE-Gvn96BWB5hutQJNA-VEUhrl6l8d3etxchNUSGkvcV7f-PC8d5mob2v9XpWP_AVaM7srL-UjQveKMPYRs_hiSNXjiz5MZ1Uz_9cXlzRJJMf_EjCmqIWhDM2WvHtNlx_UNoKdoZ7zy0d7hZs82d_G84qQ2xqWdyelQOsoifpKb7uwMCQvyGFK-82K_uwtbMxNKubINM9MQueepeDi6FHs3M8jirwElPuwu_oUT-DWnciU2mAEx5fPQlPjUBf1jTReYlPS_jjeVB5cvDqL9J6WxYCWjndJzQ71diSskOBxkHpVVgKuXPh8moEaZn09TMs_UzEZ8lh_MfSY9msJHU55sEY4ygqE0kbSWZroQGFgauahr3vjLPl5sTFXrq1loYArGftntdRGErmLNUhTOLbgYEKvyKP5R9E6LwpTH1jv4D1R8C9mMV0GGg4XIuJ4-ZGCX54ILodQp5gHFcO9_yernKzBMaBk3SIsKEYdGcXS6bVpHqqKS_bYHpo59ugmn_wgoQZWUS75KA3VmnIPsN9_Uw2P65CCy9YF2K8h3aRa_CRxwKqwpDf2sji0-yyur1r1BUDpb2MsL0RCzHd98Hqijxonncjl58de1rBWi8qnP8xJHOjqaUAJlDC9DaSJIynDzAU5BNnGvyihBo1IwsZBRXrqSED_g33Gtg0rpJ27Ydg0CmkMCgQGF1IYjJstzHRmNt4oD4_x2ivwOYxYR0dNZ_TV-zIh6aXjVWhJQuEa-hL6KhXBqiwmNLU4YJQJhzww4PXPS3c1M3S7ZiHb9JD7UzWDY3uuooNEvwXeFouqo5rAXJW8tshzY0pY14GAJ&cid=CAASPeRool6uZgJ6GB1xXXqTfRen-WfxOrLzF7OYTvfvR1JYLGFE5RUDZ2LlpeXuHwJGSSyJdDGwlTxhD18fWas&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da75782088c6151f0613ac58eefe9fd277c642f12f54adc29f75af75f51c37fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23685
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89DE 42 B
63 B 107ms
92ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1tc9psOacMbgg9GrEGdgHScpp454F7Vx7eZll7H9oNNczQ983ctos843xMUJ7P_UoqLP7pqFfdXvpPxm9H-TBhnB8rY_CNT0Te6uwc71yTa9YD9I

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 89DE 2 KB
1 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/window_focus_fy2019.js

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:25:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89DE 116 KB
35 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056514301796"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36023
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:25 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/ Frame 89DE 13 KB
5 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210429/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:26:30 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 35A5 22 KB
8 KB 92ms
78ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B116q6LwUoAujxD_aynChE-_myCfuf1GgjT3okJygda_QZbbX2b1xDYZwwNJQcRL7DCxVNbBmNnpKV8a73pd0C7i_KdJQGL5kOpvP6SYlBSLji9yvTRTWoj7x3p_A2djOaIP6tHAILROlmaMEhwDPJ0dqGaQ&cry=1&dbm_d=AKAmf-Daqv_ACKkgTYCkfV1R5VHVPq8ceLdcWb3PURaCWHSyLPjfj3JpzTLzXA65f1tvGCYUiLKmA5vK7lo1oyaGJUbkbgtImcEo2ndfvbFdhV-JlSjJdf1pl-2rYOZN7icszoOn8QuB1txiXakpc7Hsgep6puHlrn6ChewxqDD_7y4FVoepXvGxxNxltf0C1zncv9W_36dWPBiwKYq-ADF3sAgOMSVuEoybC_4z74_-ymoygYiOqd0eWgLcD5OeyB867shFYJnQtOquQ52aXxZQY096derg74UacmrZ2JDRfRIlPK7LE6eV8Mlwv8b1g0AiG7g2hfTsyJxAoQF1IehPGPXBBoyx1iIR7nV3R9K4M5ZPCzy7mdnwjTxYeMD_kNm3MvLg6GvudIO18HGu6c2QUkieJZ3Y8xwLzueY6_eZ2gsHFHCEpoh9NKepC0GIQ7-Eqsdz9vDqaSFAVsFeuTauV9c7w1SDcAAmvfcsJ-9ta_MuawByfnUQI8crEfKqpBmU8YhKiQAMMah6Z_z5Fbt36V3wXHSmaFCNbrXQqBWdLSTxOcEEJaOMpFnUbN0m-f2Chl53ZbEkhNIgV1lCQAiZGBaqdkem_z0pMwLGKWvEbloEsGOZA2NEMXzLvUMVAa2ne5n2R62pWgV2W0NdUQgEBD-xjeDG0qvZGrl-RQ7xhix4u2fbunecCifPY7jt-SiuVVSHkPamkWByYBF_vEgkKf_of4ZauaWzUSgdBTzxbHv04ndazfGV-SpNU0dChlSFbWQVXZjFbBugzOuJdhb1YjvjpTBFlZ-b7UwN-784FFEFeHXawIlzM4PjfnxkkYB0ESrzEZZEDOmceG-t-lgzuD_MmhIO-qMXjY5NWIm-Ruz-of9ijSSRjaCm11QMA-EZHVEmo1P7c_BAx-NDExrqytNoqCCtxddbnZTe3s3aWP6TUov6wov4fnJ3NMSV-9MusGw8at5ozXEMusPlRZv2iZHfQSeqpRohrjk8NGRNjI0anLekoBNHYbJtGNXJnUFkkJcMzCj3awGSgZkBmvLsZRi6ckfBZnoDFWAvzuzUwFJsCzpJADH8OvRHP-Z3_4GBj7UiMkBLPOLawfBfRMsQVTP2Z9VxYYwn4QDJc4dRTxJ7WZhHCjlPW7PPUn4YdJQcDDaYxS0yjEw-esBwu8NcqEYrmPeLHdoWOiOU1szBDcWNnAAhyK2nkf87RB5zZCOhB0DJ6UclQfE07xhiTNbxlTKNfBwP57qMs0jD66AleVZb4Jsfu1pFAc0gNgRVkMScjhdB3IFe2_7erinWNCrmdbTLmEVtOpNd3fixfbQQSH8j-J93gX_aKEf647MLcNTKDkj2CPevDk_6cfkllnUFjtDVMSR2UNfNL9kreWWXW7clmsZk7gI1VdBL7sVe55SCgn3fi5RNBYjXzBLBCgTbgWl_4BJZadj1otWNCqhtG7RMWt0W8MSDBxmVoM-t9aj6HUC0lvtjjLBzW2oBsOjkq97jFWMWg5xaqZOMeOw7bVBBBf_gtTKyIayNrVg5Ndb_ornp6749qWgtx9P74MN0ZQgaLugY-Tpq-JEtfgbzSKBy8c9YTDf73O9X32bLIvuFCfmUBq4gd-dTSJE2jhTfCRiODgSkXDEY6L1D3v3-PUrHM0Dvo2-a5sCaJ6Wh0pJwSLw1Q0FRYxu4wRpToQOlL0r2rc5yc-acQ4zO6SAEU8wJO-TX3Jnp-uiAUfFkWfgrRQZcaFdyYqs76EozkFp-Ny-FP9iC9fKJxUOWe6riBZWVGiAdcnzPZEtJ6lzzYqJFpYkd--aIUIRqy62opyNDuzCnVnNdaUbeNS95AurzNPN7Eekzej07bvGXShmnGx7APqZSzibz_ViSKIjfFbQSYzGPfrSHG5gey_f5CdKGAIuVHfFnPcC81tlALr-4OzKiZpCvHcjP7ExZPFDoy0rM_4RMO_KpFylBjwnFBAjsJpsa1DxNmkEwml6XGHQWcrjg0bZ3TWyHvPkdvWwMhFrIo0XP9CNBJJxAKHZ2MdKq5uB71i5C10faMGWTx98Jfi3SnXsAFBpXpAcZWpBDH-1JWCU6LlKptRRyf81n6kY1ZqkYVQ8WHSzZQKnwB9OB2Nsz9JxcRnYY0B2IZIMf4DJdELyt29yEVPqXQnYAAN41lcyI1EEPbTzEtHxI5cmTSLq6gK0xR8FERnUQLna1LJXT8Phi5r-otyHxOKUxZaONq1OSzycZm_mVU1RcOTXSiqynG5SWVCPRz4SGdGS1ibpgAxkcf8xymaWQh8wOZbq5K-tCI_B-mViCZ34VAW27_l5tta7b9ykXXU_d8N6jBBs0a7U_Hnm0ANiDI14CV2VQc7TYHJU0kVgknOvem9R1HCuC1YnGTGXskq7PUEh8ze9oY4DXYC8WTQAIJlOp8jiL8SYhjJZ4Bu9EClXOFVzGKm0oakWaTG3H76VrzYBPFjca45-Hc8VZiWPpsSFlMXl6oDY0fy34CzePAOPjd0jOUg1d2uJyrxVS0dVwNWEmlrq8REam8u2wz471bv2hwJxim8KGGUBw0_sRuTq6XTo6If7rmjMzz2EWB6t2BGSonciaqUvX1gvOipDOKb5sBznx1De_z2VL3Jo8grnLxsohtfWUKjrWUHlqz050rWaXuLSRmVTtj3qkGb16ZJCdeXTxiunGxEWMJ7-6rAuv2zqBs9o7pnGrjdRksurho67XfElDNaGXx-h_CpnYVQTmFjacJNbbQLQbFtVZFsGOW8bokaGAdULp9fqxP1jsrUKvXLdI_x2HeGCkfktO83GiW9YGN1Tky_9TQ8LpTrE3tt85YCCwPCXg0hVXJSi242nSWD3q9KSxpF_v3Ah-A4Y443MX2_26Vz_7EoaRfMhVv5m8lJm4ElLPEyv6P0M7lJeC2Hx5VqZUhWrBnCxOg3fSnDdQ56NAGYdMhBL8hbfv5VeFupX6Jn5INy35jViJy8SWuo8Cn5f8vK_cf_HLFt80CV1Ap3yuljmgiDgsfS87z_evTydXgGgzkfg5Le06Nu0qMiji6vDKwsOaX-PCGNw7oijakZz0BSwnYeNw9C73lLwjqEgvNlsizHjlnw-YIwfAuFcyBrgEJ37R05JXmcDJVBWoEXL4jvAckbcCVVAqOI3jTPdzR7oTo5jwrJvT_TvHvpBugGeZJMidL6Ho7mT3aGR6cpTPfMmvQsfUFsDM_LIWdOGcUTzS_O10&cid=CAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64&rfl=2%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 12149544148951276823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:26:37 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 35A5 41 KB
15 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24166
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 13:44:39 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 694B 111 KB
38 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 11:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32689
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 May 2021 11:22:36 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/elements/html/ Frame 694B 8 KB
3 KB 81ms
77ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5ER1jo9-dL7MzjTS7NJt8zb61y8zpqVUSvhkckGATXUSCdQ6o9qvewCPu9aZoArHUBabBZb7_AU7lbgAPkWaevasradhperSEnJlZNvKIlddPMvF5MAwKfI7e-hUfj9BsFGCIK3bQ9WpxoKAlT11eaGgkYw&dbm_d=AKAmf-C4WXpv-mTao_Y8SrdoZ3nCzfFxj0KRvbs5gkwxMFtT4NKEGEhSAoftkaQw-pCxc5WzYyMx5r_a9vHVleZl9Por8b4K90IBr6UAQ6-wwQgOB-yZg6xtkl1BnpUQS_Aiabh_mGQ6fj2EoNs9WAntbnIKJPHzEhB5i86uKVr1gXun09fgMNoN2LmJ1YX0NWmPo1brhePR7E3VAp37B0vQx3UB-tsPkT_95MDkdrrz4aPcIpdhh1AQNaAUE6YW0NvvxgUKJNq6_IdD0P5ThrUF85EkUCb8EtVLCB9jvGdW4RQPxp2IP_qizW2A53t3K3xMOk4yJl651VwWbEbERQ2AOMHiLqaueoVnffaYMR2iYERNlP3QPT5Sr_vBnkuasH5DVaMXsiAe0tDwoI59ZekrFnrc2wekNQeTOiaGHywsQU7Pcqb4wyA5XMt5cBahtkwSGp3GvK2KgJFkmibiK1JLs6BE4Zm-ZuaVTJiKPaDNAnxFFV83gresfgOYMUM-qSG5lJGDw_sQMo6v7ZoFGNKuaub3rLPPN9JdWKoDBzbGIAGhBCqjEpu9-UsXntqnC0exos7kbFCfDLw62IDl-nMgVDzCx-H7DMKSFvvsEoiqGoYJAcjOc_S_S3KW1ggwFVRWVOQdTSmN6EUvEHkV7rgQG7x4ZgOWhGqISPfSQkGTz-Gkyh0EZv0j4Uwo0WkLnBX2SGzU4CqVgq8QRM0OG4M6JhoKjHB4rgH8RuiiQM3_HlFaFbNUXyN2mPymt02lCkPikQDu3S8ap39ARZH9UvaMFFWkBNPrR3VMBD8FqwI4wf1dmO-Z-3nw0GDoBy4PvEpjF7HONWdymE8UK3tirpZew9w6FAeAyKJ9ZliMAuni8keAtpYTnKHYlE-EzNnzY19MLkWfcHGfq0Zsl6oYOibH9O0kgGeT2fUYv2RKshHREMQC1Gvp0tybc9Vx6tAo64-o3FNs63hCXfSWMXpcW8pUlq-VJJnlTjKpcjk4VtGLG4WtvlmWaYx8egeWShtfiGOdg2Dkjae-tzkNGlWZCfMhO2Vqjza3iWrvTT8ZqQMPv8m5b860-6dFn-kjndxrRBxUxTN9leZcd5B03prUpQzU1zVka4o9_BpyifBnkH4j4SB3e8EwhBn7vOjaMvNE3AxwL1ESUJr_oY0JQ8KEgREu1j0uHd0yb07PRv7Sb4707Q1IfWT34a7V6F5lFp8VHigAPO6cGUFKyxbxZpEvSxsByrQmMzq5EwKcD6UVyEzIGRFWSmg6a6Skze7DHf--Nb6QSitj0F3pxX7MZoowqtDorOKmCEYUyDo5E3lG7HmxIpOghDKa1JpthEbjnRYwBe8h5Gyg-Yj-lQp16IdSxAq-xj-jbDyhG55RJ1WbcEey3-8AjRRKsE_T_PrIPY-pLuGhnXjjqaZr-BNsmgTohXfwoi3ZGgjLzWvej9HCROgE-KHsiB0vC1Uv4BKfgR3M8lgdn3R9B1ICXkD9vWIlrZbKd5p14aOfSvb6GvDIK3t1XnneRCKunHFddFrN3GI_IAbq3SXROBBjv30O3PRV954MZJEQPwdq2nvzKk4gfH3BBrFnIpJnY8gtZxbh17mYc3kpLtWDvN1BzHwDuVAZnaqwOT9YWakZuMdEyvsJmJiizyYMVoVZkFvjiDlw2T8E3YfiJstHUDpLx-oQkVJY10QkijqQSa0HhRALeGpp9sKyuRLNAoInoucMB1Kez5v6dSdhCs7oUE45-PoBsh1HKbnIAUNIBe5qX-LjLBnzVMcYVnop3H3GV7LdnVs10Lx72f7M2VYrG8-a496aoo3t0b-I4p3YW0m8HMcmWn0Xv3Z7CRzjXBZCvdpsrtbxYRCTPuPTdi43thGkKrze710l-y8E0C1vgFAv2_-A8bzl5uex7iYVfT-YH_IHf2tfPGP2OeG6kWgvCL4uCCxuPe47jp2qY8K-QIm8QeDXvlgO4epEHSdNZPny6X60c9aj37OsP6a31LrmwR23dvfoGRVsLLy9BJCQghZMJAEQC5WrPlKe-KayS2pJZwIH9fG7B2XyrPSDguVoJQXeOQzg1IBecIUB1hhmVQ3MpyjjEdSshfRKCdU8lyYaC48RvGHf4WfrJszLxvkRQq0GEwg3RTozjQNi6SNLRSoK7lxCkJdzgVLPc2O3Ku00mTpn0vbF8V4kPJfK8EgDshhVtnPrI_NXwJ6jSyxfqcfTA1sR-fX0Y_CLiRVZxGRlwwt6IMSEU1a_DYF4WxvUODvXix2rf7a5ZdZnnjVIBxRi-I3TwbI8fp3K9846ktJJwHn2hS00Zfxwhhilybshwkuf1zfyjhAIzmypqnpi16DRu8YnKd0lTOv6od-sukMK_wvbEG09djZs2Qd5iX2RX88m9UhCbxDD4cRBMEPVmLYPdmeQkgFni3ioEyHmX0jytdLMbtxSeDYSNFb8AHqvaGLOgv_vbs8YdfBWeMdWkJgBJLftwhZKG5qe3nRGOF7ofY3YiOh6fr-vhqywX6jDZIJk-JSdNiqrjlcSljPo8GaVAvAcH71h1fl8pOXHLyJdPPP43LAkGlNvDfK24zt3X8281DCAcVp4LbM654_C6KuX6RvhvyJRDvCMgig4cMQaJoQ6_dNwm2SLCehtuVzCnmvujBpv99mm3tN3DKy1K0jrfgGxsKpB7Z18EqH0UiM_oezF77gfMkQwQm4opGnozj6Tw4_z7vNcvcGOhgTkl69sk6NqPhj38otS8c2cC46C8TSCPZn50rvrTPiY87Ur9USqOuOtrnWXoWu_F-ACFMB85eN5gom3OZTzqvfySso-WPYjX2cz_keIQCqUVjaNHkjnLqYrEFAoZmYL0fXEn6bir3QeRNkvgGtvuJrUjur36th8rmFAtueSo5W-UzjDTuwThqgRLC24Jf55sa9oW4p5DNdIvYwncmgMgETh6NJIuxG2WhFXjbllmctG2x_CcgrHYbkeDHw02VHRkAsVBxgxSXU4GXZ9AaohHb-r4jrcjq0&cid=CAASPeRoZ5DqkwmCDd5MqM66L991lnvFXZ7342HUpNh_u4Db7h0IBNpFr8bK4vKfoE1u8UJTg3I5drd99uN5Gv4&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:23:46 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 694B 22 KB
8 KB 83ms
82ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 12149544148951276823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:26:37 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 72FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1&C=1

43 B
1012 B

137ms
137ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1wgIQ6_3nAhiX_segATAB&v=APEucNVbgJvCih9fGceRh5ZThJcC5n8Szp7KhCHYTIdcWdGhPrUmQ8WqfgD7yc8SgR3Jz_DBlbeMFW7qxGbmf0DVF7nQ1V6aMFnGK5Qd0rA0kBehFfae930hyob-PfSiEY_8KTGFmikZ0mvK7__r2pv6Q6W2VHQwMSfT06GcZlMR8IMBY1hdUl8MIJrpeJg3ZHVgIJN0fqb9TvB8YR-QI_Ky5DB_TvybUg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 20:27:26 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 04 May 2021 20:27:26 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 72FC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YJGuLgaob6GNrcNnPkEflQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1

43 B
892 B

98ms
98ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1wgIQ6_3nAhiX_segATAB&v=APEucNVbgJvCih9fGceRh5ZThJcC5n8Szp7KhCHYTIdcWdGhPrUmQ8WqfgD7yc8SgR3Jz_DBlbeMFW7qxGbmf0DVF7nQ1V6aMFnGK5Qd0rA0kBehFfae930hyob-PfSiEY_8KTGFmikZ0mvK7__r2pv6Q6W2VHQwMSfT06GcZlMR8IMBY1hdUl8MIJrpeJg3ZHVgIJN0fqb9TvB8YR-QI_Ky5DB_TvybUg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 20:27:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED3W1ktG7tHuUGGgdF0Sru4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 72FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELX4kd_gzOOH7GRxx_uPjH8&google_cver=1

43 B
1022 B

76ms
65ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELX4kd_gzOOH7GRxx_uPjH8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1wgIQ6_3nAhiX_segATAB&v=APEucNVbgJvCih9fGceRh5ZThJcC5n8Szp7KhCHYTIdcWdGhPrUmQ8WqfgD7yc8SgR3Jz_DBlbeMFW7qxGbmf0DVF7nQ1V6aMFnGK5Qd0rA0kBehFfae930hyob-PfSiEY_8KTGFmikZ0mvK7__r2pv6Q6W2VHQwMSfT06GcZlMR8IMBY1hdUl8MIJrpeJg3ZHVgIJN0fqb9TvB8YR-QI_Ky5DB_TvybUg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
X-Proxy-Origin: 31.13.191.137; 31.13.191.137; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.168:80
AN-X-Request-Uuid: a36bf32a-1468-4982-8ff2-a196a2fd58e2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELX4kd_gzOOH7GRxx_uPjH8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 72FC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDUwODg1OTQyNTgxMDk3

170 B
188 B

84ms
73ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDUwODg1OTQyNTgxMDk3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
X-Proxy-Origin: 31.13.191.137; 31.13.191.137; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.237:80
AN-X-Request-Uuid: db7196f8-91f6-43bc-a7a1-6415e4e41899
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU0MDUwODg1OTQyNTgxMDk3
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D548
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE2DG4f-UgQjgsSHUDG8464&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEE2DG4f-UgQjgsSHUDG8464&google_cver=1

43 B
172 B

61ms
60ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEE2DG4f-UgQjgsSHUDG8464&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0aC1DTAB&v=APEucNXLUMop7GvYEkgIbjYZW2QeG9jBiq4uKLoagp8za_KC9cZn3Lcwd4Xv0ZBZ2SM5z-lCutCv1KHupKV0B9kEMvxYZPTz8_tQIsK0_wDTCSAEWVi7Kyo4CoIcK1uErWhz6he8rwIT3nVfhsy0HmTmIcM0DcjoxCUJfOYH_tvDYW9zyyhziNLzwozLTepjMTS-jZ3JdIUpPimFIoenC2bSXpQk5fXC0Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEE2DG4f-UgQjgsSHUDG8464&google_cver=1
date: Tue, 04 May 2021 20:27:26 GMT
via: 1.1 google
server: OXGW/16.206.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D548
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQxMmM5ODEtNDNkNi0yNjcwLWRlNDMtYjMyNWIwOTE4MTNh

170 B
188 B

71ms
70ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQxMmM5ODEtNDNkNi0yNjcwLWRlNDMtYjMyNWIwOTE4MTNh

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0aC1DTAB&v=APEucNXLUMop7GvYEkgIbjYZW2QeG9jBiq4uKLoagp8za_KC9cZn3Lcwd4Xv0ZBZ2SM5z-lCutCv1KHupKV0B9kEMvxYZPTz8_tQIsK0_wDTCSAEWVi7Kyo4CoIcK1uErWhz6he8rwIT3nVfhsy0HmTmIcM0DcjoxCUJfOYH_tvDYW9zyyhziNLzwozLTepjMTS-jZ3JdIUpPimFIoenC2bSXpQk5fXC0Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 04 May 2021 20:27:26 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzQxMmM5ODEtNDNkNi0yNjcwLWRlNDMtYjMyNWIwOTE4MTNh
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame D548
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKezYJaEZ8KMsOaDGekdzls&google_cver=1

23 B
172 B

99ms
88ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKezYJaEZ8KMsOaDGekdzls&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0aC1DTAB&v=APEucNXLUMop7GvYEkgIbjYZW2QeG9jBiq4uKLoagp8za_KC9cZn3Lcwd4Xv0ZBZ2SM5z-lCutCv1KHupKV0B9kEMvxYZPTz8_tQIsK0_wDTCSAEWVi7Kyo4CoIcK1uErWhz6he8rwIT3nVfhsy0HmTmIcM0DcjoxCUJfOYH_tvDYW9zyyhziNLzwozLTepjMTS-jZ3JdIUpPimFIoenC2bSXpQk5fXC0Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 04 May 2021 20:27:26 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEKezYJaEZ8KMsOaDGekdzls&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D548
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTk2NjdhMTUtNzlmNi00NzY1LTg4NTUtYzZmODA4MTE1ZTE5

170 B
188 B

68ms
68ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTk2NjdhMTUtNzlmNi00NzY1LTg4NTUtYzZmODA4MTE1ZTE5

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MTk2NjdhMTUtNzlmNi00NzY1LTg4NTUtYzZmODA4MTE1ZTE5
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 8E4E 22 KB
8 KB 69ms
64ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6AJvuIX3aIdsQ1c0Hj0jQnTmIPebCST6U854DciYY7hf8Uue-xM3h2sKvB-fP65n-DuEechFuJhaQXI8jl1DCId58NpcaChbdQcAOPu__tExWP2DWj_Yf5dPktDqF1J44fy4GfiZ58n0JWQkt-8eLJqjmVQ&cry=1&dbm_d=AKAmf-DP-2fcTc9xqeyncubKCQkD7XU39S5AQf6ZoMzNNjENqBvWr2vSRnbuF8RnmfbrkN_7KHHd-ICzCoBqWQ7snLVunYUxW23AZ5N0OaVbd86RTujcvAF8KCLCDceOPN7h6FZ_TRPyYCoAeIDzuEwg0efDirhST0xn2jxfS5yZZh6pBTeKCzWmiGwyluBPWW4KR4IgMh2QN7nQ6bii8IxYx8dwvgMARlcidn4T1njODMIraTFr6xMB89cHaFHZfGhoN1IqYQ-uRcFQhtYDnaO1fN_kyBGmxpyb56bsM1epgEKydCpRRIKVENLoxLd_3vEiwQZuNZh-hd86aCJTclOq3hIpnOrZ_RvQQlOi7-jNT-rcdNvdxY-m8t5ZEHHEYJvR2RYgF6HF34BbIbsEFY2TvXyWtEqKiIbO3VFNw_DKKzWTuhDnp8UDFyjpBgq1F5CYxoUxVIH802f84rEl1k5VBUCpya5zDd4LKdvb-lCvhn7B9LJMjaasPb1GC0w7pQ4dk0YPlW8UIyeZ4JmFG-iV-FTcKEqieAPcoCHlvrRwp3R6yY6_H4T_cc7lOP5uJkh4Jy34d73PmysDGQ0nzlPZwynBhm6OJTIzH84IovuH1t9BSvI72m3toWO0gnnKAtlrAxtJsFGSJkDtAPTAppD-cdt9Gf4GflCD6mZl2l1wwf2RddXnJoR0idXCYO8bA5TMpBCHCogqZU7Te99zlgzQ0L-DG6lR2pv9341y0twek7Soi1heJ--IhmclzTKsFyj-KtM--JWWxZ0tFVLFiSvmjryGV-t8kRY_S2xivCo5KLkcJ3tQYsiP5XqvHYVYaZgjrPSJIlVP9aP_Lbee5abt4hHRFcIU7U6U1GWW6rOcEdViafQ7UDwbR-6sHMtX4YMwbeW4el1AFhNv7vDD07MaVWjeDn2w2-130HNyoa2JuiYEh9yF8bhfnDCWzK3rWO7Mw86Wqh6QiThy_8rsHy54Duf7Jz9lTfVSYIHirZdXXCN4yrdr9C5jutsAReD3IZqmROpua71tPtd924FZxaJy-F1O8xSKMXIYDRVayOrKSyWsxy2yTwDQQ_tQTj11ZqwrqSDrWZvA7Og5KIZRqk4M1XJt6sGln60wQkX9kKjgRd7W2HFfnvvt7khgY7Fmuyjfcsch5V9btXZ084LUZtAu5kOszs6u0NdqpH5yhTKPW4iivz5ybu-rNuyPeN8k6uEQEba_c9wOH2NVFXVn6GvCdbUCt3AsXdahpI7g7KtnMB-CEdalCi20yynn_tiQSorkhJBvEIfjpfLQ0DzIhDGER-HpCJF0fuvcRxmSuRYKvfMN3uEx3pzij-3FJAqSchNQi1ioixvdAv9XLX8gXbcw3OlEF4eOdREPEMNuExNiSwMDUYCHWCMzVhJsq-RHdmfFLBIV4SduIZRuZTdijavIcOfkAMVWdUSRzKFsvzzWMosnw5CJGkjnZV-ErWOQAZq9ipcAIvlM1CnPROkjwYRs7bHbmkDPF4w0IbJyI4W_YdZvLRH4D38dabohCwgKFcj394NAmZapQbosbq4odFwI0P2SnyO_vgmN-wLfSODQNpc4zXYkf9vhipbQdi0huE89TcFL_4UjxLmKmOEm9KpiKGsruXZm2q5ZvUtWTzhZjkpltJcekDtiINfYJ7UqvdT_BXHEwRQQDh278CL3iwvOSNWFFp1-v662EP6Gexc72TrWwbMsftRc_B5zGj2COwoPmJ9zY67DzYiUQM0wJJTX9uhupBOa4nZ6TpxtcZMMM58LVRTfZ5QSYBygYErgS8_WJjn_FHjnZjqq6qtxbYRM2WX9TeCRyPfyqgx2Wh8Dr0jjsCUYukJFA_2EZG50E3vkqwrvP5IGc5o4cPUEr6ClpTEmMr03cRKg6BhHswVA1jjWnKPtFbBFN1J-F3oadY9oaktSOunTD1iFYKL9bXCHDl8vHkFoTrcVGMBgJifGftTksR-B6hmVSQBQlFgL6YvdMCiztMz5hTvOxScQ7NQQc5VklZew7page1ytygleIJr1Vmbjce0rYHoO2aGbF3IG-Rd6xaOcOBSklI4PRVrMVJyVM63teVqhFfYGLKtrvIPvMPI5ONfVdHiyHDd2ByteY0V5ZCuhZcOJBD1i4AhQcyHyR6WdsZbZCssjrJAKpSE7C59OffqCh1fvCCzxhURbHuW2tsPHwnNudjLoCinXMh_1LXjNMBD6jzgks16Z92l4ttmK49HDmLV44ZYHDCgVLAOthn7wq5UXkZr332aRuBqIJRbfrbw_CkM51Mt5XwBNPDJTXjxM4uTZbfFcePsx-nOLmg8nXKP_yTL76BneyK2ZHUPvzhsYYatxMAaDoWz_8jmbtqEvkIj9-Puf9SmkGbdHnyJl6JnjnLdHDG-AG-SFOQKUMzZYk57TGgDFdgA4tFThe10IZHEezn9OL_379PkX_KMqpxWjOHtVM-HrxReXs9z1Cj9z-aK1wevTvDwfzCgGVavqQmxNd010I_j-sZFlxfyhiUM8ifVMyOkibn6_fYdXuKOLWmUFJADePYwaAZxIuw2cGomBeUCHAX5veuF5jaJ9AY8mo1RAX-iSHYCv8L-F_zm3MZbXSwRiXXj0geW0TBYhdF43UyE1pKqXuqcFeEJt_7YBy6VRPOrhH3IqWCKVju57MCFFUOaecqC8nc-8E69jyJX3heskdEOAL4c3BfinrhWnUDH9PGa9EQeBTX6PdiTqQcSS2d6jeZZyz2KuBHG85Y4cm362OS1GiHBPjgM7il-8F2LHKXRv0Mj9mE1x8fGpbk7-733rUTEMoR2neiZe3kwjuTIsOxD2kx_f9KhPBJGUdoOD2J7mKdBWPBZZZlae8q8b1ECxtxySegMlJQbWEt0m8HIQi1sI-GbfdJZDx99CQtU1zQ3gvgm6yhTXATZgN0gNLJsJHWmZTtBJq6cckAV7CJHh7n-O9MI1s0Etnj7mBcBAFeJBOVjW_Oh0-yqvWJUHafpcflzVBK3n7d0tbWdeHKc5Md7vLut9BUsJMhl-WSZw10fNirDOGATIc-_jzfVUc4Cqm6aFKm4gBiRkDTaSURaLYtkBVXC60V6uoS6RIZDDZINUODgCDJ9aaspqqOGuDXfo5RSZSDIMFF0OjG9N80uljswWEk00wW4wkPGbarcA84agQddpBSApYOoGD_0VbUMGwgv25xqvd5P0OqLRmJpfcsg55QLe9EX5&cid=CAASPeRo5_DLtJGnLXvciSw49Rbknee1XH089ljCZpI-u0R8s-RI6U7zgcUuclGGosstUDwc184wF87tpDdbktM&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 12149544148951276823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:26:37 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E4E 41 KB
15 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24167
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 13:44:39 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 89DE 111 KB
38 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 11:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32690
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 May 2021 11:22:36 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/elements/html/ Frame 89DE 8 KB
3 KB 61ms
59ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCRKSTBSbPq6iUVnM9dL1IKGNyXpcc7Hxccr_f9SMJGjSF1UKLboMi4HdEUc8S-e7e8VyXUAb-_bJ9T8Ji1AOv5H0QV9g_OPLAye-5u9F4V8eOOYnctej9qfAd3RBtk6C1ZSfDGC0t-Jrgp127XsOyoc8LnQ&dbm_d=AKAmf-AgcT_XZEuiaaE_2swsib0GMyLuFLuJ60sTbqQKmWdUzlDd3B-uvze9vspbzNryWq4Hp-a4iW-_v0qggQr-1oPaPXdtMz_Ecq2diuPsbKEQNUTg_kL_uX6LmNN_loxvidiqjCiBOFtRJdkl5SnWM3E0lzJZ0HMRhGmlKlFKWYGQzt1SKxcd5plQ-ndmdOHG6K83UKl1EldadZixeaiN21Csh6DAlkgOUPo1xk5-3pTu1LjrWxYXFZlg6yz86c6qQsGMLZuO4eSHL30dPEqGRLYF0u-t17Ui9aWWG4jsZlWWSJJys21ilmsTXDmRjMiivUF4LhUkvkN42tYrK8VdEVPn0lUXCCl_K0OMeH4ZSJVA39AAMR5TuiHjZPddoQilqf4bm2dH34lxfdm5g-Tm7eo4KmtbnWrIpZSBMTCUfdDe7NMuZjd8u_byzfaZUSRkHjM14exHLvAEHQ4bBhrRPGq66klyqwHwQsu74GZQ4cBlkflj25FwdoOCSj369jQ1K1Tsx0BDhegWfnS1F2OIPzOYnP6ae1oAJCasHsduwf7k0vHbz3AMqJRQArg2k1pmo7Q3H4_oscw3WoibgeYQ5YjN83QFgudNuv_cs4jUyz1RTFpgo3F-2rhNijt-ThpLP7d-lMPohYEd4G5WzOKob5jQpEa13UJcK5VOmfCTWh4Q140n3Tr8QOQKP-oghXULVBkpchJCTpJojYmgZF2ObXVPawaCe9a38YNiUX8zBaPJ-W6sr6nRoxe2NJQZwaU8g_GsbDdrRyYmyg2xS1MUNlCVeW6IQDCe4vT5AcmfdrAT228wES32e8z0VaKrnhBR6vu2nsqwyO26WdZoXeEtmt5iskB_NJO6HLT6COH239OKH6LdMwsZRILtE8a1FuaB_pFiQYHlI3qYURGEFL9526zQqzt91B5gU7PtZbIuAHymfaBkNGHIUIxJurndrkYn4viP9JyFGa2Wl1D04kyhWp3OD7y87NxedK2XAhfAUXnI8WG46yzn2i43vq2a5EfzQPE3kPwFpvqqbDwzt4RaS9dxO_OWF0mppbKz-0KXqa9A9TwZz1dlNaQ4QzNVyQM-cWtJ8yaXIPizhLUNqBjdO586Y5k9K75fXFIx5K2gpSU6ZT0_j7_RVmwPxzyNIq6F2Ic10zhLBwnQptzw0FbO6JQVZZWHIz3Ac_l_adyw1kby29C0nVWi52sV7zPoeafmcRK5GGbovhr8smVLTyrvAwO4O9lIPpa7B1jOhvKJWsVgZ3uiFJyTYFnJWZSRIFgSQYKJjYxGB4XwINRmTKuxD5EXqrf4F6VnLg1wQ3r8oVabNKEQMsh9P-z4GNzTUGJ6CMUZB2Pd3aYindqocW6eGyB6O-1CM-PETenBIWfYFFhlsZ8tFFdbxeWPs6SlgLBvs0JlSa97h4XRcC74n2j6i7HGxKRqwQOoqFPm0TpE7O12f8UW3x-YHt1qnfAJoBlQV2O-AuFF_myP6sTP94v56ChAGsq8EJVrR28WiA_gUtjVakYqXvJdy5lFBqi-SIN9Zyzv5XaKKZUVxhZxxYsxEZku-yNFRmds6SZ6cLvigEOgORHf60GfyswHM16Y0MaRZXCfVAb6BpY5dB8I8RsNdgLXAChj-W9tjwWuyFwKEkczo3bDJTsdmDCyT14pjNa_955TpFQsiD5LCLNsPzFzB-Le30-KK9y40NMrabUFfZTukHwWF7gnhJTMje_zG4RVziFmosUJI12GClI2h2ByDRXziYUQSLJQtXg1jsTBrA8eXBziJtqoYl38teqoxdg1AQx6cI12zZKmQK2lgV3P-3TWElFOKQigwOtpzgJwGy5NhMs_RiqBOS5rwOYzGTkmqgrArwThIaqlGhT_S72f8RegEF0Lj8bM2brhoV1Z2Qsi4efX4Ui5i5gaLtsK2kZpUjVhO51ey2c4wqDaOSSaW1iYNCaDSY_nCu7JjkSOVabtJrmOSK5jvOwnEroqrLpGGZTdhTekBSGSPYH3L9kLtPsIctoJxrRRnMbpuJCertE7GLa3vxN0yCEs2IY8porehLcM-DFArx7f8i9hAlJAAlvj-RtdrLch7YqiGQI5kQ0xK8M0NM_w1k976hiNbQ_6EmLej8JStcWVtiUXCxMz9FJKqrhvAXUH_NZNVNliia67cCSnWJxByTHyjMXZnFew38tkLPFsEEE-Gvn96BWB5hutQJNA-VEUhrl6l8d3etxchNUSGkvcV7f-PC8d5mob2v9XpWP_AVaM7srL-UjQveKMPYRs_hiSNXjiz5MZ1Uz_9cXlzRJJMf_EjCmqIWhDM2WvHtNlx_UNoKdoZ7zy0d7hZs82d_G84qQ2xqWdyelQOsoifpKb7uwMCQvyGFK-82K_uwtbMxNKubINM9MQueepeDi6FHs3M8jirwElPuwu_oUT-DWnciU2mAEx5fPQlPjUBf1jTReYlPS_jjeVB5cvDqL9J6WxYCWjndJzQ71diSskOBxkHpVVgKuXPh8moEaZn09TMs_UzEZ8lh_MfSY9msJHU55sEY4ygqE0kbSWZroQGFgauahr3vjLPl5sTFXrq1loYArGftntdRGErmLNUhTOLbgYEKvyKP5R9E6LwpTH1jv4D1R8C9mMV0GGg4XIuJ4-ZGCX54ILodQp5gHFcO9_yernKzBMaBk3SIsKEYdGcXS6bVpHqqKS_bYHpo59ugmn_wgoQZWUS75KA3VmnIPsN9_Uw2P65CCy9YF2K8h3aRa_CRxwKqwpDf2sji0-yyur1r1BUDpb2MsL0RCzHd98Hqijxonncjl58de1rBWi8qnP8xJHOjqaUAJlDC9DaSJIynDzAU5BNnGvyihBo1IwsZBRXrqSED_g33Gtg0rpJ27Ydg0CmkMCgQGF1IYjJstzHRmNt4oD4_x2ivwOYxYR0dNZ_TV-zIh6aXjVWhJQuEa-hL6KhXBqiwmNLU4YJQJhzww4PXPS3c1M3S7ZiHb9JD7UzWDY3uuooNEvwXeFouqo5rAXJW8tshzY0pY14GAJ&cid=CAASPeRool6uZgJ6GB1xXXqTfRen-WfxOrLzF7OYTvfvR1JYLGFE5RUDZ2LlpeXuHwJGSSyJdDGwlTxhD18fWas&rfl=1%2Chttps%253A%252F%252Fwww.opovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:23:46 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/ Frame 89DE 22 KB
8 KB 66ms
61ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 12149544148951276823
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 May 2021 20:26:37 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6F69 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 04 May 2021 13:44:50 GMT
expires: Wed, 04 May 2022 13:44:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24156
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

sync
partners.tremorhub.com/ Frame AA47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEHz4vCOLezLGTsATwvHumc8&google_cver=1

43 B
183 B

291ms
99ms

Image
image/gif

2600:1f18:612b:4232:4acf:609e:729c:ab1e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEHz4vCOLezLGTsATwvHumc8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0KC1DTAB&v=APEucNWfvtcYatR3osRMVo69C5iSrLsHVRLpQOKIuebtBbL-jLwFmz4fVpSZOcDGGgn2uLMHPB_xU6m-oqHOhL913KtSVAN1FipMicgP3ZJfMJ3Ts4kRjGRwRhQJMCgV27t-jfuwD8ManO0h-YUlyC-GeXIOpgmGBFAzSf2EYJ-IlJIdUfyWpuk41hu_YVYsvvHxlAQ6B3ccwMHCkT4shghQpjYT4N-x5Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:4acf:609e:729c:ab1e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:26 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEHz4vCOLezLGTsATwvHumc8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame AA47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOMlUPRp-cXR2H2YmoZmBA4&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOMlUPRp-cXR2H2YmoZmBA4&google_cver=1&__user_check__=1&sync_id=23ebec14-ad17-11eb-902c-1a7cb9e30506

43 B
548 B

56ms
55ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOMlUPRp-cXR2H2YmoZmBA4&google_cver=1&__user_check__=1&sync_id=23ebec14-ad17-11eb-902c-1a7cb9e30506
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0KC1DTAB&v=APEucNWfvtcYatR3osRMVo69C5iSrLsHVRLpQOKIuebtBbL-jLwFmz4fVpSZOcDGGgn2uLMHPB_xU6m-oqHOhL913KtSVAN1FipMicgP3ZJfMJ3Ts4kRjGRwRhQJMCgV27t-jfuwD8ManO0h-YUlyC-GeXIOpgmGBFAzSf2EYJ-IlJIdUfyWpuk41hu_YVYsvvHxlAQ6B3ccwMHCkT4shghQpjYT4N-x5Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:27:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 64
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 04 May 2021 20:27:26 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEOMlUPRp-cXR2H2YmoZmBA4&google_cver=1&__user_check__=1&sync_id=23ebec14-ad17-11eb-902c-1a7cb9e30506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 22
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AA47
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjNkYjY4YWUtYWQxNy0xMWViLWI1NWMtMTlkYTg3YmYwNTA2

170 B
188 B

68ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjNkYjY4YWUtYWQxNy0xMWViLWI1NWMtMTlkYTg3YmYwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY0KC1DTAB&v=APEucNWfvtcYatR3osRMVo69C5iSrLsHVRLpQOKIuebtBbL-jLwFmz4fVpSZOcDGGgn2uLMHPB_xU6m-oqHOhL913KtSVAN1FipMicgP3ZJfMJ3Ts4kRjGRwRhQJMCgV27t-jfuwD8ManO0h-YUlyC-GeXIOpgmGBFAzSf2EYJ-IlJIdUfyWpuk41hu_YVYsvvHxlAQ6B3ccwMHCkT4shghQpjYT4N-x5Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 04 May 2021 20:27:26 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjNkYjY4YWUtYWQxNy0xMWViLWI1NWMtMTlkYTg3YmYwNTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 139
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EABD 10 KB
8 KB 71ms
70ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5092fd4595f5c04ee04b0de12551fb7b2abe63d2be41a6719d96435ec7a4b3b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7696
x-xss-protection: 0

GET
H3-29 200 index.html Show response
s0.2mdn.net/9753181/1616405701336/ Frame 2E69 11 KB
4 KB 25ms
7ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9753181/1616405701336/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b30b276b2c01bd32dc2eba0f2d7d4674d851b39b9d17815331b6ff8161c492c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9753181/1616405701336/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 3822
date: Tue, 04 May 2021 08:06:52 GMT
expires: Wed, 05 May 2021 08:06:52 GMT
last-modified: Mon, 22 Mar 2021 09:35:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 44434
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 694B 0
575 B 243ms
103ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssE1gtRfZUY9M2X6uWVaXekJe6R-ljPf75MPoqxZeF8mQ6hVvHBYhPuMS1gaRCAPYDNli2jbddSNyVNcJDJopI9B3CMdSWtxuhr4tDXbYOyHnFC5rt5WfGba8QPSVHjqtnOkg-B5qoXSae9Pclb041ATQXktR6mkSbOKtrW6nWyDIIWa3-oe79ydoYip-xIspU1JySF-1snEa34Hlfk8mqd6IM-NQ5zbUc_aW-wVj7N5X3_A3IJUfzDShpgRYqqHEFmCRGKSk9F28tgoChzZewC9b3uqPFU-uFTMZZwcrYZl-5ee5nWskl1zEQ8DHafWj7WOUmICV10DW46Bcmi3Sh6XsMg8nOD5znqq38SGG1eaqaS0KRo_zUx8sDtwUaxPrh3B2CUhokFun6x6npKkFkTJQr3cRYf2SbPAyb6Na5EMTGdtiIs8Hg0Yo21iXKeyBqehtRC_5vMZ05cXftHeot3lsQy2ZClwXqX2EsuOTM_C3oYFxpJ7TbsnZLBideLD5Wye8tC40Jm6ErHxo5b2y-LdOOjoZS8CdZtZW6f6icu0aid4tOOIsu-ku0AYZn4j8udZsJO_gLlSRf6HWeTPf7qUFSdE2G-6Tow1fSiOWcfEvSqg7gRsZ4bWXmMdpI11m_--NSwnjOsQr8QLXaoOXZf3NQD3KYx8swt9qWUdDUIC9jxHWi7OeR0-5GRJDFOLqzGOKyW2C8EqecgGIZWf_NbkQc962mG70VXDubX1ikd_8y9eW85i8lnhTIIwOlEdToXZteoXJodp000nVjU4t0D4bT8z8bfD3DZ7fvY-bTiNjQqds6YhscLnQggsiXt5FHUVlHmXVMUCRFm0NMp7NvEGTbVluU3ryAKO34YMqunn5DT7DZOS-cSQVrkp6M5Zr-R344AYguAP4K_QBljhCPG-JWaINCluEOLe_HjvIbtRJtjqEbg0GwQ2QkVttTpbjyI7iselGQ3ItUc2PRjMZiiNgKRJ43wueIkm404vJV2HO82_9tFZ1Hecg46PXZG5PWYd4tDTr1Y4KXE7c4E4-Qhn6cRvI5km4H4fZZGWVHWmJ34PCbqFMwX2K9-M1dpqT0k7tGdsDJISxUT_5o-MPjvL1za1VmACly47mCsyMfES3O3V5Z7kgC88JRLYljgIfZyVRkeX2eO4A0Unr7_NM8r990&sai=AMfl-YT_MhWj3NVYFccOD5wnS__spB2Zdp0zLdY8-_vn8mJ4-Kmd0GwN8dwBELOWDzZwOhlZqPoaieFV3hWEQNK2vJfnWgLAA6mDY0vo0MC_SlLtmG3xrkEHfyryk_mNr53N15KD6fW6ReSUXEn5n1QS7BwqqjdByuVzvXG1_LhUNKULf5h9YjaGKYLL3s71ecEUYR0NQG2P4VDz1iHIB9pyLamJl_B9U41MgtTnzhTpYQ&sig=Cg0ArKJSzKw-sSvjGsxEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=159&cisv=r20210429.56483&adurl=

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 04 May 2021 20:27:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 4B37 0
443 B 22ms
7ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy1wgIQ6_3nAhjblcigATAB&v=APEucNUoIRB_uDU7dC1qSkxj2kxTzG13fQms_5jH_uAGmrANlF390XRLgDwpcLdhSxdmZmWwq_PF3deSwzwQhsZ-G0xqcZA32BnMp6TFebHQ5y2BOeATl2rxpEvvs7kLJjaEG8YbgTDWqR9Ykns2Nu_sEuvDXs4vGdyTkxPD_9ptIMPhK14amfRNygoEl806GnRcoscI2FzioE-VQwbg-BWc8nm695cT9g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:26 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4B37
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1TNEo3Y3NkRTJ1R0VNNXFmMnhOM0sxYWZLRC5fZDY2NX5B

170 B
188 B

69ms
68ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1TNEo3Y3NkRTJ1R0VNNXFmMnhOM0sxYWZLRC5fZDY2NX5B

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 04 May 2021 20:27:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1TNEo3Y3NkRTJ1R0VNNXFmMnhOM0sxYWZLRC5fZDY2NX5B
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 0k1uvb5ne9s9 Show response
hal9000.redintelligence.net/zone/ Frame 35A5 11 KB
4 KB 193ms
61ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/0k1uvb5ne9s9?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCS6ZmLK6RYN-cEcuAjuwP97GdKIGI4dRg8oz_uOME8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9B9MHVfUqXpnjjjNnoZnW8MDqoZYy0sDlwbngIOBHrEuaA4gwyWyK0_Dq2mYABmAtYshOcvlNVgmW5dW_R3YIWZOt34LT_-BPmVhlu7H_LJl5D1Wz1XbLB5dZvMuapYopbtMRrFmKEkxm7x-U-e1Jo0qea1_qM4b7wS0btTQirHxhzjuKWvgADNyeNQk-QqSQ-pNNnEJ3iYjqjycqcmPBolvDpTHWzNCwPhNZIXeuWHNZnoAOypuANBn5fAbnaW_oQ9ijnBCN443_QVhXs0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64%26sig%3DAOD64_1eBtwyScE1wzt3euqYkENtt44TYQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AO-gEoZSCWEjkbTco4yUuQoSYLTgUR7tg7LOKf1Zxk9UGf8Qhftqd6lAAagDLhYgaePKI0S-eIC4r0rljd2Fr8R9us72kEUH3i8_9y-qHuF0tbUqhv8M4Yf3kBl_dxmSsff3gkRyRyws4G6Pd-0C2aOPfMfw%26cry%3D1%26dbm_d%3DAKAmf-DQjwyKQhLs21gMV_HLroCLKVYF9YDTIIRRPFKKScO60mTDz-j1eTbp-VPkEmo3FNY1HkuFvYb-7zQ8sZIr2m6kk_lnIqjPeqRAt6P2cs3Jh2tx3xTfN2GzWjpnWSjbzvyxNkbzKuAXoqkHg9r6WHZKMHgFL8Q_C0WY5cs7I4Y70gvP8We1H-hbPEMKGpEYe3g6Cyd_G1fe4MJmqBm2I44c1a5mXobfdHqmRCvyQTjExI_R8aIoZwddr3Pcfruw0ioOh5NZlszBrA9g_xXxbhnZ99bjapcUS003DWnlAykuhivOiaPNZerhfmJDoZoVr_4gLmjOD60Eg1chk3FH8LD4xfy8o0mx7js83OV-7XE5RziQvqcmuYpaPbaoQoVm01Ms5gYc6RHRDo8uiJSFAguHY-vOBtFXom20Z0b3hPeACuwZZYOZFsnXcoIH3NmfrJYjVly0%26adurl%3D
Requested by: Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 65b1fd78cfa055a7f7b25c07898997a81110404dc960717d826831e685c5b11e

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:27:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3888
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1369 22 KB
8 KB 10ms
9ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 04 May 2021 13:44:50 GMT
expires: Wed, 04 May 2022 13:44:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24156
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E4E 0
20 B 92ms
92ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=B8cyXLa6RYMjlNamtlQfgzqi4CwAAAAA4AeAEAg

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 694B 41 KB
15 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24167
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 13:44:39 GMT

GET
DATA 200
OK truncated
/ Frame 694B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64063451d9f2be927f36c0ac1db95fa0a78fc7be797df91f307af2e0e6b73560

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EABD 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H2 200 index.html Show response
noticias.uol.com.br/eleicoes/2020/apuracao/service/ 1 KB
1 KB 50ms
20ms Script
text/javascript 2606:4700::6811:2118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://noticias.uol.com.br/eleicoes/2020/apuracao/service/index.html?loadComponent=projects/election-2020/election-2020-config&data={%22jsonp%22:true,%22config%22:%22ticker%22}

Requested by

Host: c.jsuol.com.br
URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:2118 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a70c9799daf3ef74ecf4e75565d09ca038a83e37eced0ab40ed441248f40e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://.intranet http://.uolinc.com https://.intranet https://.uolinc.com https://www.uol.com.br;

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 9
content-length: 571
cf-request-id: 09daa97cf3000016f20c371000000001
last-modified: Wed, 20 Jan 2021 14:58:17 GMT
server: cloudflare
etag: "f840bcf63e0e529ed11e8b8dd262f924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IXomsvjsQiyEJqDBLkGAX7zQRG7oXwkLySvuTYVpwSiFwJ5u8Nc9SGQ%2BQ2l7PnKDIFtJYfxxF4EQfMjD5L20m7iUfSDtLRUPt0HfrvK9X2uHif6cdsPAGUP6kEhtkDu0"}],"max_age":604800,"group":"cf-nel"}
content-type: text/javascript; charset=utf-8
cache-control: no-transform, max-age=30, stale-while-revalidate=60, stale-if-error=3600
content-security-policy: frame-ancestors 'self' http://*.intranet http://*.uolinc.com https://*.intranet https://*.uolinc.com https://www.uol.com.br;
accept-ranges: bytes
cf-ray: 64a47841884316f2-FRA
x-cache-tag: 4000c5b97258b3868423d5a369fefdf7
expires: Tue, 04 May 2021 22:27:26 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9753181/1616408639469/ Frame CA89 12 KB
4 KB 9ms
6ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9753181/1616408639469/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d874b1e5d02ed7b8b8656a221d7c8b34c10206c7b9274faabc9b2c7c05be0fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9753181/1616408639469/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 3942
date: Tue, 04 May 2021 13:50:53 GMT
expires: Wed, 05 May 2021 13:50:53 GMT
last-modified: Mon, 22 Mar 2021 10:23:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 23793
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 89DE 0
61 B 106ms
106ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslSReh-jKINsh-fTDVhIuJHp8-0FotW3hjsfBWoFmTufdRhQrDAUKk9WoMD05sVw8061HEqvFeMu5wjNEZ-jo6fZt5NY1V7l4wFmCKrVp0yt3q2gf2CqEiobt9lK8g_uHle6nn-H9sPf5hTdLEIAxqNdeSoM2D2NGMUk2ZX2UYYQu-rEBSSGQeJALgPOeDDZVsQLvgWvwO3398DJ2D7gcCKtirMc7N-bCI5jF5uVuw2-NMMqvnGFDoHaYN2agVwy5dBws0IZp4jPjU5acflemlMcNoHi3Ah2IFlPX9Duxxi89OoiZHGboz1AUuoSUPA23EcH_zYSMdyH-Zi70UJQbjoN_wmzLIDhUfx266FBPMzdzkY6IUJDblqsOoINQap3_BYqAfJuvSruYkmczpNxZfreQxgqzFy4t2nioakUKvywOTEI0D-k22zcIiZizhBAL_LdTgkboL7VVM-weEEDDiNRzOqw_arUNCpWsRDhWcy0CsdBMgbVjmSjQFa4oA5fO719eEqKF0tPRB0n1z-6qdUiD-r7g4q7QZ3zsObReqrVAZBDWlgmZiIhNEEkPLP7Ob1i9hajosFANWw1dun_MxjmNR-XQm03j0wb8lfhzjmfTi9cyMGJe3PYRXa3Ly1tUH3T3E-P7K3myej6vvd4Gf-FMQbh-VBnh81cpuJfvBcBbdVuBrLydiUY9iiQmr-535Q7TYciyIN65XI2xEmQ3S4PY1ClJvrIUUqaz40HyTl2YKMl3dZXE-lz2pe3Ivu_LwI2OoAzwESS1KCh_nF0e4PGwHv9dwnrWz7AE8TOyXzzR4npgo_Dkxmd1ttkkQ1sihC-TwwPvxlfRP9uXdf1UgjWDXa3TB0d-Ch5MvgQxcFP6PXt_PIFpTrPOCbPGsKXis-v2p790supRjIf34CDKZMLEe4-A7izxKbNJ9SstAvdOlF-T4oiqykg3fWNC4czhSCSi8VyQFZ8f4lQCqE9TtqToZlilpJ_eGNokLBeynxas-76ZEwwvdad2QGwg8bn2-9Uiya3kBblhy6E5nQ0RjN87hXCetC1oi3xYmgNpDmiW26iq8PQuIEwkU0okU03gYWgL99k80VAOFi9hvtNTPD7OE-rc4iDKlIZR6fO49_1Y6LQr9_Gv-A41EfnG_BZMo4ys9qn3KWVQ576nRnytvGczCn81NFjCjlQ&sai=AMfl-YTsjIv9_KTAvOh-AAtEf-_RbNCyOULN27Bo41IcIQUg4hNG5nHvk-JtHg9xkE6pJY1qBviWnJrxVQhlaDtVp0dgXdQEF5ICu8fLL2kzWBVcpJCsjA9FYYgkqXaKplQ6cPZSESzSbWFgiBS3x396robAwx5xEbEjLL0fu7zfv_8aDEfE49yzgXYLdS5MopKF5IqEnGC459pdIG4PHDz2mF_Zi9l-GdVqUs8uCU0sxA&sig=Cg0ArKJSzK2gxc-BDbn0EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=294&cbvp=1&cstd=286&cisv=r20210429.74617&adurl=

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 04 May 2021 20:27:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK kpiwv0qvkluh Show response
hal9000.redintelligence.net/zone/ Frame 8E4E 11 KB
4 KB 180ms
61ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/kpiwv0qvkluh?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Q7OLK6RYOCcEcuAjuwP97GdKIGI4dRgy8Cx49sE8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9Bjbt5Dw2aOh02GmhtKiCNoC0SteGMG2V3LvEU7HmTactqbsaBijWYGfIwD7N7mLt3YnpzTSW66j1ZROs1xJ-PDi8vZmkYVF1QkMWD0dVHJpDuo8U1jWDQOJarrirMvp8BJeX9sJZ_CzR2xFM_i73VlwahGfnyeDaavhmicS3toc9nHW2bAosfYE7Kz7Vsl02pWNMY0TqZfaiow8exzxaIL8jX7mhgp9lbqZpLrspcOYeSWgk68zXSFB8_axE6xS6lgU4eK8tGkt-PPrPc0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRo5_DLtJGnLXvciSw49Rbknee1XH089ljCZpI-u0R8s-RI6U7zgcUuclGGosstUDwc184wF87tpDdbktM%26sig%3DAOD64_2J23Br0618W7ggxPN4lWiDh1JHdQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AxC94_gowSfBsmYN8YKkbgvRGi9Gq75NZaphoO8js37YIzry10fL5Q87xLccy0e3otKEog9QTG-ulNrbPliX2w1R8uWoLWiLx1qWTSsrA0MM4J2YCYxmz2E0kwoIKdgLt5uW2Vm_483skgREF03n2JIXaAGg%26cry%3D1%26dbm_d%3DAKAmf-C5uqtpoK2d9FFLqiPEObL5q4tAqpOnDT3meqDqv8rTVXycskRTx1ESSfltrxsExUH8IEv2vVLjXeYrtPtg1ClyxnDmdp8YhZjFbGtzJ42II-dQ1rxSIP_HPglHobJy-ru7Y7Ani-jRJjPX669Cr1_AMdZinaBRPvLegdMHc7DGoWfF6bbiEIBGB9jCvVOdZHFa6BDQHFuz7H5s1kshKo3cElCd68g2p4ZRgFAfMmEtRKPJnbvfNV5trMaA2OHdxIZnC19ueLmsIfWw5hn1JcRbXVVABMaS2ZPFl23P2r6hIqQ8zQ5Qn4S5eaowEc1UVKSgB2gsWNm2ou6Z-0gYBRickIKH3-F4M6wXxnrPUaGPu_ZWUyl2KRJPIi85PyhYuTn8n1DC0idMyEjtolZxbBZnf3c3f3mrEnYDIX2iloMuGsw8URzfqasQ4fRh65LwctNbdZV4%26adurl%3D
Requested by: Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 0fe51517091f745b1742aba1dbf185bb39b3c3bc8f3a949be38d3232f8f10a5c

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:27:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3887
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 89DE 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24167
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 13:44:39 GMT

GET
H/1.1

200
OK

request.php Show response
hal900025.redintelligence.net/ Frame 35A5
Redirect Chain

https://hal900025.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=e8f9864fed&subid=&uid=75dc0239a6d2cade&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900025.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=e8f9864fed&subid=&uid=75dc0239a6d2cade&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
935 B

256ms
127ms

Script
application/x-javascript

138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=e8f9864fed&subid=&uid=75dc0239a6d2cade&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCS6ZmLK6RYN-cEcuAjuwP97GdKIGI4dRg8oz_uOME8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9B9MHVfUqXpnjjjNnoZnW8MDqoZYy0sDlwbngIOBHrEuaA4gwyWyK0_Dq2mYABmAtYshOcvlNVgmW5dW_R3YIWZOt34LT_-BPmVhlu7H_LJl5D1Wz1XbLB5dZvMuapYopbtMRrFmKEkxm7x-U-e1Jo0qea1_qM4b7wS0btTQirHxhzjuKWvgADNyeNQk-QqSQ-pNNnEJ3iYjqjycqcmPBolvDpTHWzNCwPhNZIXeuWHNZnoAOypuANBn5fAbnaW_oQ9ijnBCN443_QVhXs0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64%26sig%3DAOD64_1eBtwyScE1wzt3euqYkENtt44TYQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AO-gEoZSCWEjkbTco4yUuQoSYLTgUR7tg7LOKf1Zxk9UGf8Qhftqd6lAAagDLhYgaePKI0S-eIC4r0rljd2Fr8R9us72kEUH3i8_9y-qHuF0tbUqhv8M4Yf3kBl_dxmSsff3gkRyRyws4G6Pd-0C2aOPfMfw%26cry%3D1%26dbm_d%3DAKAmf-DQjwyKQhLs21gMV_HLroCLKVYF9YDTIIRRPFKKScO60mTDz-j1eTbp-VPkEmo3FNY1HkuFvYb-7zQ8sZIr2m6kk_lnIqjPeqRAt6P2cs3Jh2tx3xTfN2GzWjpnWSjbzvyxNkbzKuAXoqkHg9r6WHZKMHgFL8Q_C0WY5cs7I4Y70gvP8We1H-hbPEMKGpEYe3g6Cyd_G1fe4MJmqBm2I44c1a5mXobfdHqmRCvyQTjExI_R8aIoZwddr3Pcfruw0ioOh5NZlszBrA9g_xXxbhnZ99bjapcUS003DWnlAykuhivOiaPNZerhfmJDoZoVr_4gLmjOD60Eg1chk3FH8LD4xfy8o0mx7js83OV-7XE5RziQvqcmuYpaPbaoQoVm01Ms5gYc6RHRDo8uiJSFAguHY-vOBtFXom20Z0b3hPeACuwZZYOZFsnXcoIH3NmfrJYjVly0%26adurl%3D&documentReferer=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=3296301867788&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2c4348b83de9447f213e118634b1045b214fecbc47a736a1778d854b1a4c471c

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 23027700257614600044684011584025
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Tue, 04 May 2021 21:27:26 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=e8f9864fed&subid=&uid=75dc0239a6d2cade&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCS6ZmLK6RYN-cEcuAjuwP97GdKIGI4dRg8oz_uOME8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9B9MHVfUqXpnjjjNnoZnW8MDqoZYy0sDlwbngIOBHrEuaA4gwyWyK0_Dq2mYABmAtYshOcvlNVgmW5dW_R3YIWZOt34LT_-BPmVhlu7H_LJl5D1Wz1XbLB5dZvMuapYopbtMRrFmKEkxm7x-U-e1Jo0qea1_qM4b7wS0btTQirHxhzjuKWvgADNyeNQk-QqSQ-pNNnEJ3iYjqjycqcmPBolvDpTHWzNCwPhNZIXeuWHNZnoAOypuANBn5fAbnaW_oQ9ijnBCN443_QVhXs0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64%26sig%3DAOD64_1eBtwyScE1wzt3euqYkENtt44TYQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AO-gEoZSCWEjkbTco4yUuQoSYLTgUR7tg7LOKf1Zxk9UGf8Qhftqd6lAAagDLhYgaePKI0S-eIC4r0rljd2Fr8R9us72kEUH3i8_9y-qHuF0tbUqhv8M4Yf3kBl_dxmSsff3gkRyRyws4G6Pd-0C2aOPfMfw%26cry%3D1%26dbm_d%3DAKAmf-DQjwyKQhLs21gMV_HLroCLKVYF9YDTIIRRPFKKScO60mTDz-j1eTbp-VPkEmo3FNY1HkuFvYb-7zQ8sZIr2m6kk_lnIqjPeqRAt6P2cs3Jh2tx3xTfN2GzWjpnWSjbzvyxNkbzKuAXoqkHg9r6WHZKMHgFL8Q_C0WY5cs7I4Y70gvP8We1H-hbPEMKGpEYe3g6Cyd_G1fe4MJmqBm2I44c1a5mXobfdHqmRCvyQTjExI_R8aIoZwddr3Pcfruw0ioOh5NZlszBrA9g_xXxbhnZ99bjapcUS003DWnlAykuhivOiaPNZerhfmJDoZoVr_4gLmjOD60Eg1chk3FH8LD4xfy8o0mx7js83OV-7XE5RziQvqcmuYpaPbaoQoVm01Ms5gYc6RHRDo8uiJSFAguHY-vOBtFXom20Z0b3hPeACuwZZYOZFsnXcoIH3NmfrJYjVly0%26adurl%3D&documentReferer=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=3296301867788&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 04 May 2021 21:27:26 +0200

GET
H2 200 css
fonts.googleapis.com/ Frame 2E69 720 B
450 B 21ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d4ee68a4b4d3d329089adf12dc360b975f7d6cc57f0a051365f651a4e34643c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 18:36:40 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2E69 728 B
478 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:600&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cf20f3c0544286ae34be1df4d8c19de9d4b9c6041b769bb4448f9a19036febe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 18:38:19 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2E69 728 B
455 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:700&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79f6f04716a94f383afeb39c9e57117db9a9695f327e04a5a6ac4b55e723e0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 20:19:23 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H3-29 200 HYPE-728.thin.min.js Show response
s0.2mdn.net/9753181/1616405701336/ Frame 2E69 55 KB
24 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9753181/1616405701336/HYPE-728.thin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11dd5cdff459a5138767096fadda7834f8d4a1c3e546fa5999e5ad38432aedca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9753181/1616405701336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44434
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24493
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 09:35:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 05 May 2021 08:06:52 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FD8E 22 KB
8 KB 12ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 04 May 2021 13:44:50 GMT
expires: Wed, 04 May 2022 13:44:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24156
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6DBA 42 B
64 B 96ms
91ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWZBCG5nBPNYQZscX7ZvYbX0G4AX-Tksw-1s-AebkZpAn6ruJvH6UD3aFWMlMCvUCK0o85BLxKDJsd1Oa_7hwlm9DXnltUj6ePRQv4E-Q&sig=Cg0ArKJSzP8DyYif2ahPEAE&id=lidar2&mcvt=1032&p=1140,640,1200,1108&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=765604454&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620160045109&dlt=0&rpt=567&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 2 KB
1 KB 136ms
135ms Script
application/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2716&vId=55D6F07AFF74DBF6&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1620160046491&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=TWHDNHFV&h=https%3A%2F%2Fwww.opovo.com.br%2F&t=1620160044731
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: c17ec92396fb925461e5109a0dc7164ceb1d26d39335215118aef70b5f5063af

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F072 12 KB
5 KB 11ms
11ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 20:24:43 GMT
expires: Wed, 04 May 2022 20:24:43 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 163
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F69 14 KB
6 KB 59ms
59ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 9392
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D7C8 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 04 May 2021 13:44:50 GMT
expires: Wed, 04 May 2022 13:44:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24156
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame CA89 720 B
377 B 26ms
22ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616408639469/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d4ee68a4b4d3d329089adf12dc360b975f7d6cc57f0a051365f651a4e34643c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 19:51:20 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame CA89 728 B
382 B 27ms
23ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:600&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616408639469/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cf20f3c0544286ae34be1df4d8c19de9d4b9c6041b769bb4448f9a19036febe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 20:17:49 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame CA89 728 B
382 B 25ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:700&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616408639469/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79f6f04716a94f383afeb39c9e57117db9a9695f327e04a5a6ac4b55e723e0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 20:18:20 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H3-29 200 HYPE-728.thin.min.js Show response
s0.2mdn.net/9753181/1616408639469/ Frame CA89 55 KB
24 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9753181/1616408639469/HYPE-728.thin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616408639469/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11dd5cdff459a5138767096fadda7834f8d4a1c3e546fa5999e5ad38432aedca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9753181/1616408639469/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43729
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24493
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 10:23:59 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 05 May 2021 08:18:37 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2E69 720 B
377 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/HYPE-728.thin.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d4ee68a4b4d3d329089adf12dc360b975f7d6cc57f0a051365f651a4e34643c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 20:10:45 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2E69 728 B
382 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:600&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/HYPE-728.thin.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cf20f3c0544286ae34be1df4d8c19de9d4b9c6041b769bb4448f9a19036febe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 19:24:49 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 2E69 728 B
382 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:700&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/HYPE-728.thin.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79f6f04716a94f383afeb39c9e57117db9a9695f327e04a5a6ac4b55e723e0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 20:19:10 GMT
server: ESF
date: Tue, 04 May 2021 20:27:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 20:27:26 GMT

GET
H3-29 200 outnorth.png
s0.2mdn.net/9753181/1616405701336/ Frame 2E69 4 KB
4 KB 11ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9753181/1616405701336/outnorth.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0fcaed7417c5277e2603cf2c0f5f4a95e77172e74154ec6f7c4c012b5301122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9753181/1616405701336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:49:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 09:35:01 GMT
server: sffe
age: 38251
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4438
x-xss-protection: 0
expires: Wed, 05 May 2021 09:49:55 GMT

GET
H3-29 200 grovelsjo-12.jpg
s0.2mdn.net/9753181/1616405701336/ Frame 2E69 678 KB
679 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9753181/1616405701336/grovelsjo-12.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616405701336/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd46f947a06d7e9bb7f98aadba4d7872b55590b439801a5fd63b94cf4a43cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9753181/1616405701336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:49:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 09:35:01 GMT
server: sffe
age: 38251
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 694667
x-xss-protection: 0
expires: Wed, 05 May 2021 09:49:55 GMT

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 1369 14 KB
6 KB 65ms
58ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 9392
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame 8E4E
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=67abbec313&subid=&uid=88ac87ecd6ff48ce&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=67abbec313&subid=&uid=88ac87ecd6ff48ce&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

255ms
124ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=67abbec313&subid=&uid=88ac87ecd6ff48ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Q7OLK6RYOCcEcuAjuwP97GdKIGI4dRgy8Cx49sE8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9Bjbt5Dw2aOh02GmhtKiCNoC0SteGMG2V3LvEU7HmTactqbsaBijWYGfIwD7N7mLt3YnpzTSW66j1ZROs1xJ-PDi8vZmkYVF1QkMWD0dVHJpDuo8U1jWDQOJarrirMvp8BJeX9sJZ_CzR2xFM_i73VlwahGfnyeDaavhmicS3toc9nHW2bAosfYE7Kz7Vsl02pWNMY0TqZfaiow8exzxaIL8jX7mhgp9lbqZpLrspcOYeSWgk68zXSFB8_axE6xS6lgU4eK8tGkt-PPrPc0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRo5_DLtJGnLXvciSw49Rbknee1XH089ljCZpI-u0R8s-RI6U7zgcUuclGGosstUDwc184wF87tpDdbktM%26sig%3DAOD64_2J23Br0618W7ggxPN4lWiDh1JHdQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AxC94_gowSfBsmYN8YKkbgvRGi9Gq75NZaphoO8js37YIzry10fL5Q87xLccy0e3otKEog9QTG-ulNrbPliX2w1R8uWoLWiLx1qWTSsrA0MM4J2YCYxmz2E0kwoIKdgLt5uW2Vm_483skgREF03n2JIXaAGg%26cry%3D1%26dbm_d%3DAKAmf-C5uqtpoK2d9FFLqiPEObL5q4tAqpOnDT3meqDqv8rTVXycskRTx1ESSfltrxsExUH8IEv2vVLjXeYrtPtg1ClyxnDmdp8YhZjFbGtzJ42II-dQ1rxSIP_HPglHobJy-ru7Y7Ani-jRJjPX669Cr1_AMdZinaBRPvLegdMHc7DGoWfF6bbiEIBGB9jCvVOdZHFa6BDQHFuz7H5s1kshKo3cElCd68g2p4ZRgFAfMmEtRKPJnbvfNV5trMaA2OHdxIZnC19ueLmsIfWw5hn1JcRbXVVABMaS2ZPFl23P2r6hIqQ8zQ5Qn4S5eaowEc1UVKSgB2gsWNm2ou6Z-0gYBRickIKH3-F4M6wXxnrPUaGPu_ZWUyl2KRJPIi85PyhYuTn8n1DC0idMyEjtolZxbBZnf3c3f3mrEnYDIX2iloMuGsw8URzfqasQ4fRh65LwctNbdZV4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=2809781353484&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by: Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 6a36dd87330c190872850107036102d9172ab2b00af99aa25314da688a243e82

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 61096500267530700044682011584017
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Tue, 04 May 2021 21:27:27 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=67abbec313&subid=&uid=88ac87ecd6ff48ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Q7OLK6RYOCcEcuAjuwP97GdKIGI4dRgy8Cx49sE8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9Bjbt5Dw2aOh02GmhtKiCNoC0SteGMG2V3LvEU7HmTactqbsaBijWYGfIwD7N7mLt3YnpzTSW66j1ZROs1xJ-PDi8vZmkYVF1QkMWD0dVHJpDuo8U1jWDQOJarrirMvp8BJeX9sJZ_CzR2xFM_i73VlwahGfnyeDaavhmicS3toc9nHW2bAosfYE7Kz7Vsl02pWNMY0TqZfaiow8exzxaIL8jX7mhgp9lbqZpLrspcOYeSWgk68zXSFB8_axE6xS6lgU4eK8tGkt-PPrPc0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRo5_DLtJGnLXvciSw49Rbknee1XH089ljCZpI-u0R8s-RI6U7zgcUuclGGosstUDwc184wF87tpDdbktM%26sig%3DAOD64_2J23Br0618W7ggxPN4lWiDh1JHdQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AxC94_gowSfBsmYN8YKkbgvRGi9Gq75NZaphoO8js37YIzry10fL5Q87xLccy0e3otKEog9QTG-ulNrbPliX2w1R8uWoLWiLx1qWTSsrA0MM4J2YCYxmz2E0kwoIKdgLt5uW2Vm_483skgREF03n2JIXaAGg%26cry%3D1%26dbm_d%3DAKAmf-C5uqtpoK2d9FFLqiPEObL5q4tAqpOnDT3meqDqv8rTVXycskRTx1ESSfltrxsExUH8IEv2vVLjXeYrtPtg1ClyxnDmdp8YhZjFbGtzJ42II-dQ1rxSIP_HPglHobJy-ru7Y7Ani-jRJjPX669Cr1_AMdZinaBRPvLegdMHc7DGoWfF6bbiEIBGB9jCvVOdZHFa6BDQHFuz7H5s1kshKo3cElCd68g2p4ZRgFAfMmEtRKPJnbvfNV5trMaA2OHdxIZnC19ueLmsIfWw5hn1JcRbXVVABMaS2ZPFl23P2r6hIqQ8zQ5Qn4S5eaowEc1UVKSgB2gsWNm2ou6Z-0gYBRickIKH3-F4M6wXxnrPUaGPu_ZWUyl2KRJPIi85PyhYuTn8n1DC0idMyEjtolZxbBZnf3c3f3mrEnYDIX2iloMuGsw8URzfqasQ4fRh65LwctNbdZV4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=2809781353484&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 04 May 2021 21:27:26 +0200

GET
H3-29 200 outnorth.png
s0.2mdn.net/9753181/1616408639469/ Frame CA89 4 KB
4 KB 10ms
9ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9753181/1616408639469/outnorth.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616408639469/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0fcaed7417c5277e2603cf2c0f5f4a95e77172e74154ec6f7c4c012b5301122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9753181/1616408639469/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 10:23:59 GMT
server: sffe
age: 9409
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4438
x-xss-protection: 0
expires: Wed, 05 May 2021 17:50:37 GMT

GET
H3-29 200 grovelsjo-12.jpg
s0.2mdn.net/9753181/1616408639469/ Frame CA89 678 KB
679 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9753181/1616408639469/grovelsjo-12.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616408639469/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd46f947a06d7e9bb7f98aadba4d7872b55590b439801a5fd63b94cf4a43cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9753181/1616408639469/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 10:23:59 GMT
server: sffe
age: 9409
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 694667
x-xss-protection: 0
expires: Wed, 05 May 2021 17:50:37 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BABE 42 B
64 B 102ms
92ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_6c7fQjfFcaHaVWIuiNafPZc2iS0etIiYK2juNf_6oJNJ_LtpTnIMPGjkiqRjLd8mGKDP1ESNghjVhDHt8pDJ-5m9CS9Y5Pf2XxAUQZE&sig=Cg0ArKJSzHUo3Dj1JUcrEAE&id=lidar2&mcvt=1013&p=1082,720,1142,1020&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20210503&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2321965323&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620160045236&dlt=0&rpt=516&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame FD8E 14 KB
6 KB 64ms
61ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 9392
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 146ms
144ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=55D6F07AFF74DBF6&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1620160046491&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:26 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=55D6F07AFF74DBF6&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1620160046491&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 17:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442589
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 17:30:57 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 264ms
263ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=55D6F07AFF74DBF6&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1620160046491&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:26 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 264ms
264ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2716&vId=55D6F07AFF74DBF6&dads=0&lts=0&nv=1&s=4650&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1620160046491&rs=0&h=https%3A%2F%2Fwww.opovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:26 GMT
content-encoding: gzip
last-modified: Wed, 06 Mar 2019 17:07:49 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 23796

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v9/ Frame 2E69 12 KB
12 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:600&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef8a5f444c988e2c08260642c8257654f5e825e839a9c3d355933d4d12e0345b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 21:36:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:23 GMT
server: sffe
age: 427835
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12300
x-xss-protection: 0
expires: Fri, 29 Apr 2022 21:36:51 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v9/ Frame 2E69 11 KB
12 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:55:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:52 GMT
server: sffe
age: 70311
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11720
x-xss-protection: 0
expires: Wed, 04 May 2022 00:55:35 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 694B 0
23 B 165ms
100ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 89DE 0
23 B 132ms
100ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: opovo.com.br.admin-mcas.ms
URL: https://opovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame D7C8 14 KB
6 KB 63ms
63ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 9392
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame F072 14 KB
6 KB 59ms
58ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 9393
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 7942 793 B
816 B 146ms
146ms Script
text/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/bg_home_noticias&eolid=5637487867&eci=138342517027&ct=%7B%7D&w=1750&h=720&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 3c47d5916487ca8418430c08fadabf279f52eb9dd771d4a2b8a4a8d1ed656b72

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 6C59 726 B
765 B 272ms
134ms Script
text/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=null&eci=null&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 7f9473162ab474ab4b3a3ebf16b0c985a713e006bf2693a5a3efdcec80fe32f9

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 6EE0 736 B
779 B 402ms
142ms Script
text/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5683055452&eci=138348381137&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: dcce89ebb6380f186ede02a33ba846b9e33da86cd7a55d8e3e02c09331088f17

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 51DB 736 B
779 B 396ms
136ms Script
text/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 72c2b84424cf08a672b5ebb8a1aa2958aaa86e26cebf74e6b933ee8df684c413

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 4A15 727 B
767 B 388ms
136ms Script
text/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 70f9dd3398ae47c4a8aa91ae9405e0190099984b28f35115da7d2d0e70450a97

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 770F 791 B
813 B 392ms
134ms Script
text/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374947&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: fb3a144594ce9a01b985e7fd8fe8331a86675fef8fca75a2032121604dd9d164

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 3EA2 727 B
767 B 389ms
135ms Script
text/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: dc9c127f48bb67af3a8bbe1344f02e911c0d3f665c90a4aa73bfcea8f98dfa00

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK adunitMapping Show response
webservices.webspectator.com/ Frame 5D7A 727 B
768 B 391ms
135ms Script
text/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 590ec95ca64876fc843f5cced8e05e5c5d42c72da01c2fe586dc78128950457b

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 20:27:27 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 659ms
134ms Script
text/javascript 34.234.140.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=657b9080-162c-f410-649b-6b0e0e4185c4&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.140.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-140-75.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 May 2021 20:27:27 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame BF9C 3 KB
2 KB 190ms
63ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=23027700257614600044684011584025&a=ed584d6d
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=0k1uvb5ne9s9&nw=20&renderingType=javascript&namespace=e8f9864fed&subid=&uid=75dc0239a6d2cade&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCS6ZmLK6RYN-cEcuAjuwP97GdKIGI4dRg8oz_uOME8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9B9MHVfUqXpnjjjNnoZnW8MDqoZYy0sDlwbngIOBHrEuaA4gwyWyK0_Dq2mYABmAtYshOcvlNVgmW5dW_R3YIWZOt34LT_-BPmVhlu7H_LJl5D1Wz1XbLB5dZvMuapYopbtMRrFmKEkxm7x-U-e1Jo0qea1_qM4b7wS0btTQirHxhzjuKWvgADNyeNQk-QqSQ-pNNnEJ3iYjqjycqcmPBolvDpTHWzNCwPhNZIXeuWHNZnoAOypuANBn5fAbnaW_oQ9ijnBCN443_QVhXs0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoAtIhvYhfKpflNVBDJN72c3q3JkapnAU6xzyylm1g54OV4D7g4Y0g_4PsN5wqzw2-jo4ezgkMzXgcN64%26sig%3DAOD64_1eBtwyScE1wzt3euqYkENtt44TYQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AO-gEoZSCWEjkbTco4yUuQoSYLTgUR7tg7LOKf1Zxk9UGf8Qhftqd6lAAagDLhYgaePKI0S-eIC4r0rljd2Fr8R9us72kEUH3i8_9y-qHuF0tbUqhv8M4Yf3kBl_dxmSsff3gkRyRyws4G6Pd-0C2aOPfMfw%26cry%3D1%26dbm_d%3DAKAmf-DQjwyKQhLs21gMV_HLroCLKVYF9YDTIIRRPFKKScO60mTDz-j1eTbp-VPkEmo3FNY1HkuFvYb-7zQ8sZIr2m6kk_lnIqjPeqRAt6P2cs3Jh2tx3xTfN2GzWjpnWSjbzvyxNkbzKuAXoqkHg9r6WHZKMHgFL8Q_C0WY5cs7I4Y70gvP8We1H-hbPEMKGpEYe3g6Cyd_G1fe4MJmqBm2I44c1a5mXobfdHqmRCvyQTjExI_R8aIoZwddr3Pcfruw0ioOh5NZlszBrA9g_xXxbhnZ99bjapcUS003DWnlAykuhivOiaPNZerhfmJDoZoVr_4gLmjOD60Eg1chk3FH8LD4xfy8o0mx7js83OV-7XE5RziQvqcmuYpaPbaoQoVm01Ms5gYc6RHRDo8uiJSFAguHY-vOBtFXom20Z0b3hPeACuwZZYOZFsnXcoIH3NmfrJYjVly0%26adurl%3D&documentReferer=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Ff494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.opovo.com.br&random=3296301867788&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e763e0e7853e169ba83dc2a612965d5b44a04780dd7c75f7eeb703e2dab76329

Request headers

Host: hal900025.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=f93d58e41209dfbf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

Date: Tue, 04 May 2021 20:27:27 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 04 May 2021 21:27:27 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1333
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 35A5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f752d2586a49f61a7618b6811b16eb9e1a17e8842de27281f972c5c031ca1a99

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame AACB 6 KB
2 KB 187ms
62ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=61096500267530700044682011584017&a=14329fb3
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=kpiwv0qvkluh&nw=20&renderingType=javascript&namespace=67abbec313&subid=&uid=88ac87ecd6ff48ce&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x18&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Q7OLK6RYOCcEcuAjuwP97GdKIGI4dRgy8Cx49sE8C4QASDc1_siYPGt_IWkH8gBCakCcoF8swwotD6oAwGqBM8BT9Bjbt5Dw2aOh02GmhtKiCNoC0SteGMG2V3LvEU7HmTactqbsaBijWYGfIwD7N7mLt3YnpzTSW66j1ZROs1xJ-PDi8vZmkYVF1QkMWD0dVHJpDuo8U1jWDQOJarrirMvp8BJeX9sJZ_CzR2xFM_i73VlwahGfnyeDaavhmicS3toc9nHW2bAosfYE7Kz7Vsl02pWNMY0TqZfaiow8exzxaIL8jX7mhgp9lbqZpLrspcOYeSWgk68zXSFB8_axE6xS6lgU4eK8tGkt-PPrPc0wASCpeGza-AEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbATkeWyCtATANgTA4gUAdgUAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRo5_DLtJGnLXvciSw49Rbknee1XH089ljCZpI-u0R8s-RI6U7zgcUuclGGosstUDwc184wF87tpDdbktM%26sig%3DAOD64_2J23Br0618W7ggxPN4lWiDh1JHdQ%26client%3Dca-pub-5377500294710407%26dbm_c%3DAKAmf-AxC94_gowSfBsmYN8YKkbgvRGi9Gq75NZaphoO8js37YIzry10fL5Q87xLccy0e3otKEog9QTG-ulNrbPliX2w1R8uWoLWiLx1qWTSsrA0MM4J2YCYxmz2E0kwoIKdgLt5uW2Vm_483skgREF03n2JIXaAGg%26cry%3D1%26dbm_d%3DAKAmf-C5uqtpoK2d9FFLqiPEObL5q4tAqpOnDT3meqDqv8rTVXycskRTx1ESSfltrxsExUH8IEv2vVLjXeYrtPtg1ClyxnDmdp8YhZjFbGtzJ42II-dQ1rxSIP_HPglHobJy-ru7Y7Ani-jRJjPX669Cr1_AMdZinaBRPvLegdMHc7DGoWfF6bbiEIBGB9jCvVOdZHFa6BDQHFuz7H5s1kshKo3cElCd68g2p4ZRgFAfMmEtRKPJnbvfNV5trMaA2OHdxIZnC19ueLmsIfWw5hn1JcRbXVVABMaS2ZPFl23P2r6hIqQ8zQ5Qn4S5eaowEc1UVKSgB2gsWNm2ou6Z-0gYBRickIKH3-F4M6wXxnrPUaGPu_ZWUyl2KRJPIi85PyhYuTn8n1DC0idMyEjtolZxbBZnf3c3f3mrEnYDIX2iloMuGsw8URzfqasQ4fRh65LwctNbdZV4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.opovo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.opovo.com.br&random=2809781353484&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c7b331031ae60f91fdbafe2633e61bf201bfa9076c8cba19746f81eb2c3ae17c

Request headers

Host: hal900017.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=f93d58e41209dfbf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/

Response headers

Date: Tue, 04 May 2021 20:27:27 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 04 May 2021 21:27:27 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2122
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8E4E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eccc7f77deef1fc5780c094ebe2ff6566d36af99bddd5086848ff957b11708d9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 5D7A 21 KB
9 KB 142ms
141ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/29&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 7942 21 KB
9 KB 149ms
149ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/bg_home_noticias&eolid=5637487867&eci=138342517027&ct=%7B%7D&w=1750&h=720&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 6C59 21 KB
9 KB 235ms
235ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/20&eolid=null&eci=null&ct=%7B%7D&w=970&h=90&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 6EE0 21 KB
9 KB 235ms
234ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/24&eolid=5683055452&eci=138348381137&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 51DB 21 KB
9 KB 253ms
253ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/28&eolid=5395992609&eci=138337188415&ct=%7B%7D&w=300&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 4A15 21 KB
9 KB 336ms
336ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/2124&eolid=null&eci=null&ct=%7B%7D&w=300&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 770F 21 KB
9 KB 229ms
228ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/banner_bottom_desktop&eolid=5675760410&eci=138347374947&ct=%7B%7D&w=468&h=60&wsRotSlot=&isda=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 3EA2 21 KB
9 KB 170ms
140ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/adunitMapping?appId=2716&eaup=/10216148/billboard_home&eolid=null&eci=null&ct=%7B%7D&w=970&h=250&wsRotSlot=&isda=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:28 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F69 0
56 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTFoRLa6RYLfTH96T7_UPnPSdsAkAAAAAOAHgBAI&bg=!0NOl05fNAAYXzPaOF8w7ACkAdvg8Wg99Faf7b0QTYmE3dT_-8iccotHT6rkC9HTBwj1UysVa8-SL6wIAAAODUgAAAGJoAQcKAEQ6d-p0yeQMIM4ylwjnYbUlv1GqloNiZmkh_Nd6RJ_co_RLoPfP5jxdknEwhFdLitDatx3hyj7x6nBO1aERvjG1dyRkOJkC1n1FWcEQRxJTXgdX2Lz1vFaxTPpNfaTcDrxmwVgJFF0c3c_9TY9RAfbc_Lf80QTFMP0IFJ6s6aa-YX75XtoN3kZJ7O1bMKVajAle_HJSVhLL3ObsF7a7DBfNo7B32etOl713jtpkjQvI3qNEDV3yeKuXWl-RhCo-gZkeBr7XEOt6e8jDCjwRmPjHphrJzfEhkWObZWFrwAqMJJ4bLVXKxd3k3jhnFMHVz73TBoGyAUg1ML86brweaEFA_bm38QqlOJoIcAsr8iPqEjVFNb15FUx5D1G2hYjgkz5heyfWtD0kpkQXQknwcrFHd01HWwEfv6gUtxpDEB3BE9h1T6YX0Bv9uUHL9KqgkYMhINEccM8Hqb82lvw3jXqqVzz9BfQzeJzu9wSrAGc4rnUAur-PE2FOkmNFF5TMiA-0l-gh5yzCj1YwN1_GSXQiMQyn3eiFLSQ9Zaf2QI9Ub6PE1ncJfE1-uOBDtDbRtKqc-TxF3PiMNFKgnoe0wS5ZN0-bw3gD49uP6ruTZ7aXTSlAoX1oO0JEcTP4OkSE7gTaclGrVWQqVk0nQU_t6tjPYpRxD4qdDT4IYOAA6f0O_KOe34qdNpeFHF8eVe61v_1hopg-XyNaO4djQ2inHByldsufTZjE2YPD9xXdf1i0tCrr0wecO8FmVFtCCiDo_trTDtI2QCSDMXwbYcciqlCj4cQi6-lCw8wX0tXnlxH24GTLAcAZzwYj7_mAUarv86B9KDik9JxrsxJnGxxlphWsMm_k1XoRdQs2VbA6BUbkK9zIrqoZINye0tvJippJ8rxUbEofaKFBA4bBZM60ES9oN89m6Hf254EhQI-muAmy8t_Ly_95vfHb1rAd2gfX_z6Ev5LHOV2QjEI72bp21la9fepdn6av76T1iyKeyM0AFZ7kBR4yQG7oJtph9Y-tRUW0XTvDAPlKLXTXOUfbZPRojs7RgAfQCJ8pwFfoxQ

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame AACB 89 KB
32 KB 59ms
4ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=61096500267530700044682011584017&a=14329fb3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46760
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 May 2022 07:28:07 GMT

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(2).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame AACB 52 KB
52 KB 319ms
85ms Image
image/jpeg 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/300x250_OMAC_2016_Launch%20(2).jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=61096500267530700044682011584017&a=14329fb3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: aa31782ed405b9ccd6346df847c07d2472e32b07c2708b6d0e40af4f5d34964f

Request headers

Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:27:28 GMT
Last-Modified: Tue, 16 Feb 2016 10:14:55 GMT
Server: nginx
ETag: "56c2f69f-d006"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 53254

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame BF9C 41 KB
41 KB 263ms
84ms Image
image/jpeg 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/728x90_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=23027700257614600044684011584025&a=ed584d6d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 7cbedaf4d01c2b49cf1eab36979755222f1525f7424ff2b03a98b83830301288

Request headers

Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:27:28 GMT
Last-Modified: Tue, 16 Feb 2016 11:45:27 GMT
Server: nginx
ETag: "56c30bd7-a476"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 42102

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame BF9C 0
150 B 188ms
63ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=23027700257614600044684011584025&a=d8671078&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=23027700257614600044684011584025&a=ed584d6d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900025.redintelligence.net/request_content.php?s=23027700257614600044684011584025&a=ed584d6d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:27:28 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame BF9C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD8E 0
20 B 93ms
92ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuOlCLa6RYNCOHuyLjuwPkuyBiAYAAAAAOAHgBAI&bg=!NDelN3PNAAYXzPaOF8w7ACkAdvg8Wqmi6ZE9KN2TWo5iDssVeCQOLwzAoLiX_rIc0sF7UNBPdtKbQQIAAAOYUgAAAHBoAQeZAo0E-mAV7_6JmAHXeAj0svtoATsRZXJTu5cy4IzK1PCcfOFzN5VwrgncDufL0PVr6QuMp8l77qhNEGwUK0WWuGIFPDKmJTZT9z2LBbUNExG5lXjJN1VWiVk66IWgJvXWGCgadv-ZbmIoYCeY162v-_hA19Ui03lIIAcSFLrDHNBgguggbw1ujM3lJI93SAGjZKleN2LRkP7jdwwOl_-ps__1zlTHf8Fo4EQ8W1VRw4GP_Wb0Z2H181zOPdAeHFuWFT11KjTvpcSEaBfsX_CJ0zfXJcVkXNvFGsubjCgF0eiu-94nuBdQK5vxm9ZBRTRV0mqjxAiYhFZvsVfMxNhdxGXiK_IVdgMMRS0IY11ZE7Qt7BmEn8Leglt7Hdfsm5wbTB5Ki2E_UPpqGc4mTxoEiCHIB0ATpGSLrt2K56hrmtZeoA32swp9xc8WBHAi1zT55_-op8M8dlaNaprDhFVWnIFotkl1omg4Qn8MWOeHS4bQZxCdHXHGlG4WHVcojoldvrl84U2SviGj6NsSEPCWB75vfqhc4uPfsbXjw1X69d59BT7wB_0FCzQ7PpawqwcQUlNfVlhe2yQGAUDZ2ZklXPw_AmC2xaynKUMdFvXiChXPC_4zHxCKWEH65rX4Lk1NUpSi7ZV_1EiybLJi9Ba2cFtie-zmYbnWQJx2IxAn2mQhGzDcDQ8ouDeHuQ37vM4CjlfclSQPQP9henirNmNGjk-BweEClMlBqSh9ox09m6M01Le5TK8fUQsuOLv6JELLbU3MfqKgBHUfw52IhdSYDgANkLBGPN97nerhCbbALAlarTwxU4y1wgy9sCwUyi4pucSOJFyZyAU0czw5L6Cxf1jWn_MdeUt_Y6xb6qvu3g

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame AACB 0
150 B 187ms
63ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=61096500267530700044682011584017&a=0ecc56e3&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=61096500267530700044682011584017&a=14329fb3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900017.redintelligence.net/request_content.php?s=61096500267530700044682011584017&a=14329fb3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 20:27:28 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame AACB 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1369 0
20 B 95ms
95ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8cyXLa6RYMjlNamtlQfgzqi4CwAAAAA4AeAEAg&bg=!aWqlai7NAAYXzPaOF8w7ACkAdvg8WjQWw5hUH5stCVhDYYlqa-Zw-Pmy7as1KVh81BhhklWMdYCTugIAAAOxUgAAAL5oAQcKAAuNV3y9-Fxh1_jvDJkCou-lt5Yv8938WZ_jaDxsvHSAPGtnSbI5PucM9_JL99BoHOIo1uu2K_iV8HniaYygMSnfoTWbuGpcKDJoSEsF1kAFFzPdp3rzcWSrMlG1TSaujC7_IZUwkjNuFyjMIG652Qtk756lv1RWo-gSZq7u_7wtGKDG_iZgahArwvnR9oU47fL8-VXQNwP5lTmtEF9jcrqSE6N7Qpz0J7CwnNhvcpVod_REuqo9gNe8oKzxiMFdcj1CjIq-FPvkhUPk-PiJYzHe8YEQEHz3DX-jENUgrJcPL1hKL6WgWhOzuwsUluTRZZJwJ5BTb_uomlcVKuZTz2EVAZc_MGay7rlkV63spk5mWeePdD0Jwc0o1Qg-8zgSQtfwD2y03FsE6p69P8kJGDSUD0Z2Hln1wq07SzwWsC_weZvQqFWgmAmcwepoLm6HJ479r_8JZXMbBw4xmX7V7gvm87aLRaESaYwC7-SkX6ABNb206hkHEMIfIDLdLP-3A3OF16WZVkB4oEbldk1ddmuJnqo624X0kKgzu2jRRgmU-rmKpA62lafaroZFM-aE6OfpAOgVrYJr0lsL3xna2p04hVHcsGLJQKaZN7dqZL7dNVXex3TapFloMoev44_SrRPZECxT-dumoy17JRZHU1YnCrJbaSluh9AEHGjB-YHnXMvAupjHOnY16OaBvw28H504VxFooh-1dpjWdjlUpUqpjq-6Bc_QS1IGD2BiaY0S4lTLaENxLiLQ60maDC0-i4G93HqQQ1xMy-AdxV5NJgkHMzZqe_EmazWuDNCZMTZuUQj0CPEkHVJq_-r5UyqW3GvqV8WNbtvl1TfYgejWkRlQhVOBtX2e1Pi8_NctHijQHJy5_ZJ90tbMpdX8PjOmSM9qZLfleS2i7FbT_rlH2VDS

Requested by

Host: f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
URL: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame EABD 80 KB
26 KB 59ms
26ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/517466/4406976690/1606854627803/prebid4.17.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:28 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 May 2021 20:27:28 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EABD 0
20 B 100ms
94ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=4347522184659892&bg=!GBulG1_NAAYXzPaOF8w7ACkAdvg8WkcM495XvuQnei8ZC_eSw_g0CXkA1UTmNGZsjSc0cRN_d_W3eAIAAAJqUgAAADRoAQcKAJDSufFrKkBTUPueAmhsJUhTdpRM6ZZBhKKDivbL1aqBD36J1NaWfl4Sa25WsEq576v1LWUfHRKtu99NfK4uKuDSFi463zJExG2oHwtm-rsZC-2_Df0z0TtbyaBDk6IRyhRcejOs3mI58BpUCqH7qr7tjpd2OcllRex3131WTPkEJkQrrbW4fUxqv72Cst9i-r6ZAliil2Xx1dkFvN2EAGXckVjH8C9uQqy28i67ZG9U7_1uAsCeyw8ijeHTPVe5bNppURRbo8fxGF-OMjk3zqg6UkrfOOQ0o34E5owJlc8sHAvRSP6HHli40dWz5ejjooovOViMuGMlSEZxXzNntSsSdT3E-hEsOZqeBc72DdGjKqxd1lVLIspGl0coFmlxCMyDgMU626QBjulVia6imQe_C076KSErHt8uNz_889ga57QANIfiPL9TVZLM8LtVYMicIPXch2DNpcMyUGEzX6_IS9o6puUW0DORsRAB88Hrkd5G4mguzhzyFrY0B3gF3x1QAtUUs_S-kLyUsg48Nrl41dYFsi4gdjeb6EGAfaedXqmV-_4rxXhHxAIWDil_ZU2579_UjxjKO6E78wDi0hZRu8xpEXx6HLYY0q6w3ExADQ0EZD_y-EWWmJuR1V7IOW8YDWLLGE8d-clXma9ViVXvaPYL12fnQrbNjCy5Q8vZBXf3bLyQnr1kh0DPbL5bTs7ANIHSrncf5cDeTgikApvOQOdUTcIkG45XRmib2rtMDl8kjRB-VF3iuiTeVXQvr-L4mjwzyRww_2VCMJz78NE88yziFRn1ZEl7ax9Vo_E_tR8jAePe5p8BemGxdXqwIb2KdemeizfUdmXEshzHayx6W4giq2FskOUgzlE5cyFPHUCr8RuIfE5S6Bi_N7R7dSM5EX77VXJQwcwYrTD5Ch9YkOm81FkqPBHEUGSqmBkz59Sje_d-R8dBs5XOb40HSSUpiK44d0vRw9BeNLRCJflXAqSGUvvRJRY9R6I

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7C8 0
20 B 99ms
96ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlWrLLa6RYO2hOb6LjuwPpty_uAIAAAAAOAHgBAI&bg=!ODulO3_NAAYXzPaOF8w7ACkAdvg8Wkvou8HSmTEzcXuKjxICTY1N6M9nAYINI44bCBudp5R5wLuKiwIAAAL3UgAAACFoAQeZAqO-SRPD5tBW8j9ERcsx19PjGIU8FClBZDZSKnUoLxOtaZrRYlOcjjgmCiGJugLzEbF1ndAdErZqmzoCK9shoyVOQlORg6At7tIGP3kXM0wq1WO6am4K44w0a3-R9ccmpILwDTaThQbqJU-VRfFXhs2w4ZM1ICMUTXPfZfbsRi4uAiTa4D62jiFJKMoV7XQIcbGWbFHomRnd54r-SEyL-HtBD-PIT5I2e-GBpWHopHrZFh3mrrI5ZA7RqUFtPk_OG8lwMe0Y3o8-uPYXZ4h9rGi44XvXKM5m1KybhGNj8HxZbiiIqTpxc_0FKBShRYxWpHwoj4eHBByqoNXBskoJeABC1T1DEv00KdgOHDF0_A2lfQpYdv6bRo3LWunB3PfnT1IN_-KrCqpORoTjzYU0_wARnvCvU5V5VFx-LnHN7eBOPusQ02qoIr50gUKdi567I3-wbHahIkJug0XBeKuFHKlVO1B0Sk9gqqE6V5RJ8PEMC5dxe9R0VdJJVgn3KXkIXZbf4mkgiUO1bupjezlCtC3cbPXrpyMQ2t0_jEuaUvkUFPEdBMmlfP2VAv9ukz6nZ6MFCOLfSdNYrY1RNp99W7ueabHf5SrfgdU18z3Ga3HwEu1F6Nf_qZ2nkgw5MM18mX6fBns7PiasxUhOdJ50CfWyEQIZfuH3CigCielRj9axgX2ZeVh05lyScRTZBMAT7LqlQbWMY-d2dDyYkDmliW4m-xl7D2fBcXmHXz10dh8rG0D9OtFM-WfIj_TRmOg7HWnXrTy7fMfy7GxJXXmkqtls_zgpQp3mP5E-skXL-xE_Mi4DgOG31gTceIEYy4_gBI8yRcxigPMD_gamjJsfF5bu4hxw2Mq3YeApX8Tmz3XsTWWPBNTwWULOnO4L0oHuwuZoU7A

Requested by

Host: www.opovo.com.br
URL: https://www.opovo.com.br/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame EABD 80 KB
26 KB 49ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:28 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 May 2021 20:27:28 GMT

GET
DATA 200
OK truncated
/ Frame 89DE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81aa782e60e2bad7582594628879af2e35ed49f734c34a723c16cfb90b8b3913

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 grovelsjo-12.jpg
s0.2mdn.net/9753181/1616408639469/ Frame CA89 678 KB
679 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9753181/1616408639469/grovelsjo-12.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616408639469/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd46f947a06d7e9bb7f98aadba4d7872b55590b439801a5fd63b94cf4a43cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9753181/1616408639469/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 10:23:59 GMT
server: sffe
age: 9411
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 694667
x-xss-protection: 0
expires: Wed, 05 May 2021 17:50:37 GMT

GET
H2 200 outnorth.png
s0.2mdn.net/9753181/1616408639469/ Frame CA89 4 KB
4 KB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9753181/1616408639469/outnorth.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9753181/1616408639469/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0fcaed7417c5277e2603cf2c0f5f4a95e77172e74154ec6f7c4c012b5301122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9753181/1616408639469/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 10:23:59 GMT
server: sffe
age: 9411
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4438
x-xss-protection: 0
expires: Wed, 05 May 2021 17:50:37 GMT

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 65 KB
16 KB 41ms
38ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1681692
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15507
cf-request-id: 09daa984b700004ddc6901f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-10424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Y6Cj4%2Fq4ZLuVk1%2FkFjbp6WSbpz9cuGxY4EIQe9cLE0Xarhgf65j1I8wDSYBYcQsVOCqQ0JK55YkZl4UzogpW%2BBqnOGEqBN7KlTgYoDcoGJovP%2FcDT9WuuZjvkhlBK7WxQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64a4784deb354ddc-FRA
expires: Sun, 24 Apr 2022 20:27:28 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
662 B 285ms
169ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o3wvj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.opovo.com.br%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 04 May 2021 20:27:28 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 19a1273518563e2e2555e22f5f5746d241297f3cbd9c3cca9ef347148ea7ec14
x-transaction: b60945a48e4ad69d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 72ms
70ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c5d9e24e244f55adfc535436b00180996f9c26d9b3d623426c8914d6eb107d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 20:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
594 B 478ms
163ms XHR
text/html 35.223.116.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

6f7c1406c09fc3effd780ee21f71b063c82465ac4d17b9037c70484b1a0094a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 May 2021 20:27:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.opovo.com.br
access-control-max-age: 1728000
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 438A 0
150 B 46ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.opovo.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.opovo.com.br
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1453
date: Tue, 04 May 2021 20:27:27 GMT
content-length: 0

GET
H2 200 _adview_.ad.json Show response
cdn.webspectator.com/ad/banner/_adsense_/_adserver/ 0
165 B 199ms
176ms Script
application/octet-stream 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webspectator.com/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=79295117
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:28 GMT
last-modified: Tue, 11 Oct 2016 11:19:36 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-length: 0
x-cache-status: MISS
content-type: application/octet-stream

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 04 May 2021 20:27:28 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 827E 12 KB
5 KB 11ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.opovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.opovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 20:24:43 GMT
expires: Wed, 04 May 2022 20:24:43 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 165
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 827E 14 KB
6 KB 60ms
59ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 17:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 9394
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 17:50:54 GMT

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 192 KB
54 KB 65ms
63ms Script
application/javascript 143.204.101.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c760f7c8b1df0176ab56978462904ed5be65ce92e656d07ce8b9405d1fc73972

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rL6mLTlIdhAYlrT3Eo5bYDkD.2hTAkSB
content-encoding: gzip
last-modified: Thu, 25 Mar 2021 11:22:57 GMT
server: AmazonS3
age: 52327
etag: "916a0e617e98df82a5dcec6d97601520"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date: Tue, 04 May 2021 05:55:21 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 54836
x-amz-cf-id: _I1Dv1tVMZ7aNRH9varUdjfzTe0QCo31f1Keh_bcGMIwEg67yj-EBw==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 10 KB
4 KB 64ms
63ms Script
application/javascript 143.204.101.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.168 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-168.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f540d433a251ec9e77bd82b69332402f7066de4a30eb669cc994533d2bc968c

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iGCdVNXh8OADIElSgnaZ1aMl0Ytd3ZsV
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 13:16:44 GMT
server: AmazonS3
age: 63465
etag: "5aff0fd316645aa816c25636aa98fd7b"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date: Tue, 04 May 2021 02:49:43 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3902
x-amz-cf-id: jSwvzwrU0aHvWGqDPAKrKp0td908SOrazz4oR6v6i1JTdOl3hzL6bQ==

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
79 B 474ms
154ms XHR
application/json 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://popups.rdstation.com.br/popup/show.json?account_id=86280&uniq=_62eetvp7f&ref=aHR0cHM6Ly93d3cub3Bvdm8uY29tLmJyLw%3D%3D
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 May 2021 20:27:29 GMT
content-length: 13
content-type: application/json

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=2384100502353646&bg=!paalpuLNAAYXzPaOF8w7ACkAdvg8Wp_TP_J5KGlO63HDASavB8VRQdnCQSfdtF8cZ9MuO2G_D-AwuAIAAAIqUgAAACRoAQcKAFA75IafwWchTRtQzvCNVdh5ZxD4uHYyIapIB_MvQD1xwwccG1QJK2P3uMFDL4A08BwWPsVKW-pm_ippHLrxkpRgrLGojAYTn6UbnoUR6euFaJkCTDVougbdV1HHn07JyFNj4OwbCV44Kzt_t51Hc4yE7gRYFjijQtYFo63P1Qw8A_05WJlDhakqwexu5AKG1nH4nOl4RxSrhbW_GED57B8qqh__NXw4pYCcwEIGKzQQuQ0Co0FzGwaAWivenPJfEBEVrKfRNA9ixxWN2WfKuZI5w7Z6GsB5QUvRTVOW83LPY6m7rsdEvwOCDpzsfrV5cWp9LjCi7WvK2kKi5ecprO3z0yYSSBhrkPubzYcKYWCSo8rxcgIQp5YPT7TYpHN_s4G7dNqsIZTAU3DzXyoz6QvWnvmhX2ky4GqLDBC43iOcAIE6vE1uOFZaLhlP8n5QF22k5iKluiSHkRfj1wHFlh1jo1VMePD21HDcymbF1METaBhioX1L9gPSfI9YoffVyQZeBFfo3KRpWVK7g9URZnn_KLpMiHPw99RtFWblWY_UWol8SK3GHr52u3vTmvAw8iBZjX7ZAot4pEyVjbw6p_AkPYm5UkcfkCA7eIlShsPEdgzg_RbJW62rDP13XWpqT3C8ph6Bg2sDt_yIH8nksGHU7PnU-aD6gUxKj7M7bkhNx5ON8n6n2eAOwranAI7WojkGnQ1ziHEdJYBx2Ig1nCJz5YSBFkA2PszG2oAV_XRr-vKMAfyejoTUHcLu8x3hjE8jixf0RntxAZIqrYZAdUltqcWVDjjlZaxhak_rEhExwqt9hW9tQFZQHyMxlLYazamYSrX9fHEE5RHymQBtNceNab2oaj0SLT3ja5Yqx9WVyVmNQnkp19HmYVaXRaLwBA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 89DE 42 B
64 B 116ms
93ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgRkbFSlvxV7s5A6Pqn2EPvMX2ejp4pKGoc87dpdhu2SFKK1PB8jmwu9mFVfNC0pQvAyGmWkVhSAsMKeMMP8DUb3NHZfrh0EEax9v6bkdHW2ma46RWUmeU8wRfFQ&sai=AMfl-YRPPTbGXdfmbudhuXDbj4DNdcc96GQqBqSVhzkFFCe5XCKEFJ47wXJd2YhfulFukUvBFHyg9yUFFCDQDGoBpwIEsm8ZKam8fiui-DdjmtHX428UGfJL3vPE3J-ae9sW&sig=Cg0ArKJSzKY_5s5pztF6EAE&cid=CAASPeRool6uZgJ6GB1xXXqTfRen-WfxOrLzF7OYTvfvR1JYLGFE5RUDZ2LlpeXuHwJGSSyJdDGwlTxhD18fWas&id=lidar2&mcvt=1000&p=195,436,285,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210503&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2678070680&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1620160045236&dlt=72&rpt=1171&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1646577030&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.opovo.com.br%2F&dr=https%3A%2F%2Fopovo.com.br.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=O%20POVO%20-%20Not%C3%ADcias%20sobre%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20e%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RD%20Forms&ea=Viewed&el=escolha-de-newsletter-5b7e7a60e997e46fe455&_u=aDhAAUADQAAAAC~&jid=208804563&gjid=1816744861&cid=621751297.1620160044&tid=UA-23310373-1&_gid=1093161599.1620160044&_r=1&gtm=2ou4l3&z=377470843

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=208804563&gjid=1816744861&_gid=1093161599.1620160044&_u=aDhAAUADQAAAAC~&z=1714252299

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 20:27:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.opovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=208804563&_u=aDhAAUADQAAAAC~&z=469725731

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23310373-1&cid=621751297.1620160044&jid=208804563&_u=aDhAAUADQAAAAC~&z=469725731

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.opovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 20:27:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.opovo.com.br/	1970-01-19 18:02:41	Name: ___ws_d_st Value: {}

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js(Line 6) Message: GPT synchronous rendering is no longer supported, ads will be requested and rendered asynchronously. See https://support.google.com/admanager/answer/9212594 for more details.
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:24 PM) version 1.6.4
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:24 PM) loading dep https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
console-api	log	URL: https://api.nobeta.com.br/nobetaads&id=opovo.inter(Line 3) Message: %cnobeta%c formats alert,preparagraph color: darkslategray; background-color: sandybrown; padding:1px 3px; border-radius: 3px; margin-right: 7px
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js(Line 1) Message: LeadTracking initialized
console-api	log	URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/f9c73be5-0123-4f19-af72-12d80ac2c46b-loader.js(Line 1) Message: TrafficSourceCookie initialized
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:26 PM) UOLTEGeoLoc callback EU,SE,,Estocolmo Estocolmo undefined
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:26 PM) script loaded successfully: https://geoip.canais.uol.com/index.jsonp?callback=UOLTEGeoLoc
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:26 PM) loading config file
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:26 PM) config updated: [object Object]
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:26 PM) ticker is inactive
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:26 PM) destroying websocket connection
console-api	log	URL: https://c.jsuol.com.br/assets/?loadComponent=media&contentType=js&tpl=assets/dist/libs/election-2020-ticker.min(Line 1) Message: [ticker] (10:27:26 PM) script loaded successfully: https://noticias.uol.com.br/eleicoes/2020/apuracao/service/index.html?loadComponent=projects/election-2020/election-2020-config&data={"jsonp":true,"config":"ticker"}
console-api	log	URL: https://www.opovo.com.br/(Line 2185) Message: banner visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2180) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2180) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2185) Message: banner visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2180) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2180) Message: banner não visivel
console-api	log	URL: https://www.opovo.com.br/(Line 2257) Message: Service worker registered. https://www.opovo.com.br/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
adservice.google.se
ajax.googleapis.com
analytics.twitter.com
api.nobeta.com.br
bidder.criteo.com
c.jsuol.com.br
cdn.contentspread.net
cdn.webspectator.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d3221622c000ddcd4c9fb19d7c973b30.safeframe.googlesyndication.com
d335luupugsy2.cloudfront.net
dsum-sec.casalemedia.com
f494fad843a02e89e66aab6434a0c735.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.rdstation.com.br
geoip.canais.uol.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900017.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
mcasproxy.azureedge.net
msgws.webspectator.com
noticias.uol.com.br
opovo.com.br
opovo.com.br.admin-mcas.ms
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
partners.tremorhub.com
pixel.quantserve.com
popups.rdstation.com.br
prebid-us.creativecdn.com
rules.quantcount.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.ads-twitter.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
t.co
tag.navdmp.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
webservices.webspectator.com
wfpscripts.webspectator.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.opovo.com.br
104.108.145.8
104.111.242.245
104.244.42.131
104.244.42.5
138.201.84.245
142.250.184.226
142.250.185.226
143.204.101.168
159.69.70.9
178.250.2.131
18.156.0.31
185.184.10.30
185.33.221.91
185.94.180.125
199.232.136.157
216.58.212.130
2600:1f18:612b:4232:4acf:609e:729c:ab1e
2600:9000:2104:6000:6:44e3:f8c0:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:3033::6815:3a6d
2606:4700::6810:135e
2606:4700::6810:bf3
2606:4700::6811:2118
2606:4700::6811:4edd
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7000
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9b
2a00:1450:400d:805::2002
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:64::210:6bb9
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.207.18.4
34.234.140.75
34.68.90.188
34.98.64.218
35.223.116.65
35.244.156.216
46.4.10.49
51.105.164.234
52.1.252.251
65.9.84.122
65.9.84.2
65.9.84.29
65.9.84.55
65.9.84.76
85.114.131.235
001346a0cd2b9501b83366c2e6e4d8585bdb8c0772055e3db244dc74d4448da5
017ee2612ecc9b8246c951158c0982c263679899b0bb803a101d06e5be06151d
020d5dd9987017d323dd6ed1048e55ea089209f930fc9a70299b8f61c0d95a5f
043f2ffa258f7e930bcb6f5dba61677e89dd83a9c6836dabc287f552c45baf9c
045690db8e321a4eb96141a42ee05d50c6eece02eedb967faf9bff7eb860c84c
062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
090e68adead733e6c4f72552fe5d5808ea5ae87d937ed40de5a3ad72284ae1b6
094f185cfcb993d51c2047ca1ba82e1b4609fac9cdec41a4c464c55e5c4bef1f
09f0fa32fa39db3e3da2eea89bf806be0b147366343a0934e30f164a12431b43
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bba4ee8766e7683a421df6e1c097c303b940d05b3f8139a01bc0ec910d9b6c8
0c6f5ba88cad1d6fef6754b17eff1abfb532089184774d12678b8ce6dccb04f1
0c97bbefa216e0bc391d8c386a457a9b8a52d3b53d1d01ed1ef832d0fd783fdf
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
0e4e106820d4d62a906002b0389ccd25a162b86249fac7256593642aa06307ff
0e6a8af98d6fbff175f0a9521f1f9c92a045df3040dff49955b8a7ab6705806b
0fab1be6082e6740df9de7635b96d4e93c66fb8fcdc9f86072dcd29c6159be1d
0fe51517091f745b1742aba1dbf185bb39b3c3bc8f3a949be38d3232f8f10a5c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1181bc4629fe96c81623741b9bfaa4813ba4db7fdc12ebd5437d24cc439598e4
11cf5c1245d3c47555619c67ceb9ae543a7e8c56346e007147e1671652abbedc
11dd5cdff459a5138767096fadda7834f8d4a1c3e546fa5999e5ad38432aedca
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15273ff1ac56f84eebc440688d39df383582d67ab9970a5ee5f2ed3ecdff2ba8
1559d9575a72adfcfc59341c161bfcadec337ef414d579e4a79df33f9d56fe6d
16b3fdf7132afb85d663fd4bc49a66d6b864a8f6dbfe8e861908b6395207979e
19c6350cc772c351bbeef48b5faddfb34239ea9942ffb9567e35a7dd64001303
19cda84ef9215322d69273d9a1c9517917bca938bc07ba1657a361931971c9c0
1b2fc79536c8ab2f98419ead1cc323c8945371c6e5019ed79f593e877d48a8ab
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1cbe8a6f452d3d2a87f60e32668acdaab4e62e50b2ee0b8050d3b3828775f61f
1d4ee68a4b4d3d329089adf12dc360b975f7d6cc57f0a051365f651a4e34643c
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
1f540d433a251ec9e77bd82b69332402f7066de4a30eb669cc994533d2bc968c
20d3f4d2480c0520be654d8cc29cbe5f6475fb522211dbb298c2004fe385984d
2149613208556f6f8c68edd6411f18d47c53ffa8b7d37c9416e69116267d370f
23addc956464503578d051fa820a2c4529f2291dca055b2d62b054bb81cf8f88
23b467b97fc5f6271bea83281b6f5dd4ed72e1f8a8679336d930ec2959a95554
24ca58bf23e819a415daa325aa0e3a6ad83bc86395468c9ca0c240ecacf2cbc6
2617cd603385d1c218a0a5cb81235ad62f0767f1ca2b787e044c5ea051e53559
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
2b7ac24fc14f0e3646d4c3e1cecfdf596cf3dbae1e5fcdc43239a1b69585bbe7
2c4348b83de9447f213e118634b1045b214fecbc47a736a1778d854b1a4c471c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cf87790d07c1b36bb25481e7c323b0ef900c177a28c378df4c4654c2f23fcd1
2d6ff70d2b7dbbf999cd7817983d70b7a40bb33d63d3b663beb2e4386d4acbd1
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861
3188467cd2367f474f460d4a823ec1be3a7175332e0f416c905c84eb14fa482a
3260ada7a202c54ba790f33e3252c611357eab584bec55f788a13a4e9d861e5b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34eeca9f4684cc45070f687e682404e66467171acc225308f1bd3ed5cf37ebc5
3853e858d44301b269aea92dc651738b88c7f6aa92e27a733719e782e4c75ebc
3c47d5916487ca8418430c08fadabf279f52eb9dd771d4a2b8a4a8d1ed656b72
3e6603549555580b680f86b03c2ab7b601f933688409c412990b230f200008dc
40ab42fd2738b6f7e360ecbcf60ed7c532d75e944e85a009a3397f4d7a67c10f
42d24326a718e1ea3bd6a9d2ca5df039d4fe6d90549c1e27465ded9e4c034225
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
43a07afa251885987480611f7a5f76c48949eb6556122ccffc2c6de6cb558707
45a70c9799daf3ef74ecf4e75565d09ca038a83e37eced0ab40ed441248f40e0
47b4692dfccb38aa3b791b809c6475ccf144079687c9d9569849b93af6d03c89
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48bdf24a94f8daa37d2cc129bc26fe47bdc38da895153cef75738f3fe1645d24
48eca44b7d480b8ea047f020f2f08763b3e4bbfab06fabf96f0e9f241a75f0a9
4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb956b256627041467af9a9c76a1eba8e7b0f65e256476f5eb4743fcf440c6f
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
4f3e883baafd0aa9d5f7e1ba2b49d6a9c458e2085bc0575d00a31d5bde3e5ac5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5092fd4595f5c04ee04b0de12551fb7b2abe63d2be41a6719d96435ec7a4b3b7
519b64efdeaa973ab35bfa1aa18b46aa729018adb9d73c34abe01132615bbc15
51b77a62cd128b1059cb179149e3b32e9deb8614976b82d0945abb35c7bbbe3b
52ecb1bb746a09526edf118c79dd612045a3e411317ec429a3ad440475f79101
54f93e9c10e60babfaaa671b990efaf804977c25a6de037d725376a240126d3d
55c357602ca06d0f50246880e2594b175c3ac470110ed13ea8336e149d78e2de
590ec95ca64876fc843f5cced8e05e5c5d42c72da01c2fe586dc78128950457b
594daf03c1101103eddb292d1d583d676128ce34437974d935d36cd13105b2be
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5b4653897fa212130fb903edef7589c0e0e8fd2e7b89140eca46359c1110bf2d
5b7e6ee51f395018bd02c4fa3914ce146476b44a0c7282d1c5b972fbff6b8664
5ba7fd787c02199e104993472f1cb118b9c77d4db60f3b85149d941d496dc2f8
6308a57e5137704a836cdcc22cc398962b9a333cb0a418598add0b734e06e990
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
64063451d9f2be927f36c0ac1db95fa0a78fc7be797df91f307af2e0e6b73560
6466818a1505783b420e86b900c218c00a212144c68c5fd9461effd2a3b0673a
65b1fd78cfa055a7f7b25c07898997a81110404dc960717d826831e685c5b11e
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
67f308c82c94beab0f19774ad46800bf75374459d800718fc2684c3fedd5a639
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69de99231158e36ac4ce5d52a93af7a1574a4f79a8fd79b0d21b49d85105c3a6
6a36dd87330c190872850107036102d9172ab2b00af99aa25314da688a243e82
6b44de504fe9504ea2636b637f8fb3f2be8d29674c427654bdf78bceff624435
6c33bea5185265807c9def724621a20117aec28c4b1ab1543197513ffd55de9d
6d6a6a7549df79275ef415ba50f979f9b2da8663e174a62a0e4030022ba9acad
6dd8c3796600c28cb55f80e3b365e818144fc506624f1825538091e7eab9f15a
6f3ed2e08a43cbdaa2c32f0dca58bf95277a89e2b857399ad11d4e0fb656673b
6f7c1406c09fc3effd780ee21f71b063c82465ac4d17b9037c70484b1a0094a6
70d6de04465b55f810d13b8838bb50b046b3532a78fb2018e56a3af4c7e18128
70f9dd3398ae47c4a8aa91ae9405e0190099984b28f35115da7d2d0e70450a97
72c2b84424cf08a672b5ebb8a1aa2958aaa86e26cebf74e6b933ee8df684c413
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7323a82847be2df6a9510ec0ddcedebeb02b019f5ee092cd2da501ee094ad02c
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
79e7384be3ec1e42038e5e414d62684acee8a12c0be98fd8b4ccb480d20c9435
79f6f04716a94f383afeb39c9e57117db9a9695f327e04a5a6ac4b55e723e0ea
7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4
7bd822e612a9671c3105c5aeffccbc836004b4fb2b1fb703471de1cf8dfa3973
7bdb6f8aa5a7bc7d329c8ef830a1ed2c19194e59d91b3316192aae5ffbc4cfe5
7bfc998b6b2333e071601dbff62e890651f439e66179d3eb000241eefb17d85c
7cbedaf4d01c2b49cf1eab36979755222f1525f7424ff2b03a98b83830301288
7cc27093a7206bc10971963a8ce40453a4f0c6a01754559009c6f00cb3498d65
7e1d05b67320d633e28903abf74d8d6d447bb482ca6cf25e8b75c011bba11191
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
7f93768f6e5531992ba21ccabbf9375cfc131d4451665b412f2e9012dbe1115e
7f9473162ab474ab4b3a3ebf16b0c985a713e006bf2693a5a3efdcec80fe32f9
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
818ec7e02e904eab6a9638557e17c3df7a981788dea3378baec71818df4aaf66
81aa782e60e2bad7582594628879af2e35ed49f734c34a723c16cfb90b8b3913
82e7822c35cdcf0e2ac5552f0ca767aed13b2cbf54d914ad8233c6b524ea85af
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
886928690dcd92c0dbaa7701f4c716b7beb498f5ac77250553ee9403ca75c0c4
88865e7ddaf27e6a197673760e1da312c5525f54af05cdcd9fa04bd07fa71c71
8938c6b87446f08d0a7f530f2ea3ac840374ca40d79166f6ecaadfa9b9db407b
8a376f672c12525ddb21faadbf8f4b31422c99bd44b16c723d018b7ff7e2a5dd
8a45590a3bf9f39d72dd53301f9897396f2dfb19dc1d38f0beabc965c8351a2b
8a8f27d5f642fbfe0360dd006fe85893f660355b21fa662e47a9a5e690f0bce2
8ad95a7635353e2271798c38c48ab7ba5f3bbe53a9aa61e68e4e455a84eda5d8
8cf20f3c0544286ae34be1df4d8c19de9d4b9c6041b769bb4448f9a19036febe
8dc0da2080534039ae130a1bfcac8c29791cbcabd611b5e29cd5618f92c8fe78
8e8afe0ceac8fec9857dd9b4bfa736e167bd6a158862b1eefb3a2fbe0492dcc3
8ec8bb1d17ac0d8da1cf6a6ec112cd74daa86a27325b559a2618b9f1bacfe451
9021a3d1e48ff6683217c8c1d222dccf91ee177843e70db78061c57aa8408c3c
9197f7576ef57637c5e474669fd48214472afadac777b047225ce6ca48cf41cf
9298f88a525ce9829ebe9ba4cf4692da2f12b278579999aa9453ed570b02b4a0
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9710b6abe21b465b8ad441e4c535956222a7cdac36eb5ad5e578a9359194eac8
99434f8dfcf70714ea945af372182735fa0c5b1a996655355376ff3048aea4a2
996db5a112646e1427d82cb9abcd70d9d4820cf82e9de4611fb8e237709d22f9
99845a574dcc7fe42bf20c7d56c184d88b670151171fd9690e41757cba01559c
9a14b08d44f5bca7a8950fd62dca97fabc5d6306f53e248dff4c73dc78e5db3e
9b41b48a3d15971ea519172e34c9119773e1ae2cd958aedd72ae3562a3a2c62d
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a6709016dd2b93604284c2125b0b3859f14235bec1b914a07a21f0f810dddaca
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a846d9c8e2e6e645f238561d9bec1094fb203dac7201f4849202234f3c50824b
aa31782ed405b9ccd6346df847c07d2472e32b07c2708b6d0e40af4f5d34964f
ab5e3a344f6d98adc4f2566635a0de434c08f82df18ef380e51c52cf08a76607
ab888b64ffc504de0179c5c7a67fb7bd0c1780d15b465eca6cc432e069e1e065
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b008731a86ba82dd977825f31b0ba566fd3c693897d3928690cc2582a6f9063b
b03b44c6b400fac519d88ade3058e23c041edcff0494789275a4afb79f717e06
b0fcaed7417c5277e2603cf2c0f5f4a95e77172e74154ec6f7c4c012b5301122
b14108e25edfa81b17888975728e2d284650900547552a3b445b3d216976a327
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23234f60101e00490626137119a280eff24a365649ed87e2784488414a65d79
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b30b276b2c01bd32dc2eba0f2d7d4674d851b39b9d17815331b6ff8161c492c3
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
ba9e839ebca59800c075c4a55aa5798a17b648d63ed4072de13e51eb9db8773b
baefce76538503c697baa4e1191e3ee5ee64bdf92b3bef430d38ac9fb8527815
bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af
bbe9772d95cbe28e814b4e2106f9d42eb1e711d209707c73d36fe754465b7387
bdaa38f52441bf7af0793fbf059e5598ffd9d18fa264b14bd55f6b3655fcc958
c17ec92396fb925461e5109a0dc7164ceb1d26d39335215118aef70b5f5063af
c5c79417597f19e8c61077c67b342996c23773a1f5ae63f0959b47869d897280
c5d9e24e244f55adfc535436b00180996f9c26d9b3d623426c8914d6eb107d15
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6f58395f1404bd66a6685d12bf19baf7d6f340ad331b3388f5bf6f0cc463db7
c6fd22715803d3e6eed2486837762e6fbdc4c7a87c6ed75cedd6e35086fd56e1
c760f7c8b1df0176ab56978462904ed5be65ce92e656d07ce8b9405d1fc73972
c7b331031ae60f91fdbafe2633e61bf201bfa9076c8cba19746f81eb2c3ae17c
c8901e462804778db4e9952298130ed7b17536b4c0908216694e92e84fdc60ec
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb7ef62603ce68e806e9f3f9fd2312c388263059871b9d0e690231ebf4256e07
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d129798f1e77c6685a9b94691eba0cdd873e028de5f13a318f764a9e40a1e17c
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d26c7719adb0dd2bfd9ab1228a6176b4e005bf39278c17b5c1c4b62eabef9068
d28b697617a0670c1bda2328ad4c4b5f3754790b5e57f0f913dd50f99329b9ca
d48f5f637187fe83bff6165783efb3dac15cb3d10ba166d92f37312dba9a4ad7
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d74e57a16f307dccbaa3dd0bfcd61d6228c5683e9728266379672b2611f3ac6c
d874b1e5d02ed7b8b8656a221d7c8b34c10206c7b9274faabc9b2c7c05be0fa4
da75782088c6151f0613ac58eefe9fd277c642f12f54adc29f75af75f51c37fd
dc9c127f48bb67af3a8bbe1344f02e911c0d3f665c90a4aa73bfcea8f98dfa00
dcce89ebb6380f186ede02a33ba846b9e33da86cd7a55d8e3e02c09331088f17
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e18441c7811abba1194a8130a3ec786d24b4a9d8ae6e8486147e47856b5ca0d1
e2121d2e43da18179a9a66cd77212546662297925068bf7004095d1c3ca7d659
e25ce31806de1eee3a851d1bc47e269def862c12fc7a6150f08c579f86f71014
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43467ea5d461a0509fc8b4f4fc544fc0fe66d4caaa9004b830a2c589466601a
e555478d721db554d486dc7c2ae2d3f4add3ab554cc81edb702d7f797da132d1
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e763e0e7853e169ba83dc2a612965d5b44a04780dd7c75f7eeb703e2dab76329
e85c70b5ea5fbeaef353f560aef187cf27ae5be19b9f8c6008365c958fe27b18
e933a26d81575ba47b5ccc4ef4111b35c5c5954feb7a99848d8d6d0aaa0b12af
eccc7f77deef1fc5780c094ebe2ff6566d36af99bddd5086848ff957b11708d9
ed78b01a625c033cbf227def15cf08c316d252892c7436253a0533d8069da8d9
ee0ed58b2ab0774651fd0e8c308f69fc0ae0be985f49d154797eb8ce0b92e25a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
ef8a5f444c988e2c08260642c8257654f5e825e839a9c3d355933d4d12e0345b
f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9
f0f8832a07c6d150b1e679d807e16734655e3dd45483b601b99fe5fdca25d22b
f20026aa84c648fe8d0c406c01f503a37037ed007a4f63279abdd27fb8e69614
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f515242f33c722e909591d1d4619a584d94d5d2ba2793274a7283acc669a8a7c
f752d2586a49f61a7618b6811b16eb9e1a17e8842de27281f972c5c031ca1a99
fb3a144594ce9a01b985e7fd8fe8331a86675fef8fca75a2032121604dd9d164
fb78178efb17880986453d866dc2c7ff441b2b2426665937e77f2ae214f44713
fcd46f947a06d7e9bb7f98aadba4d7872b55590b439801a5fd63b94cf4a43cdd
ffd3ebc4f4b8632daa70fcabfc113a813769ba38e0dce48763b9c6fed713c4b8

www.opovo.com.br Open in urlscan Pro 2606:4700:3033::6815:3a6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

346 Requests

100 %HTTPS

54 %IPv6

46 Domains

70 Subdomains

68 IPs

8 Countries

5192 kBTransfer

9507 kBSize

1 Cookies

105 Outgoing links

Page URL History

Redirected requests

346 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.opovo.com.br Open in urlscan Pro
2606:4700:3033::6815:3a6d Public Scan

Screenshot
Live screenshot

Full Image

346
Requests

100 %
HTTPS

54 %
IPv6

46
Domains

70
Subdomains

68
IPs

8
Countries

5192 kB
Transfer

9507 kB
Size

1
Cookies

346 HTTP transactions
11 data transactions